Vulnerability-Lookup

CVE-2024-24789 (GCVE-0-2024-24789)

Vulnerability from cvelistv5 – Published: 2024-06-05 15:13 – Updated: 2025-02-13 17:40

Title

Mishandling of corrupt central directory record in archive/zip

Summary

The archive/zip package's handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be exploited to create an zip file with contents that vary depending on the implementation reading the file. The archive/zip package now rejects files containing these errors.

Severity

5.3 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

SSVC

Exploitation: poc Automatable: no Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

CWE-390 - Detection of Error Condition Without Action

Assigner

References

7 references

URL	Tags
https://go.dev/cl/585397
https://go.dev/issue/66869
https://groups.google.com/g/golang-announce/c/Xbx…
https://pkg.go.dev/vuln/GO-2024-2888
http://www.openwall.com/lists/oss-security/2024/06/04/1
https://lists.fedoraproject.org/archives/list/pac…
https://security.netapp.com/advisory/ntap-2025013…

Impacted products

2 products

Vendor	Product	Version
Go standard library	archive/zip	Affected: 0 , < 1.21.11 (semver) Affected: 1.22.0-0 , < 1.22.4 (semver)
golang	go	Affected: 0 , < 1.21.11 (semver) Affected: 1.22.0 , < 1.22.4 (semver) cpe:2.3:a:golang:go::::::::

Credits

Yufan You (@ouuan)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "go",
            "vendor": "golang",
            "versions": [
              {
                "lessThan": "1.21.11",
                "status": "affected",
                "version": "0",
                "versionType": "semver"
              },
              {
                "lessThan": "1.22.4",
                "status": "affected",
                "version": "1.22.0",
                "versionType": "semver"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "LOW",
              "baseScore": 5.3,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "LOW",
              "integrityImpact": "LOW",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-24789",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-06T15:26:12.977985Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-13T16:20:49.160Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-01-31T15:02:43.918Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://go.dev/cl/585397"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://go.dev/issue/66869"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://pkg.go.dev/vuln/GO-2024-2888"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/06/04/1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/"
          },
          {
            "url": "https://security.netapp.com/advisory/ntap-20250131-0008/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://pkg.go.dev",
          "defaultStatus": "unaffected",
          "packageName": "archive/zip",
          "product": "archive/zip",
          "programRoutines": [
            {
              "name": "findSignatureInBlock"
            },
            {
              "name": "NewReader"
            },
            {
              "name": "OpenReader"
            }
          ],
          "vendor": "Go standard library",
          "versions": [
            {
              "lessThan": "1.21.11",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThan": "1.22.4",
              "status": "affected",
              "version": "1.22.0-0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Yufan You (@ouuan)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The archive/zip package\u0027s handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be exploited to create an zip file with contents that vary depending on the implementation reading the file. The archive/zip package now rejects files containing these errors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "CWE-390: Detection of Error Condition Without Action",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-06-19T03:05:53.965Z",
        "orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
        "shortName": "Go"
      },
      "references": [
        {
          "url": "https://go.dev/cl/585397"
        },
        {
          "url": "https://go.dev/issue/66869"
        },
        {
          "url": "https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ"
        },
        {
          "url": "https://pkg.go.dev/vuln/GO-2024-2888"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2024/06/04/1"
        },
        {
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/"
        }
      ],
      "title": "Mishandling of corrupt central directory record in archive/zip"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
    "assignerShortName": "Go",
    "cveId": "CVE-2024-24789",
    "datePublished": "2024-06-05T15:13:51.938Z",
    "dateReserved": "2024-01-30T16:05:14.758Z",
    "dateUpdated": "2025-02-13T17:40:27.816Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2024-24789",
      "date": "2026-06-29",
      "epss": "0.00446",
      "percentile": "0.35662"
    },
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"1.21.11\", \"matchCriteriaId\": \"7A191F39-17BE-4051-A445-E60525659377\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"1.22.0\", \"versionEndExcluding\": \"1.22.4\", \"matchCriteriaId\": \"4B85AD31-1004-48F3-9A80-7CF48CD0CEA7\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The archive/zip package\u0027s handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be exploited to create an zip file with contents that vary depending on the implementation reading the file. The archive/zip package now rejects files containing these errors.\"}, {\"lang\": \"es\", \"value\": \"El manejo que hace el paquete archive/zip de ciertos tipos de archivos zip no v\\u00e1lidos difiere del comportamiento de la mayor\\u00eda de las implementaciones zip. Esta desalineaci\\u00f3n podr\\u00eda aprovecharse para crear un archivo zip con contenidos que var\\u00edan seg\\u00fan la implementaci\\u00f3n que lea el archivo. El paquete archive/zip ahora rechaza los archivos que contienen estos errores.\"}]",
      "id": "CVE-2024-24789",
      "lastModified": "2024-11-21T08:59:42.597",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N\", \"baseScore\": 5.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 3.6}, {\"source\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L\", \"baseScore\": 5.3, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"LOW\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 3.4}]}",
      "published": "2024-06-05T16:15:10.470",
      "references": "[{\"url\": \"http://www.openwall.com/lists/oss-security/2024/06/04/1\", \"source\": \"security@golang.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://go.dev/cl/585397\", \"source\": \"security@golang.org\", \"tags\": [\"Patch\"]}, {\"url\": \"https://go.dev/issue/66869\", \"source\": \"security@golang.org\", \"tags\": [\"Issue Tracking\", \"Patch\"]}, {\"url\": \"https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ\", \"source\": \"security@golang.org\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/\", \"source\": \"security@golang.org\"}, {\"url\": \"https://pkg.go.dev/vuln/GO-2024-2888\", \"source\": \"security@golang.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/06/04/1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"https://go.dev/cl/585397\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"https://go.dev/issue/66869\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Patch\"]}, {\"url\": \"https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://pkg.go.dev/vuln/GO-2024-2888\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
      "sourceIdentifier": "security@golang.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-24789\",\"sourceIdentifier\":\"security@golang.org\",\"published\":\"2024-06-05T16:15:10.470\",\"lastModified\":\"2026-06-17T07:14:51.923\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The archive/zip package\u0027s handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be exploited to create an zip file with contents that vary depending on the implementation reading the file. The archive/zip package now rejects files containing these errors.\"},{\"lang\":\"es\",\"value\":\"El manejo que hace el paquete archive/zip de ciertos tipos de archivos zip no v\u00e1lidos difiere del comportamiento de la mayor\u00eda de las implementaciones zip. Esta desalineaci\u00f3n podr\u00eda aprovecharse para crear un archivo zip con contenidos que var\u00edan seg\u00fan la implementaci\u00f3n que lea el archivo. El paquete archive/zip ahora rechaza los archivos que contienen estos errores.\"}],\"affected\":[{\"source\":\"security@golang.org\",\"affectedData\":[{\"vendor\":\"Go standard library\",\"product\":\"archive/zip\",\"defaultStatus\":\"unaffected\",\"collectionURL\":\"https://pkg.go.dev\",\"packageName\":\"archive/zip\",\"programRoutines\":[{\"name\":\"findSignatureInBlock\"},{\"name\":\"NewReader\"},{\"name\":\"OpenReader\"}],\"versions\":[{\"version\":\"0\",\"lessThan\":\"1.21.11\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"1.22.0-0\",\"lessThan\":\"1.22.4\",\"versionType\":\"semver\",\"status\":\"affected\"}]}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"affectedData\":[{\"vendor\":\"golang\",\"product\":\"go\",\"defaultStatus\":\"unknown\",\"cpes\":[\"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\"],\"versions\":[{\"version\":\"0\",\"lessThan\":\"1.21.11\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"1.22.0\",\"lessThan\":\"1.22.4\",\"versionType\":\"semver\",\"status\":\"affected\"}]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":1.8,\"impactScore\":3.4}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2024-06-06T15:26:12.977985Z\",\"id\":\"CVE-2024-24789\",\"options\":[{\"exploitation\":\"poc\"},{\"automatable\":\"no\"},{\"technicalImpact\":\"partial\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.21.11\",\"matchCriteriaId\":\"7A191F39-17BE-4051-A445-E60525659377\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.22.0\",\"versionEndExcluding\":\"1.22.4\",\"matchCriteriaId\":\"4B85AD31-1004-48F3-9A80-7CF48CD0CEA7\"}]}]}],\"references\":[{\"url\":\"http://www.openwall.com/lists/oss-security/2024/06/04/1\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://go.dev/cl/585397\",\"source\":\"security@golang.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://go.dev/issue/66869\",\"source\":\"security@golang.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ\",\"source\":\"security@golang.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/\",\"source\":\"security@golang.org\"},{\"url\":\"https://pkg.go.dev/vuln/GO-2024-2888\",\"source\":\"security@golang.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/06/04/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"https://go.dev/cl/585397\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://go.dev/issue/66869\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://pkg.go.dev/vuln/GO-2024-2888\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20250131-0008/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://go.dev/cl/585397\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://go.dev/issue/66869\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://pkg.go.dev/vuln/GO-2024-2888\", \"tags\": [\"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/06/04/1\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20250131-0008/\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-01-31T15:02:43.918Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.3, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"LOW\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-24789\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-06-06T15:26:12.977985Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\"], \"vendor\": \"golang\", \"product\": \"go\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"1.21.11\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"1.22.0\", \"lessThan\": \"1.22.4\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-06-06T15:33:22.625Z\"}}], \"cna\": {\"title\": \"Mishandling of corrupt central directory record in archive/zip\", \"credits\": [{\"lang\": \"en\", \"value\": \"Yufan You (@ouuan)\"}], \"affected\": [{\"vendor\": \"Go standard library\", \"product\": \"archive/zip\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"1.21.11\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"1.22.0-0\", \"lessThan\": \"1.22.4\", \"versionType\": \"semver\"}], \"packageName\": \"archive/zip\", \"collectionURL\": \"https://pkg.go.dev\", \"defaultStatus\": \"unaffected\", \"programRoutines\": [{\"name\": \"findSignatureInBlock\"}, {\"name\": \"NewReader\"}, {\"name\": \"OpenReader\"}]}], \"references\": [{\"url\": \"https://go.dev/cl/585397\"}, {\"url\": \"https://go.dev/issue/66869\"}, {\"url\": \"https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ\"}, {\"url\": \"https://pkg.go.dev/vuln/GO-2024-2888\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/06/04/1\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"The archive/zip package\u0027s handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be exploited to create an zip file with contents that vary depending on the implementation reading the file. The archive/zip package now rejects files containing these errors.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"CWE-390: Detection of Error Condition Without Action\"}]}], \"providerMetadata\": {\"orgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"shortName\": \"Go\", \"dateUpdated\": \"2024-06-19T03:05:53.965Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-24789\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-02-13T17:40:27.816Z\", \"dateReserved\": \"2024-01-30T16:05:14.758Z\", \"assignerOrgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"datePublished\": \"2024-06-05T15:13:51.938Z\", \"assignerShortName\": \"Go\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

RHSA-2025:15847

Vulnerability from csaf_redhat - Published: 2025-09-15 16:27 - Updated: 2026-06-28 12:58

Summary

Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.23.0 Release.

Severity

Important

Notes

Topic: Red Hat OpenShift Dev Spaces 3.23.0 has been released.

Details: Red Hat OpenShift Dev Spaces provides a cloud developer workspace server and a browser-based IDE built for teams and organizations. Dev Spaces runs in OpenShift and is well-suited for container-based development. The 3.23 release is based on Eclipse Che 7.107 and uses the DevWorkspace engine to provide support for workspaces based on devfile v2.1 and v2.2. Users still using the v1 standard should migrate as soon as possible. https://devfile.io/docs/2.2.0/migrating-to-devfile-v2 Dev Spaces supports OpenShift EUS releases v4.14 and higher. Users are expected to update to supported OpenShift releases in order to continue to get Dev Spaces updates. https://access.redhat.com/support/policy/updates/openshift#crw

Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

CVE-2024-10005

A vulnerability was found in HashiCorp Consul. Due to a lack of path normalization, URL paths in L7 traffic intentions can be exploited to bypass permissions defined in the intentions.

8.1 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64	—	Vendor Fix fix Workaround

Known not affected 50 products

Product	Version	Remediation
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le	—	Workaround

Threats

Impact Low

CVE-2024-10006

A flaw was found in HashiCorp Consul and Consul Enterprise. The server response does not explicitly set a Content-Type HTTP header, allowing user-provided inputs to be misinterpreted and can lead to reflected cross-site scripting (XSS).

8.3 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L

CWE-644 - Improper Neutralization of HTTP Headers for Scripting Syntax

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64	—	Vendor Fix fix Workaround

Known not affected 50 products

Product	Version	Remediation
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le	—	Workaround

Threats

Impact Important

CVE-2024-22189

A flaw was found in quic-go. This issue may allow an attacker to trigger a denial of service by sending a large number of NEW_CONNECTION_ID frames that retire old connection IDs. The receiver is supposed to respond to each retirement frame with a RETIRE_CONNECTION_ID frame, but the attacker can prevent the receiver from sending out the vast majority of these RETIRE_CONNECTION_ID frames by selectively acknowledging received packets and collapsing the peers congestion window and by manipulating the peer's RTT estimate.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64	—	Vendor Fix fix
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x	—	Vendor Fix fix
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le	—	Vendor Fix fix
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64	—	Vendor Fix fix

Known not affected 50 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le		—

Threats

Impact Moderate

CVE-2024-24789

A flaw was found in Golang. The ZIP implementation of the Go language archive/zip library behaves differently than the rest of the ZIP file format implementations. When handling ZIP files with a corrupted central directory record, the library skips over the invalid record and processes the next valid one. This flaw allows a malicious user to access hidden information or files inside maliciously crafted ZIP files.

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

CWE-20 - Improper Input Validation

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64	—	Vendor Fix fix
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x	—	Vendor Fix fix
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le	—	Vendor Fix fix
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64	—	Vendor Fix fix

Known not affected 50 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le		—

Threats

Impact Moderate

CVE-2024-28869

An improper handling of exceptional conditions vulnerability was found in Traefik. In affected versions, sending a GET request to any Traefik endpoint with the "Content-length" request header results in an indefinite hang with the default configuration, resulting in a denial of service.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-755 - Improper Handling of Exceptional Conditions

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64	—	Vendor Fix fix
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x	—	Vendor Fix fix
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le	—	Vendor Fix fix
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64	—	Vendor Fix fix

Known not affected 50 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le		—

Threats

Impact Moderate

CVE-2024-39321

An authorization bypass vulnerability was found in Traefik. This flaw allows bypassing IP allow-lists via HTTP/3 early data requests in QUIC 0-RTT handshakes sent with spoofed IP addresses.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE-639 - Authorization Bypass Through User-Controlled Key

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64	—	Vendor Fix fix Workaround

Known not affected 50 products

Product	Version	Remediation
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le	—	Workaround

Threats

Impact Moderate

CVE-2024-45338

A flaw was found in golang.org/x/net/html. This flaw allows an attacker to craft input to the parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This issue can cause a denial of service.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64	—	Vendor Fix fix
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64	—	Vendor Fix fix
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x	—	Vendor Fix fix
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le	—	Vendor Fix fix

Known not affected 50 products

Product	Identifier	Version	Remediation
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x		—
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le		—

Threats

Impact Important

CVE-2025-9287

An improper input validation vulnerability was found in the cipher-base npm package. Missing input type checks in the polyfill of the Node.js `createHash` function result in invalid value calculations, hanging and rewinding the hash state, including turning a tagged hash into an untagged hash, for malicious JSON-stringifyable inputs.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:L

CWE-20 - Improper Input Validation

Affected products

Fixed 12 products

Product	Version	Remediation
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x	—	Vendor Fix fix Workaround

Known not affected 42 products

Product	Version	Remediation
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le	—	Workaround

Threats

Impact Important

CVE-2025-9288

A vulnerability was found in sha.js, where the hashing implementation does not perform sufficient input type validation. The .update() function accepts arbitrary objects, including those with crafted length properties, which can alter the internal state machine of the hashing process. This flaw may result in unexpected behavior such as rewinding the hash state, producing inconsistent digest outputs, or entering invalid processing loops. The issue was introduced due to the reliance on JavaScript object coercion rules rather than enforcing strict buffer or string inputs.

7.7 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H

CWE-20 - Improper Input Validation

Affected products

Fixed 12 products

Product	Version	Remediation
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x	—	Vendor Fix fix Workaround

Known not affected 42 products

Product	Version	Remediation
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le	—	Workaround

Threats

Impact Important

CVE-2025-48385

A bundled uri handling flaw was found in Git. When cloning a repository, Git knows to optionally fetch a bundle advertised by the remote server, which allows the server side to offload parts of the clone to a CDN. The Git client does not perform sufficient validation of the advertised bundles, which allows the remote side to perform protocol injection.

8.3 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L

CWE-88 - Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le	—	Vendor Fix fix Workaround

Known not affected 50 products

Product	Version	Remediation
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le	—	Workaround

Threats

Impact Important

CVE-2025-48387

A flaw was found in tar-fs. This vulnerability allows files to be written outside the intended extraction directory via specially crafted tar archives. The issue arises from insufficient path validation during tarball extraction, potentially enabling path traversal attacks that can overwrite arbitrary files on the system.

7.3 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le	—	Vendor Fix fix Workaround

Known not affected 50 products

Product	Version	Remediation
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le	—	Workaround

Threats

Impact Important

CVE-2025-52999

A nested data handling flaw was found in Jackson Core. When parsing particularly deeply nested data structures, a StackoverflowError can occur.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-121 - Stack-based Buffer Overflow

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x	—	Vendor Fix fix Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le	—	Vendor Fix fix Workaround

Known not affected 50 products

Product	Version	Remediation
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x	—	Workaround
Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le	—	Workaround

Threats

Impact Important

References

88 references

URL	Category
https://access.redhat.com/errata/RHSA-2025:15847	self
https://access.redhat.com/documentation/en-us/red…	external
https://access.redhat.com/security/cve/CVE-2024-10005	external
https://access.redhat.com/security/cve/CVE-2024-10006	external
https://access.redhat.com/security/cve/CVE-2024-22189	external
https://access.redhat.com/security/cve/CVE-2024-24789	external
https://access.redhat.com/security/cve/CVE-2024-28869	external
https://access.redhat.com/security/cve/CVE-2024-39321	external
https://access.redhat.com/security/cve/CVE-2024-45338	external
https://access.redhat.com/security/cve/CVE-2025-48385	external
https://access.redhat.com/security/cve/CVE-2025-48387	external
https://access.redhat.com/security/cve/CVE-2025-52999	external
https://access.redhat.com/security/cve/CVE-2025-9287	external
https://access.redhat.com/security/cve/CVE-2025-9288	external
https://access.redhat.com/security/updates/classi…	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2024-10005	self
https://bugzilla.redhat.com/show_bug.cgi?id=2322857	external
https://www.cve.org/CVERecord?id=CVE-2024-10005	external
https://nvd.nist.gov/vuln/detail/CVE-2024-10005	external
https://discuss.hashicorp.com/t/hcsec-2024-22-con…	external
https://access.redhat.com/security/cve/CVE-2024-10006	self
https://bugzilla.redhat.com/show_bug.cgi?id=2322858	external
https://www.cve.org/CVERecord?id=CVE-2024-10006	external
https://nvd.nist.gov/vuln/detail/CVE-2024-10006	external
https://discuss.hashicorp.com/t/hcsec-2024-23-con…	external
https://access.redhat.com/security/cve/CVE-2024-22189	self
https://bugzilla.redhat.com/show_bug.cgi?id=2273513	external
https://www.cve.org/CVERecord?id=CVE-2024-22189	external
https://nvd.nist.gov/vuln/detail/CVE-2024-22189	external
https://github.com/quic-go/quic-go/commit/4a99b81…	external
https://github.com/quic-go/quic-go/security/advis…	external
https://seemann.io/posts/2024-03-19-exploiting-qu…	external
https://access.redhat.com/security/cve/CVE-2024-24789	self
https://bugzilla.redhat.com/show_bug.cgi?id=2292668	external
https://www.cve.org/CVERecord?id=CVE-2024-24789	external
https://nvd.nist.gov/vuln/detail/CVE-2024-24789	external
https://access.redhat.com/security/cve/CVE-2024-28869	self
https://bugzilla.redhat.com/show_bug.cgi?id=2274987	external
https://www.cve.org/CVERecord?id=CVE-2024-28869	external
https://nvd.nist.gov/vuln/detail/CVE-2024-28869	external
https://github.com/traefik/traefik/commit/240b83b…	external
https://github.com/traefik/traefik/security/advis…	external
https://access.redhat.com/security/cve/CVE-2024-39321	self
https://bugzilla.redhat.com/show_bug.cgi?id=2296009	external
https://www.cve.org/CVERecord?id=CVE-2024-39321	external
https://nvd.nist.gov/vuln/detail/CVE-2024-39321	external
https://github.com/traefik/traefik/releases/tag/v2.11.6	external
https://github.com/traefik/traefik/releases/tag/v3.0.4	external
https://github.com/traefik/traefik/releases/tag/v…	external
https://github.com/traefik/traefik/security/advis…	external
https://access.redhat.com/security/cve/CVE-2024-45338	self
https://bugzilla.redhat.com/show_bug.cgi?id=2333122	external
https://www.cve.org/CVERecord?id=CVE-2024-45338	external
https://nvd.nist.gov/vuln/detail/CVE-2024-45338	external
https://go.dev/cl/637536	external
https://go.dev/issue/70906	external
https://groups.google.com/g/golang-announce/c/wSC…	external
https://pkg.go.dev/vuln/GO-2024-3333	external
https://access.redhat.com/security/cve/CVE-2025-9287	self
https://bugzilla.redhat.com/show_bug.cgi?id=2389932	external
https://www.cve.org/CVERecord?id=CVE-2025-9287	external
https://nvd.nist.gov/vuln/detail/CVE-2025-9287	external
https://github.com/browserify/cipher-base/pull/23	external
https://github.com/browserify/cipher-base/securit…	external
https://access.redhat.com/security/cve/CVE-2025-9288	self
https://bugzilla.redhat.com/show_bug.cgi?id=2389980	external
https://www.cve.org/CVERecord?id=CVE-2025-9288	external
https://nvd.nist.gov/vuln/detail/CVE-2025-9288	external
https://github.com/browserify/sha.js/pull/78	external
https://github.com/browserify/sha.js/security/adv…	external
https://access.redhat.com/security/cve/CVE-2025-48385	self
https://bugzilla.redhat.com/show_bug.cgi?id=2378808	external
https://www.cve.org/CVERecord?id=CVE-2025-48385	external
https://nvd.nist.gov/vuln/detail/CVE-2025-48385	external
https://github.com/git/git/security/advisories/GH…	external
https://access.redhat.com/security/cve/CVE-2025-48387	self
https://bugzilla.redhat.com/show_bug.cgi?id=2369875	external
https://www.cve.org/CVERecord?id=CVE-2025-48387	external
https://nvd.nist.gov/vuln/detail/CVE-2025-48387	external
https://github.com/mafintosh/tar-fs/commit/647447…	external
https://github.com/mafintosh/tar-fs/security/advi…	external
https://access.redhat.com/security/cve/CVE-2025-52999	self
https://bugzilla.redhat.com/show_bug.cgi?id=2374804	external
https://www.cve.org/CVERecord?id=CVE-2025-52999	external
https://nvd.nist.gov/vuln/detail/CVE-2025-52999	external
https://github.com/FasterXML/jackson-core/pull/943	external
https://github.com/FasterXML/jackson-core/securit…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Red Hat OpenShift Dev Spaces 3.23.0 has been released.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat OpenShift Dev Spaces provides a cloud developer workspace server and a browser-based IDE built for teams and organizations. Dev Spaces runs in OpenShift and is well-suited for container-based development. The 3.23 release is based on Eclipse Che 7.107 and uses the DevWorkspace engine to provide support for workspaces based on devfile v2.1 and v2.2. Users still using the v1 standard should migrate as soon as possible. https://devfile.io/docs/2.2.0/migrating-to-devfile-v2 Dev Spaces supports OpenShift EUS releases v4.14 and higher. Users are expected to update to supported OpenShift releases in order to continue to get Dev Spaces updates. https://access.redhat.com/support/policy/updates/openshift#crw",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2025:15847",
        "url": "https://access.redhat.com/errata/RHSA-2025:15847"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/documentation/en-us/red_hat_openshift_dev_spaces/3.23/html/administration_guide/installing-devspaces",
        "url": "https://access.redhat.com/documentation/en-us/red_hat_openshift_dev_spaces/3.23/html/administration_guide/installing-devspaces"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2024-10005",
        "url": "https://access.redhat.com/security/cve/CVE-2024-10005"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2024-10006",
        "url": "https://access.redhat.com/security/cve/CVE-2024-10006"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2024-22189",
        "url": "https://access.redhat.com/security/cve/CVE-2024-22189"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2024-24789",
        "url": "https://access.redhat.com/security/cve/CVE-2024-24789"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2024-28869",
        "url": "https://access.redhat.com/security/cve/CVE-2024-28869"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2024-39321",
        "url": "https://access.redhat.com/security/cve/CVE-2024-39321"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2024-45338",
        "url": "https://access.redhat.com/security/cve/CVE-2024-45338"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2025-48385",
        "url": "https://access.redhat.com/security/cve/CVE-2025-48385"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2025-48387",
        "url": "https://access.redhat.com/security/cve/CVE-2025-48387"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2025-52999",
        "url": "https://access.redhat.com/security/cve/CVE-2025-52999"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2025-9287",
        "url": "https://access.redhat.com/security/cve/CVE-2025-9287"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/cve/CVE-2025-9288",
        "url": "https://access.redhat.com/security/cve/CVE-2025-9288"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/",
        "url": "https://access.redhat.com/security/updates/classification/"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_15847.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.23.0 Release.",
    "tracking": {
      "current_release_date": "2026-06-28T12:58:14+00:00",
      "generator": {
        "date": "2026-06-28T12:58:14+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "5.2.6"
        }
      },
      "id": "RHSA-2025:15847",
      "initial_release_date": "2025-09-15T16:27:40+00:00",
      "revision_history": [
        {
          "date": "2025-09-15T16:27:40+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2025-09-15T16:27:51+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-06-28T12:58:14+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
                "product": {
                  "name": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
                  "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift_devspaces:3.23::el9"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat OpenShift Dev Spaces (RHOSDS)"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
                "product": {
                  "name": "registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
                  "product_id": "registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/code-rhel9@sha256%3A2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1757618807"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
                "product": {
                  "name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
                  "product_id": "registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/configbump-rhel9@sha256%3Ad2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1756506343"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
                "product": {
                  "name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
                  "product_id": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/dashboard-rhel9@sha256%3A905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1757019057"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
                "product": {
                  "name": "registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
                  "product_id": "registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/idea-rhel9@sha256%3Adf24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e?arch=amd64\u0026repository_url=registry.redhat.io/devspaces-tech-preview\u0026tag=3.23-1756504289"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
                "product": {
                  "name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
                  "product_id": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/imagepuller-rhel9@sha256%3Aa69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1756507311"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
                "product": {
                  "name": "registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
                  "product_id": "registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/jetbrains-ide-rhel9@sha256%3Aac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8?arch=amd64\u0026repository_url=registry.redhat.io/devspaces-tech-preview\u0026tag=3.23-1757019334"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
                "product": {
                  "name": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
                  "product_id": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/machineexec-rhel9@sha256%3Ad23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1756509551"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
                "product": {
                  "name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
                  "product_id": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/openvsx-rhel9@sha256%3A6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1757017659"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
                "product": {
                  "name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
                  "product_id": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/devspaces-rhel9-operator@sha256%3A2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1756828766"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
                "product": {
                  "name": "registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
                  "product_id": "registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/devspaces-operator-bundle@sha256%3Aa48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1757629825"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
                "product": {
                  "name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
                  "product_id": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/pluginregistry-rhel9@sha256%3A918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1757367052"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
                "product": {
                  "name": "registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
                  "product_id": "registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/server-rhel9@sha256%3A27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1756753588"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
                "product": {
                  "name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
                  "product_id": "registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/traefik-rhel9@sha256%3A15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1756504388"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
                "product": {
                  "name": "registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
                  "product_id": "registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/udi-rhel9@sha256%3A65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1757028609"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
                "product": {
                  "name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
                  "product_id": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/udi-base-rhel9@sha256%3A42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1757037884"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "amd64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
                "product": {
                  "name": "registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
                  "product_id": "registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/code-rhel9@sha256%3A48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1757618807"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
                "product": {
                  "name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
                  "product_id": "registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/configbump-rhel9@sha256%3A934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1756506343"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
                "product": {
                  "name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
                  "product_id": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/dashboard-rhel9@sha256%3A7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1757019057"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
                "product": {
                  "name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
                  "product_id": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/imagepuller-rhel9@sha256%3A8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1756507311"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
                "product": {
                  "name": "registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
                  "product_id": "registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/jetbrains-ide-rhel9@sha256%3Acd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85?arch=s390x\u0026repository_url=registry.redhat.io/devspaces-tech-preview\u0026tag=3.23-1757019334"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
                "product": {
                  "name": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
                  "product_id": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/machineexec-rhel9@sha256%3Ae32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1756509551"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
                "product": {
                  "name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
                  "product_id": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/openvsx-rhel9@sha256%3A1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1757017659"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
                "product": {
                  "name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
                  "product_id": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/devspaces-rhel9-operator@sha256%3A59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1756828766"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
                "product": {
                  "name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
                  "product_id": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/pluginregistry-rhel9@sha256%3Af2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1757367052"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
                "product": {
                  "name": "registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
                  "product_id": "registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/server-rhel9@sha256%3A641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1756753588"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
                "product": {
                  "name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
                  "product_id": "registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/traefik-rhel9@sha256%3A5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1756504388"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
                "product": {
                  "name": "registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
                  "product_id": "registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/udi-rhel9@sha256%3Aa4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1757028609"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
                "product": {
                  "name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
                  "product_id": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/udi-base-rhel9@sha256%3Ab60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1757037884"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
                "product": {
                  "name": "registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
                  "product_id": "registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/code-rhel9@sha256%3A8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1757618807"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
                "product": {
                  "name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
                  "product_id": "registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/configbump-rhel9@sha256%3A7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1756506343"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
                "product": {
                  "name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
                  "product_id": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/dashboard-rhel9@sha256%3A91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1757019057"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
                "product": {
                  "name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
                  "product_id": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/imagepuller-rhel9@sha256%3Aad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1756507311"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
                "product": {
                  "name": "registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
                  "product_id": "registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/jetbrains-ide-rhel9@sha256%3A0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces-tech-preview\u0026tag=3.23-1757019334"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
                "product": {
                  "name": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
                  "product_id": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/machineexec-rhel9@sha256%3A13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1756509551"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
                "product": {
                  "name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
                  "product_id": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/openvsx-rhel9@sha256%3Ae762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1757017659"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
                "product": {
                  "name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
                  "product_id": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/devspaces-rhel9-operator@sha256%3A38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1756828766"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
                "product": {
                  "name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
                  "product_id": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/pluginregistry-rhel9@sha256%3A5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1757367052"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
                "product": {
                  "name": "registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
                  "product_id": "registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/server-rhel9@sha256%3Afa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1756753588"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
                "product": {
                  "name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
                  "product_id": "registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/traefik-rhel9@sha256%3Aa152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1756504388"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le",
                "product": {
                  "name": "registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le",
                  "product_id": "registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/udi-rhel9@sha256%3Acc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1757028609"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
                "product": {
                  "name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
                  "product_id": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/udi-base-rhel9@sha256%3Aee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1757037884"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
                "product": {
                  "name": "registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
                  "product_id": "registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/code-rhel9@sha256%3A32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1757618807"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
                "product": {
                  "name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
                  "product_id": "registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/configbump-rhel9@sha256%3A43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1756506343"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
                "product": {
                  "name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
                  "product_id": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/dashboard-rhel9@sha256%3A78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1757019057"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
                "product": {
                  "name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
                  "product_id": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/imagepuller-rhel9@sha256%3Ac9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1756507311"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
                "product": {
                  "name": "registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
                  "product_id": "registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/jetbrains-ide-rhel9@sha256%3Ad0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d?arch=arm64\u0026repository_url=registry.redhat.io/devspaces-tech-preview\u0026tag=3.23-1757019334"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
                "product": {
                  "name": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
                  "product_id": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/machineexec-rhel9@sha256%3A43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1756509551"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
                "product": {
                  "name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
                  "product_id": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/openvsx-rhel9@sha256%3A15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1757017659"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
                "product": {
                  "name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
                  "product_id": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/devspaces-rhel9-operator@sha256%3Af5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1756828766"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
                "product": {
                  "name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
                  "product_id": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/pluginregistry-rhel9@sha256%3Acc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1757367052"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
                "product": {
                  "name": "registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
                  "product_id": "registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/server-rhel9@sha256%3A3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1756753588"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
                "product": {
                  "name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
                  "product_id": "registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/traefik-rhel9@sha256%3Af17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1756504388"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
                "product": {
                  "name": "registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
                  "product_id": "registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/udi-rhel9@sha256%3A53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1757028609"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
                "product": {
                  "name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
                  "product_id": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/udi-base-rhel9@sha256%3Aa86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=3.23-1757037884"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "arm64"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64"
        },
        "product_reference": "registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le"
        },
        "product_reference": "registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64"
        },
        "product_reference": "registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x"
        },
        "product_reference": "registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64"
        },
        "product_reference": "registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64"
        },
        "product_reference": "registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64"
        },
        "product_reference": "registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x"
        },
        "product_reference": "registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le"
        },
        "product_reference": "registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64"
        },
        "product_reference": "registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le"
        },
        "product_reference": "registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x"
        },
        "product_reference": "registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64"
        },
        "product_reference": "registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64"
        },
        "product_reference": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x"
        },
        "product_reference": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64"
        },
        "product_reference": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le"
        },
        "product_reference": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64"
        },
        "product_reference": "registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64"
        },
        "product_reference": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le"
        },
        "product_reference": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x"
        },
        "product_reference": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64"
        },
        "product_reference": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x"
        },
        "product_reference": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64"
        },
        "product_reference": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le"
        },
        "product_reference": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64"
        },
        "product_reference": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le"
        },
        "product_reference": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64"
        },
        "product_reference": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64"
        },
        "product_reference": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x"
        },
        "product_reference": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x"
        },
        "product_reference": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64"
        },
        "product_reference": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64"
        },
        "product_reference": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le"
        },
        "product_reference": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le"
        },
        "product_reference": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64"
        },
        "product_reference": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64"
        },
        "product_reference": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x"
        },
        "product_reference": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64"
        },
        "product_reference": "registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64"
        },
        "product_reference": "registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x"
        },
        "product_reference": "registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le"
        },
        "product_reference": "registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64"
        },
        "product_reference": "registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x"
        },
        "product_reference": "registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le"
        },
        "product_reference": "registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64"
        },
        "product_reference": "registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64"
        },
        "product_reference": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64"
        },
        "product_reference": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x"
        },
        "product_reference": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le"
        },
        "product_reference": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64"
        },
        "product_reference": "registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64"
        },
        "product_reference": "registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x"
        },
        "product_reference": "registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.23",
          "product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
        },
        "product_reference": "registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le",
        "relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-10005",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "discovery_date": "2024-10-30T22:00:40.599537+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2322857"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was found in HashiCorp Consul. Due to a lack of path normalization, URL paths in L7 traffic intentions can be exploited to bypass permissions defined in the intentions.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "hashicorp/consul: consul: Consul L7 Intentions Vulnerable To URL Path Bypass",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability is rated as important severity because the lack of path normalization in HashiCorp Consul allows attackers to exploit URL paths in L7 traffic intentions, bypassing defined permissions. This can compromise both confidentiality and integrity, enabling unauthorized access to sensitive data and resources, highlighting the need for immediate attention.\n\nThis CVE has been rated \"Low\" as RH does not use Consul/Consul Catalog as a provider for configuration discovery in Traefik Proxy. Even though the product is affected, RH products are not vulnerable.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64"
        ],
        "known_not_affected": [
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-10005"
        },
        {
          "category": "external",
          "summary": "RHBZ#2322857",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2322857"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-10005",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-10005"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-10005",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-10005"
        },
        {
          "category": "external",
          "summary": "https://discuss.hashicorp.com/t/hcsec-2024-22-consul-l7-intentions-vulnerable-to-url-path-bypass",
          "url": "https://discuss.hashicorp.com/t/hcsec-2024-22-consul-l7-intentions-vulnerable-to-url-path-bypass"
        }
      ],
      "release_date": "2024-10-30T21:19:22.576000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-09-15T16:27:40+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:15847"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Low"
        }
      ],
      "title": "hashicorp/consul: consul: Consul L7 Intentions Vulnerable To URL Path Bypass"
    },
    {
      "cve": "CVE-2024-10006",
      "cwe": {
        "id": "CWE-644",
        "name": "Improper Neutralization of HTTP Headers for Scripting Syntax"
      },
      "discovery_date": "2024-10-30T22:00:44.245072+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2322858"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in HashiCorp Consul and Consul Enterprise. The server response does not explicitly set a Content-Type HTTP header, allowing user-provided inputs to be misinterpreted and can lead to reflected cross-site scripting (XSS).",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "hashicorp/consul: consul: Consul L7 Intentions Vulnerable To Headers Bypass",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability is rated as important severity because HashiCorp Consul fails to set a Content-Type HTTP header, allowing user inputs to be misinterpreted and potentially leading to reflected cross-site scripting (XSS). This can compromise both confidentiality and integrity, posing a risk to user data and application security, which requires prompt remediation.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64"
        ],
        "known_not_affected": [
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-10006"
        },
        {
          "category": "external",
          "summary": "RHBZ#2322858",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2322858"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-10006",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-10006"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-10006",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-10006"
        },
        {
          "category": "external",
          "summary": "https://discuss.hashicorp.com/t/hcsec-2024-23-consul-l7-intentions-vulnerable-to-headers-bypass",
          "url": "https://discuss.hashicorp.com/t/hcsec-2024-23-consul-l7-intentions-vulnerable-to-headers-bypass"
        }
      ],
      "release_date": "2024-10-30T21:20:37.011000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-09-15T16:27:40+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:15847"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 8.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "hashicorp/consul: consul: Consul L7 Intentions Vulnerable To Headers Bypass"
    },
    {
      "cve": "CVE-2024-22189",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "discovery_date": "2024-04-04T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2273513"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in quic-go. This issue may allow an attacker to trigger a denial of service by sending a large number of NEW_CONNECTION_ID frames that retire old connection IDs. The receiver is supposed to respond to each retirement frame with a RETIRE_CONNECTION_ID frame, but the attacker can prevent the receiver from sending out the vast majority of these RETIRE_CONNECTION_ID frames by selectively acknowledging received packets and collapsing the peers congestion window and by manipulating the peer\u0027s RTT estimate.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "quic-go: memory exhaustion attack against QUIC\u0027s connection ID mechanism",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64"
        ],
        "known_not_affected": [
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-22189"
        },
        {
          "category": "external",
          "summary": "RHBZ#2273513",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273513"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-22189",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-22189"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-22189",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22189"
        },
        {
          "category": "external",
          "summary": "https://github.com/quic-go/quic-go/commit/4a99b816ae3ab03ae5449d15aac45147c85ed47a",
          "url": "https://github.com/quic-go/quic-go/commit/4a99b816ae3ab03ae5449d15aac45147c85ed47a"
        },
        {
          "category": "external",
          "summary": "https://github.com/quic-go/quic-go/security/advisories/GHSA-c33x-xqrf-c478",
          "url": "https://github.com/quic-go/quic-go/security/advisories/GHSA-c33x-xqrf-c478"
        },
        {
          "category": "external",
          "summary": "https://seemann.io/posts/2024-03-19-exploiting-quics-connection-id-management",
          "url": "https://seemann.io/posts/2024-03-19-exploiting-quics-connection-id-management"
        }
      ],
      "release_date": "2024-04-04T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-09-15T16:27:40+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:15847"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "quic-go: memory exhaustion attack against QUIC\u0027s connection ID mechanism"
    },
    {
      "cve": "CVE-2024-24789",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2024-06-17T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2292668"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Golang. The ZIP implementation of the Go language archive/zip library behaves differently than the rest of the ZIP file format implementations. When handling ZIP files with a corrupted central directory record, the library skips over the invalid record and processes the next valid one. This flaw allows a malicious user to access hidden information or files inside maliciously crafted ZIP files.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: archive/zip: Incorrect handling of certain ZIP files",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64"
        ],
        "known_not_affected": [
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-24789"
        },
        {
          "category": "external",
          "summary": "RHBZ#2292668",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292668"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-24789",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-24789"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24789",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24789"
        }
      ],
      "release_date": "2024-06-04T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-09-15T16:27:40+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:15847"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: archive/zip: Incorrect handling of certain ZIP files"
    },
    {
      "cve": "CVE-2024-28869",
      "cwe": {
        "id": "CWE-755",
        "name": "Improper Handling of Exceptional Conditions"
      },
      "discovery_date": "2024-04-14T00:00:00+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2274987"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "An improper handling of exceptional conditions vulnerability was found in Traefik. In affected versions, sending a GET request to any Traefik endpoint with the \"Content-length\" request header results in an indefinite hang with the default configuration, resulting in a denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "traefik: denial of service",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64"
        ],
        "known_not_affected": [
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-28869"
        },
        {
          "category": "external",
          "summary": "RHBZ#2274987",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2274987"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-28869",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-28869"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-28869",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28869"
        },
        {
          "category": "external",
          "summary": "https://github.com/traefik/traefik/commit/240b83b77351dfd8cadb91c305b84e9d22e0f9c6",
          "url": "https://github.com/traefik/traefik/commit/240b83b77351dfd8cadb91c305b84e9d22e0f9c6"
        },
        {
          "category": "external",
          "summary": "https://github.com/traefik/traefik/security/advisories/GHSA-4vwx-54mw-vqfw",
          "url": "https://github.com/traefik/traefik/security/advisories/GHSA-4vwx-54mw-vqfw"
        }
      ],
      "release_date": "2024-04-12T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-09-15T16:27:40+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:15847"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "traefik: denial of service"
    },
    {
      "cve": "CVE-2024-39321",
      "cwe": {
        "id": "CWE-639",
        "name": "Authorization Bypass Through User-Controlled Key"
      },
      "discovery_date": "2024-07-05T18:20:25+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2296009"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "An authorization bypass vulnerability was found in Traefik. This flaw allows bypassing IP allow-lists via HTTP/3 early data requests in QUIC 0-RTT handshakes sent with spoofed IP addresses.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "traefik: Bypassing IP allow-lists via HTTP/3 early data requests in QUIC 0-RTT handshakes",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The vulnerability in Traefik that allows bypassing IP allow-lists via HTTP/3 early data requests in QUIC 0-RTT handshakes, while notable, is categorized as moderate severity rather than important. This classification stems from the requirement for an attacker to leverage HTTP/3\u0027s early data feature and perform spoofed IP address manipulation to exploit the flaw. As a result, successful exploitation demands specific conditions, including network-level access and manipulation capabilities, which may not be trivial in many environments.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64"
        ],
        "known_not_affected": [
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-39321"
        },
        {
          "category": "external",
          "summary": "RHBZ#2296009",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2296009"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-39321",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-39321"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-39321",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39321"
        },
        {
          "category": "external",
          "summary": "https://github.com/traefik/traefik/releases/tag/v2.11.6",
          "url": "https://github.com/traefik/traefik/releases/tag/v2.11.6"
        },
        {
          "category": "external",
          "summary": "https://github.com/traefik/traefik/releases/tag/v3.0.4",
          "url": "https://github.com/traefik/traefik/releases/tag/v3.0.4"
        },
        {
          "category": "external",
          "summary": "https://github.com/traefik/traefik/releases/tag/v3.1.0-rc3",
          "url": "https://github.com/traefik/traefik/releases/tag/v3.1.0-rc3"
        },
        {
          "category": "external",
          "summary": "https://github.com/traefik/traefik/security/advisories/GHSA-gxrv-wf35-62w9",
          "url": "https://github.com/traefik/traefik/security/advisories/GHSA-gxrv-wf35-62w9"
        }
      ],
      "release_date": "2024-07-04T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-09-15T16:27:40+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:15847"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "traefik: Bypassing IP allow-lists via HTTP/3 early data requests in QUIC 0-RTT handshakes"
    },
    {
      "cve": "CVE-2024-45338",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "discovery_date": "2024-12-18T21:00:59.938173+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2333122"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in golang.org/x/net/html. This flaw allows an attacker to craft input to the parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This issue can cause a denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability is rated as an Important severity because an attacker can craft malicious input that causes the parsing functions to process data non-linearly, resulting in significant delays which leads to a denial of service by exhausting system resources.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
        ],
        "known_not_affected": [
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-45338"
        },
        {
          "category": "external",
          "summary": "RHBZ#2333122",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333122"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-45338",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-45338"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/637536",
          "url": "https://go.dev/cl/637536"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/70906",
          "url": "https://go.dev/issue/70906"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ",
          "url": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2024-3333",
          "url": "https://pkg.go.dev/vuln/GO-2024-3333"
        }
      ],
      "release_date": "2024-12-18T20:38:22.660000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-09-15T16:27:40+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:15847"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html"
    },
    {
      "cve": "CVE-2025-9287",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2025-08-20T22:00:53.821394+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2389932"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "An improper input validation vulnerability was found in the cipher-base npm package. Missing input type checks in the polyfill of the Node.js `createHash` function result in invalid\u00a0value calculations,\u00a0hanging and\u00a0rewinding the\u00a0hash state, including\u00a0turning a tagged hash\u00a0into an untagged\u00a0hash, for malicious JSON-stringifyable\u00a0inputs.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "cipher-base: Cipher-base hash manipulation",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x"
        ],
        "known_not_affected": [
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-9287"
        },
        {
          "category": "external",
          "summary": "RHBZ#2389932",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2389932"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-9287",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-9287"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9287",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9287"
        },
        {
          "category": "external",
          "summary": "https://github.com/browserify/cipher-base/pull/23",
          "url": "https://github.com/browserify/cipher-base/pull/23"
        },
        {
          "category": "external",
          "summary": "https://github.com/browserify/cipher-base/security/advisories/GHSA-cpq7-6gpm-g9rc",
          "url": "https://github.com/browserify/cipher-base/security/advisories/GHSA-cpq7-6gpm-g9rc"
        }
      ],
      "release_date": "2025-08-20T21:43:56.548000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-09-15T16:27:40+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:15847"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:L",
            "version": "3.1"
          },
          "products": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "cipher-base: Cipher-base hash manipulation"
    },
    {
      "cve": "CVE-2025-9288",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2025-08-20T23:00:56.263191+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2389980"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was found in sha.js, where the hashing implementation does not perform sufficient input type validation. The .update() function accepts arbitrary objects, including those with crafted length properties, which can alter the internal state machine of the hashing process. This flaw may result in unexpected behavior such as rewinding the hash state, producing inconsistent digest outputs, or entering invalid processing loops. The issue was introduced due to the reliance on JavaScript object coercion rules rather than enforcing strict buffer or string inputs.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "sha.js: Missing type checks leading to hash rewind and passing on crafted data",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability was marked as Important rather then Critical because while the lack of input type checks in sha.js allows for hash state rewinding, crafted collisions, and potential denial of service, the vulnerability requires highly specific crafted input objects that are unlikely to occur in typical real-world usage, especially since most applications pass well-formed strings or buffers to hashing functions. Moreover, the cryptographic breakages described, such as nonce reuse leading to private key extraction, are indirect and depend on downstream libraries misusing sha.js for sensitive operations without additional validation layers. As a result, the flaw significantly undermines correctness and robustness of the hashing API, but its exploitability in common production systems is constrained, which could justify viewing it as an Important vulnerability rather than a Critical one.\n\n\nThe flaw requires applications to pass attacker-controlled, non-standard JavaScript objects into hash.update(). Most real-world Node.js applications and libraries already use Buffer, TypedArray, or String inputs, which are unaffected. Furthermore, Node\u2019s built-in crypto module, which is widely adopted, enforces stricter type-checking and is not impacted. As a result, the vulnerability mainly threatens projects that (a) directly depend on sha.js for cryptographically sensitive operations, and (b) hash untrusted input without type validation.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x"
        ],
        "known_not_affected": [
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-9288"
        },
        {
          "category": "external",
          "summary": "RHBZ#2389980",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2389980"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-9288",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-9288"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9288",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9288"
        },
        {
          "category": "external",
          "summary": "https://github.com/browserify/sha.js/pull/78",
          "url": "https://github.com/browserify/sha.js/pull/78"
        },
        {
          "category": "external",
          "summary": "https://github.com/browserify/sha.js/security/advisories/GHSA-95m3-7q98-8xr5",
          "url": "https://github.com/browserify/sha.js/security/advisories/GHSA-95m3-7q98-8xr5"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-9287",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-9287"
        }
      ],
      "release_date": "2025-08-20T21:59:44.728000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-09-15T16:27:40+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:15847"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "sha.js: Missing type checks leading to hash rewind and passing on crafted data"
    },
    {
      "cve": "CVE-2025-48385",
      "cwe": {
        "id": "CWE-88",
        "name": "Improper Neutralization of Argument Delimiters in a Command (\u0027Argument Injection\u0027)"
      },
      "discovery_date": "2025-07-08T19:00:55.106787+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2378808"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A bundled uri handling flaw was found in Git. When cloning a repository, Git knows to optionally fetch a bundle advertised by the remote server, which allows the server side to offload parts of the clone to a CDN. The Git client does not perform sufficient validation of the advertised bundles, which allows the remote side to perform protocol injection.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "git: Git arbitrary file writes",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability marked as Important rather than a Moderate flaw because it enables protocol injection at the transport layer of Git\u0027s bundle-uri mechanism, allowing a remote server to manipulate how and where data is written on the client system during a clone operation. The lack of input sanitization on user-controlled values like the URI and target path means that malformed inputs containing spaces or newlines can break protocol framing, leading to arbitrary file writes. In scenarios such as CI pipelines, developer environments, or recursive clones with submodules, an attacker can exploit this to overwrite critical files or inject malicious content, potentially achieving remote code execution (RCE).",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le"
        ],
        "known_not_affected": [
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-48385"
        },
        {
          "category": "external",
          "summary": "RHBZ#2378808",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2378808"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-48385",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-48385"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-48385",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48385"
        },
        {
          "category": "external",
          "summary": "https://github.com/git/git/security/advisories/GHSA-m98c-vgpc-9655",
          "url": "https://github.com/git/git/security/advisories/GHSA-m98c-vgpc-9655"
        }
      ],
      "release_date": "2025-07-08T18:23:44.405000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-09-15T16:27:40+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:15847"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 8.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L",
            "version": "3.1"
          },
          "products": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "git: Git arbitrary file writes"
    },
    {
      "cve": "CVE-2025-48387",
      "cwe": {
        "id": "CWE-22",
        "name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
      },
      "discovery_date": "2025-06-02T20:00:45.526571+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2369875"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in tar-fs. This vulnerability allows files to be written outside the intended extraction directory via specially crafted tar archives. The issue arises from insufficient path validation during tarball extraction, potentially enabling path traversal attacks that can overwrite arbitrary files on the system.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "tar-fs: tar-fs has issue where extract can write outside the specified dir with a specific tarball",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability in tar-fs is Important not a moderate flaw, primarily due to its ability to bypass directory confinement during tarball extraction. The core issue\u2014path traversal via crafted archive entries\u2014allows attackers to write files outside the intended extraction directory, potentially overwriting system files, configuration files, or injecting malicious scripts into sensitive locations. Unlike moderate flaws that may require specific conditions or user interaction to exploit, this vulnerability can be triggered automatically in server-side environments that extract user-supplied tar files (e.g., CI/CD systems, deployment tools, or file upload handlers). Its exploitation could lead to remote code execution, privilege escalation, or denial of service, depending on the context.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le"
        ],
        "known_not_affected": [
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-48387"
        },
        {
          "category": "external",
          "summary": "RHBZ#2369875",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369875"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-48387",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-48387"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-48387",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-48387"
        },
        {
          "category": "external",
          "summary": "https://github.com/mafintosh/tar-fs/commit/647447b572bc135c41035e82ca7b894f02b17f0f",
          "url": "https://github.com/mafintosh/tar-fs/commit/647447b572bc135c41035e82ca7b894f02b17f0f"
        },
        {
          "category": "external",
          "summary": "https://github.com/mafintosh/tar-fs/security/advisories/GHSA-8cj5-5rvv-wf4v",
          "url": "https://github.com/mafintosh/tar-fs/security/advisories/GHSA-8cj5-5rvv-wf4v"
        }
      ],
      "release_date": "2025-06-02T19:20:18.220000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-09-15T16:27:40+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:15847"
        },
        {
          "category": "workaround",
          "details": "Mitigation is either unavailable or does not meet Red Hat Product Security standards for usability, deployment, applicability, or stability.",
          "product_ids": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "tar-fs: tar-fs has issue where extract can write outside the specified dir with a specific tarball"
    },
    {
      "cve": "CVE-2025-52999",
      "cwe": {
        "id": "CWE-121",
        "name": "Stack-based Buffer Overflow"
      },
      "discovery_date": "2025-06-25T18:00:54.693716+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2374804"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A nested data handling flaw was found in Jackson Core. When parsing particularly deeply nested data structures, a StackoverflowError can occur.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "com.fasterxml.jackson.core/jackson-core: jackson-core Potential StackoverflowError",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le"
        ],
        "known_not_affected": [
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
          "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-52999"
        },
        {
          "category": "external",
          "summary": "RHBZ#2374804",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2374804"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-52999",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-52999"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-52999",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-52999"
        },
        {
          "category": "external",
          "summary": "https://github.com/FasterXML/jackson-core/pull/943",
          "url": "https://github.com/FasterXML/jackson-core/pull/943"
        },
        {
          "category": "external",
          "summary": "https://github.com/FasterXML/jackson-core/security/advisories/GHSA-h46c-h94j-95f3",
          "url": "https://github.com/FasterXML/jackson-core/security/advisories/GHSA-h46c-h94j-95f3"
        }
      ],
      "release_date": "2025-06-25T17:02:57.428000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-09-15T16:27:40+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update, refer to: https://access.redhat.com/articles/11258",
          "product_ids": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:15847"
        },
        {
          "category": "workaround",
          "details": "To mitigate this vulnerability, the recommendation is to avoid parsing input files from untrusted sources that may have excessively deep nested data structures; anything with a depth over 1000.",
          "product_ids": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/idea-rhel9@sha256:df24ebb239a2cc0d4543309f51a7268c7d524d428a536e0b3443c51089c3f87e_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:0dc291e3dc58d285d054a35b480d14c3912777e14fd643915b8ceabd178ad6bf_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:ac5b3e78470c747377dbc9ecb6e0680d724086c331955ed5471b74d01155ece8_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:cd1ee1d15cafe77bbf8e283cee2cde88dcdfb59c9545867a047cf4b42089aa85_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d0b17cb5f9a530ca959058fe926b3f5c42539487e23587d51948f49d7a38cf5d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:2bfe5265856abdd8cb490bde852d4e992f1793684f003d1ef53776fe69d790d7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:32d9568317c55235f75c4d0e1c98de6d4af252cbdd116ed2355025cbaeac862f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:48b99d167a5c54a98e69bba441bb5b70db2ffe065d3f8f8d23ecfed7b813336e_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/code-rhel9@sha256:8b2b33e91756bbd1c7ed6905e00176b9d55a4e13aee2f84862bc571a8a82f113_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:43cdf063e9a6aa5f84233c8bd850a711b5d5fae8a7795803609fec07d189ca05_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:7ad9073c0a768f170cf8d4311ea35ec1caccfdefdf6d1dccbc10ed01cdeafd16_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:934c224a59086c689be1839b6846a0984370a78a8adc8510fa692f5215bb6182_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/configbump-rhel9@sha256:d2bfcb27baf36e569eca4f7c85f458a180d7938616413a4cf8e10cb329e6a150_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:78dabed4a5fc1eb3246778e6ee6e1a543829cf88d0b03f0ccccf101c41a7bdda_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7c98501fee1297a24caa77d325f6bfd7f91192589f0aa22d47d9766e8219c749_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:905d45518e20ea10daa3a35ea2f2201a6f762a16f9b4829ce37b7396d493ac59_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/dashboard-rhel9@sha256:91e064bccc3f7320844763fc136cb4c650db40190e01edebe16135bcc00627ac_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:a48dd94d5616183843ba939146b7e4d985210cdd902038ff80ff6df3df3d74ca_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:2b18f2cf31e0914762cc6e99c9797c24a19db69ca08bc9983bc2aacc85ee7024_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:38c9b56aa9c2a5153e01ffc1edb399247ed1937b9382ac4f0fb2beae4c27f69a_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:59f85768c28401783b9475ce21088e3d8fbf6bcd64bb49e3a243c881ac6b546c_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:f5b515ecaea7d542ac18ea5a056c99fe84ca2ac25fa3904bdc50a78ecf47541f_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8cdf016c4d61bce4f244415ae192fe1647ef517ba1690f2009b5b8e1104c72a7_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:a69c6f8b091d11c69b6864edc6973c6f5f4515eb3a1923bf51fdb971315c28b0_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:ad5f4d1b7f712416bb62785375ce15ef1a5cb3f1a77226899abc8aba32a11623_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:c9808efcb221c10d78bdf663e3b5e3d5d281bf59702be049090fc1fa0511b078_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:13f0ec3ce663f6701501e82bbb508549e149588eedb0982729a59d98c88d0ba0_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:43d9679eb3ac8d5287863137f2d698d814a2fbc2fbd6a6aacba11240cd76d40c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:d23a4d9f0967f53d15fefda63e972e035d23aebe819dd11a6cec9beceacd8997_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e32fc2e1c50fb1110a835e29e6e360b4127ed84fca98c6276b0b171ccd6cb223_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:1168d897f16b276ba5a6e6170e31fbe1499a980666aed493b2fe27036471ba55_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:15300e7d45a8e2093ef6f33303174f7361de7d9b648f8c9f2cf06f8ba3c56c76_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:6ccd50b0049e4ba0f9d4ea8779b17c6acc95395490579fbaa3b9e9084ac7d314_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/openvsx-rhel9@sha256:e762a9019e4b5afd27331ad519a5b63a2bba3c7eb522533e0932e97c2879a36e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:5f4c5323da09593280fc61c2df7fced0f6dc9d3ca322d27069f51334c3d18dae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:918c66e3ea09e481c38673314021ef1aa6b46afc9dcb115b9d19b6819c5db4a7_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:cc4f2ce5926da93eaf81b0935d3171d81a310ec97e3c08bbbf6599752446810d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:f2bcd5123e4fad7aa4ad54f2819a1beb75d844302aa162e0335c1a0191fe5346_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:27b7eef1c64e432dbe15e92cf745a951aebdc9b379d9c02dbfef6df296c39cd1_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:3cfcd5f9ab8ec42cefd8fab992ecb493a9d14126bdf53ba542ffa4b51fd1684c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:641354f1d56627f49af3e32ad963616b69aac644ac33d664e7fe29de32fe43b3_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/server-rhel9@sha256:fa5400aecca1a46c4b98d00c749ea56d6187ced20952f02e4dd1c12e2467117e_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:15a4a74016cdb94aece0bc651edd221b72a9202e5fd414d30ae969707cb5b4c9_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:5361443dee5415dc554d79e2fa23a6b336f1d8ea89fb20a4caa72f70574b939b_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:a152f1e75dd10ba692587a4e702d59cd1c5adcde8b97390f58742270edf85d33_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/traefik-rhel9@sha256:f17428eced9d6bec1eaaa1510b68250824d3ace2f66af7f31fbf7327ca11540c_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:42d8388fafeb7c188b03389c92561da4068f91a8cc2343f33d967939342e4f64_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:a86e59cedc67e9fcee3412afa157572a2ab815a3d9e18da03ada502f7313cc80_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b60b4b992b89b82620e5ea618350a97434b272d1f023200dcbeae642612e3569_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-base-rhel9@sha256:ee9d72769b916b350307df495022e04add1fbcd67c1e62757fd316e7f1dd60ae_ppc64le",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:53618eb41967e64660e87e5ad6ce8f5d9803aed9bb48da8898aaefb4d0a4632d_arm64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:65176a94e684c200beef8f25016982ab212bdcd10d31b54a831310e20c026f77_amd64",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:a4ca99dc99b864ef805f3e8d997f0567168c809433f16ec23540c0b8ead96216_s390x",
            "Red Hat OpenShift Dev Spaces (RHOSDS) 3.23:registry.redhat.io/devspaces/udi-rhel9@sha256:cc31b6212f77e03383e615ee30fd97419806c3841f18d2f6c950d82cdd21e872_ppc64le"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "com.fasterxml.jackson.core/jackson-core: jackson-core Potential StackoverflowError"
    }
  ]
}

RHSA-2025:4240

Vulnerability from csaf_redhat - Published: 2025-04-28 05:29 - Updated: 2026-06-29 08:15

Summary

Red Hat Security Advisory: Updated 6.1 container image is now available in the Red Hat Ecosystem Catalog.

Severity

Important

Notes

Topic: A new container image for Red Hat Ceph Storage 6.1 is now available in the Red Hat Ecosystem Catalog.

Details: Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. This new container image is based on Red Hat Ceph Storage 6.1 and Red Hat Enterprise Linux 8.9, 8.10, 9.2 EUS, 9.2, 9.3, 9.4, 9.5. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat Ceph Storage Release Notes for information on the most significant of these changes: https://docs.redhat.com/en/documentation/red_hat_ceph_storage/6/html/6.1_release_notes/index All users of Red Hat Ceph Storage are advised to pull these new images from the Red Hat Ecosystem catalog, which provides numerous enhancements and bug fixes.

CVE-2023-39325

A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as 'Important' as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit. CVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Fixed 18 products

Product	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:1c95dcc53d4cc7c694e5a11f7b39b6476d90cf3708358a1cc65f72ec0d38c46c_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:54cc52c368304c72657c43fb82142a7a9a5160cc3a6f244052bfdd5261ea99fd_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:c3b6856a4d946ec48d8c60d15faf95123268b1b73bc1a01510fc40a04274ec06_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:5ecf105bc936d0c37346e1091af73bca69f9c07e226ccd87290a22ec1d37d1a3_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:6556cb524258d4066898583912e167c311d3f4224e002eda0d78c061addb4aa5_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:7c48e5f5655db34fa346aed3a7a7e8e109c0d4f40c820f109494daf81046d791_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:5e300275660b37e5017b2fd3f614adb2ae96d59e434ea931ce2778aa5f51fd06_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:6158d287db74defd81c382f5f2c3304ee730064bdc9823dee440dbb325b2e5c8_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:c7194cc27e4be27a21369eaf28b7481f0133db221a6f0781ffcb2d9ca947e0db_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:615a46aeac92682b400010a81afcc7b69cb506bee102c69dfd94d43423db1853_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:63db781d5e639ea19a72f2cde5d47dea7fe0afe5206e6ebe476052563eb6a3cd_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:862fed90f9699602ebd5858fc04377d87c3f30c826847f3e0a61d48c49e162f1_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:5f55baba4c52c19c4d28faf0cf5dee64720d6e49c8081ccd38574d7c2960a98b_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b0d41dceb48071c537314247409226329f55cc2bd9b902066ca065f73e017b8f_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:c9cb503a6216553906461e897adbd3410b1cdf1876b56b0d6ce179f6851cfbbc_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:14dc3601abdef2e5334372ab553abb47300ca61245fc50193e48213a82211a45_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4fbb6836a47696dde61e2235666f4d0d8b32ed63772958407c30385b741626da_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:e3a49a1c07604fa64a5970403841ea9cddec05e5d9b558c5681e3ade60ab38ea_s390x	—	Vendor Fix fix Workaround

Threats

Impact Important

CVE-2023-45288

A vulnerability was discovered with the implementation of the HTTP/2 protocol in the Go programming language. There were insufficient limitations on the amount of CONTINUATION frames sent within a single stream. An attacker could potentially exploit this to cause a Denial of Service (DoS) attack.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Fixed 18 products

Product	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:1c95dcc53d4cc7c694e5a11f7b39b6476d90cf3708358a1cc65f72ec0d38c46c_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:54cc52c368304c72657c43fb82142a7a9a5160cc3a6f244052bfdd5261ea99fd_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:c3b6856a4d946ec48d8c60d15faf95123268b1b73bc1a01510fc40a04274ec06_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:5ecf105bc936d0c37346e1091af73bca69f9c07e226ccd87290a22ec1d37d1a3_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:6556cb524258d4066898583912e167c311d3f4224e002eda0d78c061addb4aa5_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:7c48e5f5655db34fa346aed3a7a7e8e109c0d4f40c820f109494daf81046d791_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:5e300275660b37e5017b2fd3f614adb2ae96d59e434ea931ce2778aa5f51fd06_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:6158d287db74defd81c382f5f2c3304ee730064bdc9823dee440dbb325b2e5c8_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:c7194cc27e4be27a21369eaf28b7481f0133db221a6f0781ffcb2d9ca947e0db_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:615a46aeac92682b400010a81afcc7b69cb506bee102c69dfd94d43423db1853_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:63db781d5e639ea19a72f2cde5d47dea7fe0afe5206e6ebe476052563eb6a3cd_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:862fed90f9699602ebd5858fc04377d87c3f30c826847f3e0a61d48c49e162f1_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:5f55baba4c52c19c4d28faf0cf5dee64720d6e49c8081ccd38574d7c2960a98b_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b0d41dceb48071c537314247409226329f55cc2bd9b902066ca065f73e017b8f_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:c9cb503a6216553906461e897adbd3410b1cdf1876b56b0d6ce179f6851cfbbc_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:14dc3601abdef2e5334372ab553abb47300ca61245fc50193e48213a82211a45_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4fbb6836a47696dde61e2235666f4d0d8b32ed63772958407c30385b741626da_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:e3a49a1c07604fa64a5970403841ea9cddec05e5d9b558c5681e3ade60ab38ea_s390x	—	Vendor Fix fix Workaround

Threats

Impact Important

CVE-2024-24789

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

CWE-20 - Improper Input Validation

Affected products

Fixed 18 products

Product	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:1c95dcc53d4cc7c694e5a11f7b39b6476d90cf3708358a1cc65f72ec0d38c46c_ppc64le	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:54cc52c368304c72657c43fb82142a7a9a5160cc3a6f244052bfdd5261ea99fd_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:c3b6856a4d946ec48d8c60d15faf95123268b1b73bc1a01510fc40a04274ec06_s390x	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:5ecf105bc936d0c37346e1091af73bca69f9c07e226ccd87290a22ec1d37d1a3_ppc64le	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:6556cb524258d4066898583912e167c311d3f4224e002eda0d78c061addb4aa5_s390x	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:7c48e5f5655db34fa346aed3a7a7e8e109c0d4f40c820f109494daf81046d791_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:5e300275660b37e5017b2fd3f614adb2ae96d59e434ea931ce2778aa5f51fd06_ppc64le	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:6158d287db74defd81c382f5f2c3304ee730064bdc9823dee440dbb325b2e5c8_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:c7194cc27e4be27a21369eaf28b7481f0133db221a6f0781ffcb2d9ca947e0db_s390x	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:615a46aeac92682b400010a81afcc7b69cb506bee102c69dfd94d43423db1853_ppc64le	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:63db781d5e639ea19a72f2cde5d47dea7fe0afe5206e6ebe476052563eb6a3cd_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:862fed90f9699602ebd5858fc04377d87c3f30c826847f3e0a61d48c49e162f1_s390x	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:5f55baba4c52c19c4d28faf0cf5dee64720d6e49c8081ccd38574d7c2960a98b_ppc64le	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b0d41dceb48071c537314247409226329f55cc2bd9b902066ca065f73e017b8f_s390x	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:c9cb503a6216553906461e897adbd3410b1cdf1876b56b0d6ce179f6851cfbbc_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:14dc3601abdef2e5334372ab553abb47300ca61245fc50193e48213a82211a45_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4fbb6836a47696dde61e2235666f4d0d8b32ed63772958407c30385b741626da_ppc64le	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:e3a49a1c07604fa64a5970403841ea9cddec05e5d9b558c5681e3ade60ab38ea_s390x	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2024-24790

A flaw was found in the Go language standard library net/netip. The method Is*() (IsPrivate(), IsPublic(), etc) doesn't behave properly when working with IPv6 mapped to IPv4 addresses. The unexpected behavior can lead to integrity and confidentiality issues, specifically when these methods are used to control access to resources or data.

6.7 (Medium)


                        
                          CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE-115 - Misinterpretation of Input

Affected products

Fixed 18 products

Product	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:1c95dcc53d4cc7c694e5a11f7b39b6476d90cf3708358a1cc65f72ec0d38c46c_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:54cc52c368304c72657c43fb82142a7a9a5160cc3a6f244052bfdd5261ea99fd_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:c3b6856a4d946ec48d8c60d15faf95123268b1b73bc1a01510fc40a04274ec06_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:5ecf105bc936d0c37346e1091af73bca69f9c07e226ccd87290a22ec1d37d1a3_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:6556cb524258d4066898583912e167c311d3f4224e002eda0d78c061addb4aa5_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:7c48e5f5655db34fa346aed3a7a7e8e109c0d4f40c820f109494daf81046d791_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:5e300275660b37e5017b2fd3f614adb2ae96d59e434ea931ce2778aa5f51fd06_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:6158d287db74defd81c382f5f2c3304ee730064bdc9823dee440dbb325b2e5c8_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:c7194cc27e4be27a21369eaf28b7481f0133db221a6f0781ffcb2d9ca947e0db_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:615a46aeac92682b400010a81afcc7b69cb506bee102c69dfd94d43423db1853_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:63db781d5e639ea19a72f2cde5d47dea7fe0afe5206e6ebe476052563eb6a3cd_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:862fed90f9699602ebd5858fc04377d87c3f30c826847f3e0a61d48c49e162f1_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:5f55baba4c52c19c4d28faf0cf5dee64720d6e49c8081ccd38574d7c2960a98b_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b0d41dceb48071c537314247409226329f55cc2bd9b902066ca065f73e017b8f_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:c9cb503a6216553906461e897adbd3410b1cdf1876b56b0d6ce179f6851cfbbc_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:14dc3601abdef2e5334372ab553abb47300ca61245fc50193e48213a82211a45_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4fbb6836a47696dde61e2235666f4d0d8b32ed63772958407c30385b741626da_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:e3a49a1c07604fa64a5970403841ea9cddec05e5d9b558c5681e3ade60ab38ea_s390x	—	Vendor Fix fix Workaround

Threats

Impact Moderate

CVE-2024-34156

A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-674 - Uncontrolled Recursion

Affected products

Fixed 18 products

Product	Version	Remediation
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:1c95dcc53d4cc7c694e5a11f7b39b6476d90cf3708358a1cc65f72ec0d38c46c_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:54cc52c368304c72657c43fb82142a7a9a5160cc3a6f244052bfdd5261ea99fd_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:c3b6856a4d946ec48d8c60d15faf95123268b1b73bc1a01510fc40a04274ec06_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:5ecf105bc936d0c37346e1091af73bca69f9c07e226ccd87290a22ec1d37d1a3_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:6556cb524258d4066898583912e167c311d3f4224e002eda0d78c061addb4aa5_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:7c48e5f5655db34fa346aed3a7a7e8e109c0d4f40c820f109494daf81046d791_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:5e300275660b37e5017b2fd3f614adb2ae96d59e434ea931ce2778aa5f51fd06_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:6158d287db74defd81c382f5f2c3304ee730064bdc9823dee440dbb325b2e5c8_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:c7194cc27e4be27a21369eaf28b7481f0133db221a6f0781ffcb2d9ca947e0db_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:615a46aeac92682b400010a81afcc7b69cb506bee102c69dfd94d43423db1853_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:63db781d5e639ea19a72f2cde5d47dea7fe0afe5206e6ebe476052563eb6a3cd_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:862fed90f9699602ebd5858fc04377d87c3f30c826847f3e0a61d48c49e162f1_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:5f55baba4c52c19c4d28faf0cf5dee64720d6e49c8081ccd38574d7c2960a98b_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b0d41dceb48071c537314247409226329f55cc2bd9b902066ca065f73e017b8f_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:c9cb503a6216553906461e897adbd3410b1cdf1876b56b0d6ce179f6851cfbbc_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:14dc3601abdef2e5334372ab553abb47300ca61245fc50193e48213a82211a45_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4fbb6836a47696dde61e2235666f4d0d8b32ed63772958407c30385b741626da_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:e3a49a1c07604fa64a5970403841ea9cddec05e5d9b558c5681e3ade60ab38ea_s390x	—	Vendor Fix fix Workaround

Threats

Impact Important

References

36 references

URL	Category
https://access.redhat.com/errata/RHSA-2025:4240	self
https://access.redhat.com/security/updates/classi…	external
https://access.redhat.com/security/vulnerabilitie…	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2023-39325	self
https://bugzilla.redhat.com/show_bug.cgi?id=2243296	external
https://access.redhat.com/security/vulnerabilitie…	external
https://www.cve.org/CVERecord?id=CVE-2023-39325	external
https://nvd.nist.gov/vuln/detail/CVE-2023-39325	external
https://access.redhat.com/security/cve/CVE-2023-44487	external
https://go.dev/issue/63417	external
https://pkg.go.dev/vuln/GO-2023-2102	external
https://www.cisa.gov/news-events/alerts/2023/10/1…	external
https://access.redhat.com/security/cve/CVE-2023-45288	self
https://bugzilla.redhat.com/show_bug.cgi?id=2268273	external
https://www.cve.org/CVERecord?id=CVE-2023-45288	external
https://nvd.nist.gov/vuln/detail/CVE-2023-45288	external
https://nowotarski.info/http2-continuation-flood/	external
https://pkg.go.dev/vuln/GO-2024-2687	external
https://www.kb.cert.org/vuls/id/421644	external
https://access.redhat.com/security/cve/CVE-2024-24789	self
https://bugzilla.redhat.com/show_bug.cgi?id=2292668	external
https://www.cve.org/CVERecord?id=CVE-2024-24789	external
https://nvd.nist.gov/vuln/detail/CVE-2024-24789	external
https://access.redhat.com/security/cve/CVE-2024-24790	self
https://bugzilla.redhat.com/show_bug.cgi?id=2292787	external
https://www.cve.org/CVERecord?id=CVE-2024-24790	external
https://nvd.nist.gov/vuln/detail/CVE-2024-24790	external
https://access.redhat.com/security/cve/CVE-2024-34156	self
https://bugzilla.redhat.com/show_bug.cgi?id=2310528	external
https://www.cve.org/CVERecord?id=CVE-2024-34156	external
https://nvd.nist.gov/vuln/detail/CVE-2024-34156	external
https://go.dev/cl/611239	external
https://go.dev/issue/69139	external
https://groups.google.com/g/golang-dev/c/S9POB9NCTdk	external
https://pkg.go.dev/vuln/GO-2024-3106	external

Acknowledgments

nowotarski.info Bartek Nowotarski

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "A new container image for Red Hat Ceph Storage 6.1 is now available in the  Red Hat Ecosystem Catalog.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services.\n \nThis new container image is based on Red Hat Ceph Storage 6.1 and Red Hat Enterprise Linux 8.9, 8.10, 9.2 EUS, 9.2, 9.3, 9.4, 9.5.\n \nSpace precludes documenting all of these changes in this advisory. Users are directed to the Red Hat Ceph Storage Release Notes for information on the most significant of these changes:\n \nhttps://docs.redhat.com/en/documentation/red_hat_ceph_storage/6/html/6.1_release_notes/index\n \nAll users of Red Hat Ceph Storage are advised to pull these new images from the Red Hat Ecosystem catalog, which provides numerous enhancements and bug fixes.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2025:4240",
        "url": "https://access.redhat.com/errata/RHSA-2025:4240"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003",
        "url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_4240.json"
      }
    ],
    "title": "Red Hat Security Advisory: Updated 6.1 container image is now available in the Red Hat Ecosystem Catalog.",
    "tracking": {
      "current_release_date": "2026-06-29T08:15:35+00:00",
      "generator": {
        "date": "2026-06-29T08:15:35+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "5.2.6"
        }
      },
      "id": "RHSA-2025:4240",
      "initial_release_date": "2025-04-28T05:29:21+00:00",
      "revision_history": [
        {
          "date": "2025-04-28T05:29:21+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2025-04-28T05:29:21+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-06-29T08:15:35+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Ceph Storage 6.1 Tools",
                "product": {
                  "name": "Red Hat Ceph Storage 6.1 Tools",
                  "product_id": "9Base-RHCEPH-6.1-Tools",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:ceph_storage:6.1::el9"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Ceph Storage"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "rhceph/rhceph-6-dashboard-rhel9@sha256:7c48e5f5655db34fa346aed3a7a7e8e109c0d4f40c820f109494daf81046d791_amd64",
                "product": {
                  "name": "rhceph/rhceph-6-dashboard-rhel9@sha256:7c48e5f5655db34fa346aed3a7a7e8e109c0d4f40c820f109494daf81046d791_amd64",
                  "product_id": "rhceph/rhceph-6-dashboard-rhel9@sha256:7c48e5f5655db34fa346aed3a7a7e8e109c0d4f40c820f109494daf81046d791_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhceph-6-dashboard-rhel9@sha256:7c48e5f5655db34fa346aed3a7a7e8e109c0d4f40c820f109494daf81046d791?arch=amd64\u0026repository_url=registry.redhat.io/rhceph/rhceph-6-dashboard-rhel9\u0026tag=latest"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhceph/keepalived-rhel9@sha256:54cc52c368304c72657c43fb82142a7a9a5160cc3a6f244052bfdd5261ea99fd_amd64",
                "product": {
                  "name": "rhceph/keepalived-rhel9@sha256:54cc52c368304c72657c43fb82142a7a9a5160cc3a6f244052bfdd5261ea99fd_amd64",
                  "product_id": "rhceph/keepalived-rhel9@sha256:54cc52c368304c72657c43fb82142a7a9a5160cc3a6f244052bfdd5261ea99fd_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/keepalived-rhel9@sha256:54cc52c368304c72657c43fb82142a7a9a5160cc3a6f244052bfdd5261ea99fd?arch=amd64\u0026repository_url=registry.redhat.io/rhceph/keepalived-rhel9\u0026tag=2.2.8-1745816949"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhceph/rhceph-promtail-rhel9@sha256:c9cb503a6216553906461e897adbd3410b1cdf1876b56b0d6ce179f6851cfbbc_amd64",
                "product": {
                  "name": "rhceph/rhceph-promtail-rhel9@sha256:c9cb503a6216553906461e897adbd3410b1cdf1876b56b0d6ce179f6851cfbbc_amd64",
                  "product_id": "rhceph/rhceph-promtail-rhel9@sha256:c9cb503a6216553906461e897adbd3410b1cdf1876b56b0d6ce179f6851cfbbc_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhceph-promtail-rhel9@sha256:c9cb503a6216553906461e897adbd3410b1cdf1876b56b0d6ce179f6851cfbbc?arch=amd64\u0026repository_url=registry.redhat.io/rhceph/rhceph-promtail-rhel9\u0026tag=v2.4.0-40"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhceph/rhceph-6-rhel9@sha256:6158d287db74defd81c382f5f2c3304ee730064bdc9823dee440dbb325b2e5c8_amd64",
                "product": {
                  "name": "rhceph/rhceph-6-rhel9@sha256:6158d287db74defd81c382f5f2c3304ee730064bdc9823dee440dbb325b2e5c8_amd64",
                  "product_id": "rhceph/rhceph-6-rhel9@sha256:6158d287db74defd81c382f5f2c3304ee730064bdc9823dee440dbb325b2e5c8_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhceph-6-rhel9@sha256:6158d287db74defd81c382f5f2c3304ee730064bdc9823dee440dbb325b2e5c8?arch=amd64\u0026repository_url=registry.redhat.io/rhceph/rhceph-6-rhel9\u0026tag=latest"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhceph/rhceph-haproxy-rhel9@sha256:63db781d5e639ea19a72f2cde5d47dea7fe0afe5206e6ebe476052563eb6a3cd_amd64",
                "product": {
                  "name": "rhceph/rhceph-haproxy-rhel9@sha256:63db781d5e639ea19a72f2cde5d47dea7fe0afe5206e6ebe476052563eb6a3cd_amd64",
                  "product_id": "rhceph/rhceph-haproxy-rhel9@sha256:63db781d5e639ea19a72f2cde5d47dea7fe0afe5206e6ebe476052563eb6a3cd_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhceph-haproxy-rhel9@sha256:63db781d5e639ea19a72f2cde5d47dea7fe0afe5206e6ebe476052563eb6a3cd?arch=amd64\u0026repository_url=registry.redhat.io/rhceph/rhceph-haproxy-rhel9\u0026tag=2.4.22-1745816965"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhceph/snmp-notifier-rhel9@sha256:14dc3601abdef2e5334372ab553abb47300ca61245fc50193e48213a82211a45_amd64",
                "product": {
                  "name": "rhceph/snmp-notifier-rhel9@sha256:14dc3601abdef2e5334372ab553abb47300ca61245fc50193e48213a82211a45_amd64",
                  "product_id": "rhceph/snmp-notifier-rhel9@sha256:14dc3601abdef2e5334372ab553abb47300ca61245fc50193e48213a82211a45_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/snmp-notifier-rhel9@sha256:14dc3601abdef2e5334372ab553abb47300ca61245fc50193e48213a82211a45?arch=amd64\u0026repository_url=registry.redhat.io/rhceph/snmp-notifier-rhel9\u0026tag=1.2.1-1745816915"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "amd64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "rhceph/rhceph-6-dashboard-rhel9@sha256:5ecf105bc936d0c37346e1091af73bca69f9c07e226ccd87290a22ec1d37d1a3_ppc64le",
                "product": {
                  "name": "rhceph/rhceph-6-dashboard-rhel9@sha256:5ecf105bc936d0c37346e1091af73bca69f9c07e226ccd87290a22ec1d37d1a3_ppc64le",
                  "product_id": "rhceph/rhceph-6-dashboard-rhel9@sha256:5ecf105bc936d0c37346e1091af73bca69f9c07e226ccd87290a22ec1d37d1a3_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhceph-6-dashboard-rhel9@sha256:5ecf105bc936d0c37346e1091af73bca69f9c07e226ccd87290a22ec1d37d1a3?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph/rhceph-6-dashboard-rhel9\u0026tag=latest"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhceph/keepalived-rhel9@sha256:1c95dcc53d4cc7c694e5a11f7b39b6476d90cf3708358a1cc65f72ec0d38c46c_ppc64le",
                "product": {
                  "name": "rhceph/keepalived-rhel9@sha256:1c95dcc53d4cc7c694e5a11f7b39b6476d90cf3708358a1cc65f72ec0d38c46c_ppc64le",
                  "product_id": "rhceph/keepalived-rhel9@sha256:1c95dcc53d4cc7c694e5a11f7b39b6476d90cf3708358a1cc65f72ec0d38c46c_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/keepalived-rhel9@sha256:1c95dcc53d4cc7c694e5a11f7b39b6476d90cf3708358a1cc65f72ec0d38c46c?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph/keepalived-rhel9\u0026tag=2.2.8-1745816949"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhceph/rhceph-promtail-rhel9@sha256:5f55baba4c52c19c4d28faf0cf5dee64720d6e49c8081ccd38574d7c2960a98b_ppc64le",
                "product": {
                  "name": "rhceph/rhceph-promtail-rhel9@sha256:5f55baba4c52c19c4d28faf0cf5dee64720d6e49c8081ccd38574d7c2960a98b_ppc64le",
                  "product_id": "rhceph/rhceph-promtail-rhel9@sha256:5f55baba4c52c19c4d28faf0cf5dee64720d6e49c8081ccd38574d7c2960a98b_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhceph-promtail-rhel9@sha256:5f55baba4c52c19c4d28faf0cf5dee64720d6e49c8081ccd38574d7c2960a98b?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph/rhceph-promtail-rhel9\u0026tag=v2.4.0-40"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhceph/rhceph-6-rhel9@sha256:5e300275660b37e5017b2fd3f614adb2ae96d59e434ea931ce2778aa5f51fd06_ppc64le",
                "product": {
                  "name": "rhceph/rhceph-6-rhel9@sha256:5e300275660b37e5017b2fd3f614adb2ae96d59e434ea931ce2778aa5f51fd06_ppc64le",
                  "product_id": "rhceph/rhceph-6-rhel9@sha256:5e300275660b37e5017b2fd3f614adb2ae96d59e434ea931ce2778aa5f51fd06_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhceph-6-rhel9@sha256:5e300275660b37e5017b2fd3f614adb2ae96d59e434ea931ce2778aa5f51fd06?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph/rhceph-6-rhel9\u0026tag=latest"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhceph/rhceph-haproxy-rhel9@sha256:615a46aeac92682b400010a81afcc7b69cb506bee102c69dfd94d43423db1853_ppc64le",
                "product": {
                  "name": "rhceph/rhceph-haproxy-rhel9@sha256:615a46aeac92682b400010a81afcc7b69cb506bee102c69dfd94d43423db1853_ppc64le",
                  "product_id": "rhceph/rhceph-haproxy-rhel9@sha256:615a46aeac92682b400010a81afcc7b69cb506bee102c69dfd94d43423db1853_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhceph-haproxy-rhel9@sha256:615a46aeac92682b400010a81afcc7b69cb506bee102c69dfd94d43423db1853?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph/rhceph-haproxy-rhel9\u0026tag=2.4.22-1745816965"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhceph/snmp-notifier-rhel9@sha256:4fbb6836a47696dde61e2235666f4d0d8b32ed63772958407c30385b741626da_ppc64le",
                "product": {
                  "name": "rhceph/snmp-notifier-rhel9@sha256:4fbb6836a47696dde61e2235666f4d0d8b32ed63772958407c30385b741626da_ppc64le",
                  "product_id": "rhceph/snmp-notifier-rhel9@sha256:4fbb6836a47696dde61e2235666f4d0d8b32ed63772958407c30385b741626da_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/snmp-notifier-rhel9@sha256:4fbb6836a47696dde61e2235666f4d0d8b32ed63772958407c30385b741626da?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph/snmp-notifier-rhel9\u0026tag=1.2.1-1745816915"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "rhceph/rhceph-6-dashboard-rhel9@sha256:6556cb524258d4066898583912e167c311d3f4224e002eda0d78c061addb4aa5_s390x",
                "product": {
                  "name": "rhceph/rhceph-6-dashboard-rhel9@sha256:6556cb524258d4066898583912e167c311d3f4224e002eda0d78c061addb4aa5_s390x",
                  "product_id": "rhceph/rhceph-6-dashboard-rhel9@sha256:6556cb524258d4066898583912e167c311d3f4224e002eda0d78c061addb4aa5_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhceph-6-dashboard-rhel9@sha256:6556cb524258d4066898583912e167c311d3f4224e002eda0d78c061addb4aa5?arch=s390x\u0026repository_url=registry.redhat.io/rhceph/rhceph-6-dashboard-rhel9\u0026tag=latest"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhceph/keepalived-rhel9@sha256:c3b6856a4d946ec48d8c60d15faf95123268b1b73bc1a01510fc40a04274ec06_s390x",
                "product": {
                  "name": "rhceph/keepalived-rhel9@sha256:c3b6856a4d946ec48d8c60d15faf95123268b1b73bc1a01510fc40a04274ec06_s390x",
                  "product_id": "rhceph/keepalived-rhel9@sha256:c3b6856a4d946ec48d8c60d15faf95123268b1b73bc1a01510fc40a04274ec06_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/keepalived-rhel9@sha256:c3b6856a4d946ec48d8c60d15faf95123268b1b73bc1a01510fc40a04274ec06?arch=s390x\u0026repository_url=registry.redhat.io/rhceph/keepalived-rhel9\u0026tag=2.2.8-1745816949"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhceph/rhceph-promtail-rhel9@sha256:b0d41dceb48071c537314247409226329f55cc2bd9b902066ca065f73e017b8f_s390x",
                "product": {
                  "name": "rhceph/rhceph-promtail-rhel9@sha256:b0d41dceb48071c537314247409226329f55cc2bd9b902066ca065f73e017b8f_s390x",
                  "product_id": "rhceph/rhceph-promtail-rhel9@sha256:b0d41dceb48071c537314247409226329f55cc2bd9b902066ca065f73e017b8f_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhceph-promtail-rhel9@sha256:b0d41dceb48071c537314247409226329f55cc2bd9b902066ca065f73e017b8f?arch=s390x\u0026repository_url=registry.redhat.io/rhceph/rhceph-promtail-rhel9\u0026tag=v2.4.0-40"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhceph/rhceph-6-rhel9@sha256:c7194cc27e4be27a21369eaf28b7481f0133db221a6f0781ffcb2d9ca947e0db_s390x",
                "product": {
                  "name": "rhceph/rhceph-6-rhel9@sha256:c7194cc27e4be27a21369eaf28b7481f0133db221a6f0781ffcb2d9ca947e0db_s390x",
                  "product_id": "rhceph/rhceph-6-rhel9@sha256:c7194cc27e4be27a21369eaf28b7481f0133db221a6f0781ffcb2d9ca947e0db_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhceph-6-rhel9@sha256:c7194cc27e4be27a21369eaf28b7481f0133db221a6f0781ffcb2d9ca947e0db?arch=s390x\u0026repository_url=registry.redhat.io/rhceph/rhceph-6-rhel9\u0026tag=latest"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhceph/rhceph-haproxy-rhel9@sha256:862fed90f9699602ebd5858fc04377d87c3f30c826847f3e0a61d48c49e162f1_s390x",
                "product": {
                  "name": "rhceph/rhceph-haproxy-rhel9@sha256:862fed90f9699602ebd5858fc04377d87c3f30c826847f3e0a61d48c49e162f1_s390x",
                  "product_id": "rhceph/rhceph-haproxy-rhel9@sha256:862fed90f9699602ebd5858fc04377d87c3f30c826847f3e0a61d48c49e162f1_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhceph-haproxy-rhel9@sha256:862fed90f9699602ebd5858fc04377d87c3f30c826847f3e0a61d48c49e162f1?arch=s390x\u0026repository_url=registry.redhat.io/rhceph/rhceph-haproxy-rhel9\u0026tag=2.4.22-1745816965"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhceph/snmp-notifier-rhel9@sha256:e3a49a1c07604fa64a5970403841ea9cddec05e5d9b558c5681e3ade60ab38ea_s390x",
                "product": {
                  "name": "rhceph/snmp-notifier-rhel9@sha256:e3a49a1c07604fa64a5970403841ea9cddec05e5d9b558c5681e3ade60ab38ea_s390x",
                  "product_id": "rhceph/snmp-notifier-rhel9@sha256:e3a49a1c07604fa64a5970403841ea9cddec05e5d9b558c5681e3ade60ab38ea_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/snmp-notifier-rhel9@sha256:e3a49a1c07604fa64a5970403841ea9cddec05e5d9b558c5681e3ade60ab38ea?arch=s390x\u0026repository_url=registry.redhat.io/rhceph/snmp-notifier-rhel9\u0026tag=1.2.1-1745816915"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/keepalived-rhel9@sha256:1c95dcc53d4cc7c694e5a11f7b39b6476d90cf3708358a1cc65f72ec0d38c46c_ppc64le as a component of Red Hat Ceph Storage 6.1 Tools",
          "product_id": "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:1c95dcc53d4cc7c694e5a11f7b39b6476d90cf3708358a1cc65f72ec0d38c46c_ppc64le"
        },
        "product_reference": "rhceph/keepalived-rhel9@sha256:1c95dcc53d4cc7c694e5a11f7b39b6476d90cf3708358a1cc65f72ec0d38c46c_ppc64le",
        "relates_to_product_reference": "9Base-RHCEPH-6.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/keepalived-rhel9@sha256:54cc52c368304c72657c43fb82142a7a9a5160cc3a6f244052bfdd5261ea99fd_amd64 as a component of Red Hat Ceph Storage 6.1 Tools",
          "product_id": "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:54cc52c368304c72657c43fb82142a7a9a5160cc3a6f244052bfdd5261ea99fd_amd64"
        },
        "product_reference": "rhceph/keepalived-rhel9@sha256:54cc52c368304c72657c43fb82142a7a9a5160cc3a6f244052bfdd5261ea99fd_amd64",
        "relates_to_product_reference": "9Base-RHCEPH-6.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/keepalived-rhel9@sha256:c3b6856a4d946ec48d8c60d15faf95123268b1b73bc1a01510fc40a04274ec06_s390x as a component of Red Hat Ceph Storage 6.1 Tools",
          "product_id": "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:c3b6856a4d946ec48d8c60d15faf95123268b1b73bc1a01510fc40a04274ec06_s390x"
        },
        "product_reference": "rhceph/keepalived-rhel9@sha256:c3b6856a4d946ec48d8c60d15faf95123268b1b73bc1a01510fc40a04274ec06_s390x",
        "relates_to_product_reference": "9Base-RHCEPH-6.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/rhceph-6-dashboard-rhel9@sha256:5ecf105bc936d0c37346e1091af73bca69f9c07e226ccd87290a22ec1d37d1a3_ppc64le as a component of Red Hat Ceph Storage 6.1 Tools",
          "product_id": "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:5ecf105bc936d0c37346e1091af73bca69f9c07e226ccd87290a22ec1d37d1a3_ppc64le"
        },
        "product_reference": "rhceph/rhceph-6-dashboard-rhel9@sha256:5ecf105bc936d0c37346e1091af73bca69f9c07e226ccd87290a22ec1d37d1a3_ppc64le",
        "relates_to_product_reference": "9Base-RHCEPH-6.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/rhceph-6-dashboard-rhel9@sha256:6556cb524258d4066898583912e167c311d3f4224e002eda0d78c061addb4aa5_s390x as a component of Red Hat Ceph Storage 6.1 Tools",
          "product_id": "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:6556cb524258d4066898583912e167c311d3f4224e002eda0d78c061addb4aa5_s390x"
        },
        "product_reference": "rhceph/rhceph-6-dashboard-rhel9@sha256:6556cb524258d4066898583912e167c311d3f4224e002eda0d78c061addb4aa5_s390x",
        "relates_to_product_reference": "9Base-RHCEPH-6.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/rhceph-6-dashboard-rhel9@sha256:7c48e5f5655db34fa346aed3a7a7e8e109c0d4f40c820f109494daf81046d791_amd64 as a component of Red Hat Ceph Storage 6.1 Tools",
          "product_id": "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:7c48e5f5655db34fa346aed3a7a7e8e109c0d4f40c820f109494daf81046d791_amd64"
        },
        "product_reference": "rhceph/rhceph-6-dashboard-rhel9@sha256:7c48e5f5655db34fa346aed3a7a7e8e109c0d4f40c820f109494daf81046d791_amd64",
        "relates_to_product_reference": "9Base-RHCEPH-6.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/rhceph-6-rhel9@sha256:5e300275660b37e5017b2fd3f614adb2ae96d59e434ea931ce2778aa5f51fd06_ppc64le as a component of Red Hat Ceph Storage 6.1 Tools",
          "product_id": "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:5e300275660b37e5017b2fd3f614adb2ae96d59e434ea931ce2778aa5f51fd06_ppc64le"
        },
        "product_reference": "rhceph/rhceph-6-rhel9@sha256:5e300275660b37e5017b2fd3f614adb2ae96d59e434ea931ce2778aa5f51fd06_ppc64le",
        "relates_to_product_reference": "9Base-RHCEPH-6.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/rhceph-6-rhel9@sha256:6158d287db74defd81c382f5f2c3304ee730064bdc9823dee440dbb325b2e5c8_amd64 as a component of Red Hat Ceph Storage 6.1 Tools",
          "product_id": "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:6158d287db74defd81c382f5f2c3304ee730064bdc9823dee440dbb325b2e5c8_amd64"
        },
        "product_reference": "rhceph/rhceph-6-rhel9@sha256:6158d287db74defd81c382f5f2c3304ee730064bdc9823dee440dbb325b2e5c8_amd64",
        "relates_to_product_reference": "9Base-RHCEPH-6.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/rhceph-6-rhel9@sha256:c7194cc27e4be27a21369eaf28b7481f0133db221a6f0781ffcb2d9ca947e0db_s390x as a component of Red Hat Ceph Storage 6.1 Tools",
          "product_id": "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:c7194cc27e4be27a21369eaf28b7481f0133db221a6f0781ffcb2d9ca947e0db_s390x"
        },
        "product_reference": "rhceph/rhceph-6-rhel9@sha256:c7194cc27e4be27a21369eaf28b7481f0133db221a6f0781ffcb2d9ca947e0db_s390x",
        "relates_to_product_reference": "9Base-RHCEPH-6.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/rhceph-haproxy-rhel9@sha256:615a46aeac92682b400010a81afcc7b69cb506bee102c69dfd94d43423db1853_ppc64le as a component of Red Hat Ceph Storage 6.1 Tools",
          "product_id": "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:615a46aeac92682b400010a81afcc7b69cb506bee102c69dfd94d43423db1853_ppc64le"
        },
        "product_reference": "rhceph/rhceph-haproxy-rhel9@sha256:615a46aeac92682b400010a81afcc7b69cb506bee102c69dfd94d43423db1853_ppc64le",
        "relates_to_product_reference": "9Base-RHCEPH-6.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/rhceph-haproxy-rhel9@sha256:63db781d5e639ea19a72f2cde5d47dea7fe0afe5206e6ebe476052563eb6a3cd_amd64 as a component of Red Hat Ceph Storage 6.1 Tools",
          "product_id": "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:63db781d5e639ea19a72f2cde5d47dea7fe0afe5206e6ebe476052563eb6a3cd_amd64"
        },
        "product_reference": "rhceph/rhceph-haproxy-rhel9@sha256:63db781d5e639ea19a72f2cde5d47dea7fe0afe5206e6ebe476052563eb6a3cd_amd64",
        "relates_to_product_reference": "9Base-RHCEPH-6.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/rhceph-haproxy-rhel9@sha256:862fed90f9699602ebd5858fc04377d87c3f30c826847f3e0a61d48c49e162f1_s390x as a component of Red Hat Ceph Storage 6.1 Tools",
          "product_id": "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:862fed90f9699602ebd5858fc04377d87c3f30c826847f3e0a61d48c49e162f1_s390x"
        },
        "product_reference": "rhceph/rhceph-haproxy-rhel9@sha256:862fed90f9699602ebd5858fc04377d87c3f30c826847f3e0a61d48c49e162f1_s390x",
        "relates_to_product_reference": "9Base-RHCEPH-6.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/rhceph-promtail-rhel9@sha256:5f55baba4c52c19c4d28faf0cf5dee64720d6e49c8081ccd38574d7c2960a98b_ppc64le as a component of Red Hat Ceph Storage 6.1 Tools",
          "product_id": "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:5f55baba4c52c19c4d28faf0cf5dee64720d6e49c8081ccd38574d7c2960a98b_ppc64le"
        },
        "product_reference": "rhceph/rhceph-promtail-rhel9@sha256:5f55baba4c52c19c4d28faf0cf5dee64720d6e49c8081ccd38574d7c2960a98b_ppc64le",
        "relates_to_product_reference": "9Base-RHCEPH-6.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/rhceph-promtail-rhel9@sha256:b0d41dceb48071c537314247409226329f55cc2bd9b902066ca065f73e017b8f_s390x as a component of Red Hat Ceph Storage 6.1 Tools",
          "product_id": "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b0d41dceb48071c537314247409226329f55cc2bd9b902066ca065f73e017b8f_s390x"
        },
        "product_reference": "rhceph/rhceph-promtail-rhel9@sha256:b0d41dceb48071c537314247409226329f55cc2bd9b902066ca065f73e017b8f_s390x",
        "relates_to_product_reference": "9Base-RHCEPH-6.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/rhceph-promtail-rhel9@sha256:c9cb503a6216553906461e897adbd3410b1cdf1876b56b0d6ce179f6851cfbbc_amd64 as a component of Red Hat Ceph Storage 6.1 Tools",
          "product_id": "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:c9cb503a6216553906461e897adbd3410b1cdf1876b56b0d6ce179f6851cfbbc_amd64"
        },
        "product_reference": "rhceph/rhceph-promtail-rhel9@sha256:c9cb503a6216553906461e897adbd3410b1cdf1876b56b0d6ce179f6851cfbbc_amd64",
        "relates_to_product_reference": "9Base-RHCEPH-6.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/snmp-notifier-rhel9@sha256:14dc3601abdef2e5334372ab553abb47300ca61245fc50193e48213a82211a45_amd64 as a component of Red Hat Ceph Storage 6.1 Tools",
          "product_id": "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:14dc3601abdef2e5334372ab553abb47300ca61245fc50193e48213a82211a45_amd64"
        },
        "product_reference": "rhceph/snmp-notifier-rhel9@sha256:14dc3601abdef2e5334372ab553abb47300ca61245fc50193e48213a82211a45_amd64",
        "relates_to_product_reference": "9Base-RHCEPH-6.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/snmp-notifier-rhel9@sha256:4fbb6836a47696dde61e2235666f4d0d8b32ed63772958407c30385b741626da_ppc64le as a component of Red Hat Ceph Storage 6.1 Tools",
          "product_id": "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4fbb6836a47696dde61e2235666f4d0d8b32ed63772958407c30385b741626da_ppc64le"
        },
        "product_reference": "rhceph/snmp-notifier-rhel9@sha256:4fbb6836a47696dde61e2235666f4d0d8b32ed63772958407c30385b741626da_ppc64le",
        "relates_to_product_reference": "9Base-RHCEPH-6.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/snmp-notifier-rhel9@sha256:e3a49a1c07604fa64a5970403841ea9cddec05e5d9b558c5681e3ade60ab38ea_s390x as a component of Red Hat Ceph Storage 6.1 Tools",
          "product_id": "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:e3a49a1c07604fa64a5970403841ea9cddec05e5d9b558c5681e3ade60ab38ea_s390x"
        },
        "product_reference": "rhceph/snmp-notifier-rhel9@sha256:e3a49a1c07604fa64a5970403841ea9cddec05e5d9b558c5681e3ade60ab38ea_s390x",
        "relates_to_product_reference": "9Base-RHCEPH-6.1-Tools"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-39325",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2023-10-10T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2243296"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in handling multiplexed streams in the HTTP/2 protocol. A client can repeatedly make a request for a new multiplex stream and immediately send an RST_STREAM frame to cancel it. This creates extra work for the server setting up and tearing down the streams while not hitting any server-side limit for the maximum number of active streams per connection, resulting in a denial of service due to server resource consumption. Red Hat has rated the severity of this flaw as \u0027Important\u0027 as the US Cybersecurity and Infrastructure Security Agency (CISA) declared this vulnerability an active exploit.\r\n\r\nCVE-2023-39325 was assigned for the `Rapid Reset Attack` in the Go language packages.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This CVE is related to CVE-2023-44487.\n\nThe majority of RHEL utilities are not long-running applications; instead, they are command-line tools. These tools utilize Golang package as build-time dependency, which is why they are classified as having a \"Moderate\" level of impact.\n\nAs go-lang vendors its dependencies, a package may contain a library with a known vulnerability, solely because of lower tier libraries including it as a part of its dependencies, but the vulnerable code is not reachable at runtime. In such cases the issue is not exploitable. We classify these situations as \u201cNot affected\u201d or \u201cWill not fix,\u201d depending on the risk of breaking other unrelated packages.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:1c95dcc53d4cc7c694e5a11f7b39b6476d90cf3708358a1cc65f72ec0d38c46c_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:54cc52c368304c72657c43fb82142a7a9a5160cc3a6f244052bfdd5261ea99fd_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:c3b6856a4d946ec48d8c60d15faf95123268b1b73bc1a01510fc40a04274ec06_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:5ecf105bc936d0c37346e1091af73bca69f9c07e226ccd87290a22ec1d37d1a3_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:6556cb524258d4066898583912e167c311d3f4224e002eda0d78c061addb4aa5_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:7c48e5f5655db34fa346aed3a7a7e8e109c0d4f40c820f109494daf81046d791_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:5e300275660b37e5017b2fd3f614adb2ae96d59e434ea931ce2778aa5f51fd06_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:6158d287db74defd81c382f5f2c3304ee730064bdc9823dee440dbb325b2e5c8_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:c7194cc27e4be27a21369eaf28b7481f0133db221a6f0781ffcb2d9ca947e0db_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:615a46aeac92682b400010a81afcc7b69cb506bee102c69dfd94d43423db1853_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:63db781d5e639ea19a72f2cde5d47dea7fe0afe5206e6ebe476052563eb6a3cd_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:862fed90f9699602ebd5858fc04377d87c3f30c826847f3e0a61d48c49e162f1_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:5f55baba4c52c19c4d28faf0cf5dee64720d6e49c8081ccd38574d7c2960a98b_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b0d41dceb48071c537314247409226329f55cc2bd9b902066ca065f73e017b8f_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:c9cb503a6216553906461e897adbd3410b1cdf1876b56b0d6ce179f6851cfbbc_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:14dc3601abdef2e5334372ab553abb47300ca61245fc50193e48213a82211a45_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4fbb6836a47696dde61e2235666f4d0d8b32ed63772958407c30385b741626da_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:e3a49a1c07604fa64a5970403841ea9cddec05e5d9b558c5681e3ade60ab38ea_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-39325"
        },
        {
          "category": "external",
          "summary": "RHBZ#2243296",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243296"
        },
        {
          "category": "external",
          "summary": "RHSB-2023-003",
          "url": "https://access.redhat.com/security/vulnerabilities/RHSB-2023-003"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-39325",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39325"
        },
        {
          "category": "external",
          "summary": "https://access.redhat.com/security/cve/CVE-2023-44487",
          "url": "https://access.redhat.com/security/cve/CVE-2023-44487"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/63417",
          "url": "https://go.dev/issue/63417"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2023-2102",
          "url": "https://pkg.go.dev/vuln/GO-2023-2102"
        },
        {
          "category": "external",
          "summary": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487",
          "url": "https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487"
        }
      ],
      "release_date": "2023-10-10T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-04-28T05:29:21+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2789521\n\nFor supported configurations, refer to:\n\nhttps://access.redhat.com/articles/1548993",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:1c95dcc53d4cc7c694e5a11f7b39b6476d90cf3708358a1cc65f72ec0d38c46c_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:54cc52c368304c72657c43fb82142a7a9a5160cc3a6f244052bfdd5261ea99fd_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:c3b6856a4d946ec48d8c60d15faf95123268b1b73bc1a01510fc40a04274ec06_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:5ecf105bc936d0c37346e1091af73bca69f9c07e226ccd87290a22ec1d37d1a3_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:6556cb524258d4066898583912e167c311d3f4224e002eda0d78c061addb4aa5_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:7c48e5f5655db34fa346aed3a7a7e8e109c0d4f40c820f109494daf81046d791_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:5e300275660b37e5017b2fd3f614adb2ae96d59e434ea931ce2778aa5f51fd06_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:6158d287db74defd81c382f5f2c3304ee730064bdc9823dee440dbb325b2e5c8_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:c7194cc27e4be27a21369eaf28b7481f0133db221a6f0781ffcb2d9ca947e0db_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:615a46aeac92682b400010a81afcc7b69cb506bee102c69dfd94d43423db1853_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:63db781d5e639ea19a72f2cde5d47dea7fe0afe5206e6ebe476052563eb6a3cd_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:862fed90f9699602ebd5858fc04377d87c3f30c826847f3e0a61d48c49e162f1_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:5f55baba4c52c19c4d28faf0cf5dee64720d6e49c8081ccd38574d7c2960a98b_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b0d41dceb48071c537314247409226329f55cc2bd9b902066ca065f73e017b8f_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:c9cb503a6216553906461e897adbd3410b1cdf1876b56b0d6ce179f6851cfbbc_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:14dc3601abdef2e5334372ab553abb47300ca61245fc50193e48213a82211a45_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4fbb6836a47696dde61e2235666f4d0d8b32ed63772958407c30385b741626da_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:e3a49a1c07604fa64a5970403841ea9cddec05e5d9b558c5681e3ade60ab38ea_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:4240"
        },
        {
          "category": "workaround",
          "details": "The default stream concurrency limit in golang is 250 streams (requests) per HTTP/2 connection. This value may be adjusted in the golang.org/x/net/http2 package using the Server.MaxConcurrentStreams setting and the ConfigureServer function which are available in golang.org/x/net/http2.",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:1c95dcc53d4cc7c694e5a11f7b39b6476d90cf3708358a1cc65f72ec0d38c46c_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:54cc52c368304c72657c43fb82142a7a9a5160cc3a6f244052bfdd5261ea99fd_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:c3b6856a4d946ec48d8c60d15faf95123268b1b73bc1a01510fc40a04274ec06_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:5ecf105bc936d0c37346e1091af73bca69f9c07e226ccd87290a22ec1d37d1a3_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:6556cb524258d4066898583912e167c311d3f4224e002eda0d78c061addb4aa5_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:7c48e5f5655db34fa346aed3a7a7e8e109c0d4f40c820f109494daf81046d791_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:5e300275660b37e5017b2fd3f614adb2ae96d59e434ea931ce2778aa5f51fd06_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:6158d287db74defd81c382f5f2c3304ee730064bdc9823dee440dbb325b2e5c8_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:c7194cc27e4be27a21369eaf28b7481f0133db221a6f0781ffcb2d9ca947e0db_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:615a46aeac92682b400010a81afcc7b69cb506bee102c69dfd94d43423db1853_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:63db781d5e639ea19a72f2cde5d47dea7fe0afe5206e6ebe476052563eb6a3cd_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:862fed90f9699602ebd5858fc04377d87c3f30c826847f3e0a61d48c49e162f1_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:5f55baba4c52c19c4d28faf0cf5dee64720d6e49c8081ccd38574d7c2960a98b_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b0d41dceb48071c537314247409226329f55cc2bd9b902066ca065f73e017b8f_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:c9cb503a6216553906461e897adbd3410b1cdf1876b56b0d6ce179f6851cfbbc_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:14dc3601abdef2e5334372ab553abb47300ca61245fc50193e48213a82211a45_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4fbb6836a47696dde61e2235666f4d0d8b32ed63772958407c30385b741626da_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:e3a49a1c07604fa64a5970403841ea9cddec05e5d9b558c5681e3ade60ab38ea_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:1c95dcc53d4cc7c694e5a11f7b39b6476d90cf3708358a1cc65f72ec0d38c46c_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:54cc52c368304c72657c43fb82142a7a9a5160cc3a6f244052bfdd5261ea99fd_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:c3b6856a4d946ec48d8c60d15faf95123268b1b73bc1a01510fc40a04274ec06_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:5ecf105bc936d0c37346e1091af73bca69f9c07e226ccd87290a22ec1d37d1a3_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:6556cb524258d4066898583912e167c311d3f4224e002eda0d78c061addb4aa5_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:7c48e5f5655db34fa346aed3a7a7e8e109c0d4f40c820f109494daf81046d791_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:5e300275660b37e5017b2fd3f614adb2ae96d59e434ea931ce2778aa5f51fd06_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:6158d287db74defd81c382f5f2c3304ee730064bdc9823dee440dbb325b2e5c8_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:c7194cc27e4be27a21369eaf28b7481f0133db221a6f0781ffcb2d9ca947e0db_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:615a46aeac92682b400010a81afcc7b69cb506bee102c69dfd94d43423db1853_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:63db781d5e639ea19a72f2cde5d47dea7fe0afe5206e6ebe476052563eb6a3cd_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:862fed90f9699602ebd5858fc04377d87c3f30c826847f3e0a61d48c49e162f1_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:5f55baba4c52c19c4d28faf0cf5dee64720d6e49c8081ccd38574d7c2960a98b_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b0d41dceb48071c537314247409226329f55cc2bd9b902066ca065f73e017b8f_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:c9cb503a6216553906461e897adbd3410b1cdf1876b56b0d6ce179f6851cfbbc_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:14dc3601abdef2e5334372ab553abb47300ca61245fc50193e48213a82211a45_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4fbb6836a47696dde61e2235666f4d0d8b32ed63772958407c30385b741626da_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:e3a49a1c07604fa64a5970403841ea9cddec05e5d9b558c5681e3ade60ab38ea_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Bartek Nowotarski"
          ],
          "organization": "nowotarski.info"
        }
      ],
      "cve": "CVE-2023-45288",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2024-03-06T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2268273"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was discovered with the implementation of the HTTP/2 protocol in the Go programming language. There were insufficient limitations on the amount of CONTINUATION frames sent within a single stream. An attacker could potentially exploit this to cause a Denial of Service (DoS) attack.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat rates the security impact of this vulnerability as Important due to the worst case scenario resulting in a denial of service. It is simple to exploit, could significantly impact availability, and there is not a suitable mitigation for all use cases. Once an attack has ended, the system should return to normal operations on its own.\n\nThis vulnerability only impacts servers which have HTTP/2 enabled. It stems from an imperfect definition of the protocol. As the Go programming language is widely utilized across nearly every major Red Hat offering, a full listing of impacted packages will not be provided. Therefore, the \u201cAffected Packages and Issued Red Hat Security Errata\u201d section contains a simplified list of what offerings need to remediate this vulnerability. Every impacted offering has at least one representative component listed, but potentially not all of them. Rest assured that Red Hat is committed to remediating this vulnerability across our entire portfolio.\n\nMany components are rated as Low impact due to configurations which reduce the attack surface or  significantly increase the difficulty of exploitation. A summary of these scenarios are:\n* The container includes a package that provides a vulnerable webserver, but it is not used or running during operation\n* HTTP/2 is disabled by default and is not supported\n* Only a client implementation is provided, which is not vulnerable\n* A vulnerable module (either golang.org/net/http or golang.org/x/net/http2) is included, but disabled\n* Access to a vulnerable server is restricted within the container (loopback only connections)\n* Golang is available in the container but is not used\n\n\nWithin the Red Hat OpenShift Container Platform, the majority of vulnerable components are not externally accessible. This means an attacker must already have access to a container within your environment to exploit this vulnerability. However, the ose-hyperkube (openshift-enterprise-hyperkube) container is externally accessible, so there are less barriers to exploitation. Fixes for this specific container are already available.\n\nWithin Red Hat Ansible Automation Platform, the impacted component is Receptor. The impact has been reduced to Low as the vulnerable code is present, but not utilized. There are three potential exposures within this component:\n* Receptor utilizes QUIC a UDP based protocol which does not run over HTTP/2\n* Receptor utilizes the x/net/ipv4 and ipv6 packages, both of which are not affected",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:1c95dcc53d4cc7c694e5a11f7b39b6476d90cf3708358a1cc65f72ec0d38c46c_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:54cc52c368304c72657c43fb82142a7a9a5160cc3a6f244052bfdd5261ea99fd_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:c3b6856a4d946ec48d8c60d15faf95123268b1b73bc1a01510fc40a04274ec06_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:5ecf105bc936d0c37346e1091af73bca69f9c07e226ccd87290a22ec1d37d1a3_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:6556cb524258d4066898583912e167c311d3f4224e002eda0d78c061addb4aa5_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:7c48e5f5655db34fa346aed3a7a7e8e109c0d4f40c820f109494daf81046d791_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:5e300275660b37e5017b2fd3f614adb2ae96d59e434ea931ce2778aa5f51fd06_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:6158d287db74defd81c382f5f2c3304ee730064bdc9823dee440dbb325b2e5c8_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:c7194cc27e4be27a21369eaf28b7481f0133db221a6f0781ffcb2d9ca947e0db_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:615a46aeac92682b400010a81afcc7b69cb506bee102c69dfd94d43423db1853_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:63db781d5e639ea19a72f2cde5d47dea7fe0afe5206e6ebe476052563eb6a3cd_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:862fed90f9699602ebd5858fc04377d87c3f30c826847f3e0a61d48c49e162f1_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:5f55baba4c52c19c4d28faf0cf5dee64720d6e49c8081ccd38574d7c2960a98b_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b0d41dceb48071c537314247409226329f55cc2bd9b902066ca065f73e017b8f_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:c9cb503a6216553906461e897adbd3410b1cdf1876b56b0d6ce179f6851cfbbc_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:14dc3601abdef2e5334372ab553abb47300ca61245fc50193e48213a82211a45_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4fbb6836a47696dde61e2235666f4d0d8b32ed63772958407c30385b741626da_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:e3a49a1c07604fa64a5970403841ea9cddec05e5d9b558c5681e3ade60ab38ea_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-45288"
        },
        {
          "category": "external",
          "summary": "RHBZ#2268273",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268273"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-45288",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-45288",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45288"
        },
        {
          "category": "external",
          "summary": "https://nowotarski.info/http2-continuation-flood/",
          "url": "https://nowotarski.info/http2-continuation-flood/"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2024-2687",
          "url": "https://pkg.go.dev/vuln/GO-2024-2687"
        },
        {
          "category": "external",
          "summary": "https://www.kb.cert.org/vuls/id/421644",
          "url": "https://www.kb.cert.org/vuls/id/421644"
        }
      ],
      "release_date": "2024-04-03T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-04-28T05:29:21+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2789521\n\nFor supported configurations, refer to:\n\nhttps://access.redhat.com/articles/1548993",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:1c95dcc53d4cc7c694e5a11f7b39b6476d90cf3708358a1cc65f72ec0d38c46c_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:54cc52c368304c72657c43fb82142a7a9a5160cc3a6f244052bfdd5261ea99fd_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:c3b6856a4d946ec48d8c60d15faf95123268b1b73bc1a01510fc40a04274ec06_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:5ecf105bc936d0c37346e1091af73bca69f9c07e226ccd87290a22ec1d37d1a3_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:6556cb524258d4066898583912e167c311d3f4224e002eda0d78c061addb4aa5_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:7c48e5f5655db34fa346aed3a7a7e8e109c0d4f40c820f109494daf81046d791_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:5e300275660b37e5017b2fd3f614adb2ae96d59e434ea931ce2778aa5f51fd06_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:6158d287db74defd81c382f5f2c3304ee730064bdc9823dee440dbb325b2e5c8_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:c7194cc27e4be27a21369eaf28b7481f0133db221a6f0781ffcb2d9ca947e0db_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:615a46aeac92682b400010a81afcc7b69cb506bee102c69dfd94d43423db1853_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:63db781d5e639ea19a72f2cde5d47dea7fe0afe5206e6ebe476052563eb6a3cd_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:862fed90f9699602ebd5858fc04377d87c3f30c826847f3e0a61d48c49e162f1_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:5f55baba4c52c19c4d28faf0cf5dee64720d6e49c8081ccd38574d7c2960a98b_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b0d41dceb48071c537314247409226329f55cc2bd9b902066ca065f73e017b8f_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:c9cb503a6216553906461e897adbd3410b1cdf1876b56b0d6ce179f6851cfbbc_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:14dc3601abdef2e5334372ab553abb47300ca61245fc50193e48213a82211a45_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4fbb6836a47696dde61e2235666f4d0d8b32ed63772958407c30385b741626da_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:e3a49a1c07604fa64a5970403841ea9cddec05e5d9b558c5681e3ade60ab38ea_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:4240"
        },
        {
          "category": "workaround",
          "details": "In some environments where http/2 support is not required, it may be possible to disable this feature to reduce risk.",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:1c95dcc53d4cc7c694e5a11f7b39b6476d90cf3708358a1cc65f72ec0d38c46c_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:54cc52c368304c72657c43fb82142a7a9a5160cc3a6f244052bfdd5261ea99fd_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:c3b6856a4d946ec48d8c60d15faf95123268b1b73bc1a01510fc40a04274ec06_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:5ecf105bc936d0c37346e1091af73bca69f9c07e226ccd87290a22ec1d37d1a3_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:6556cb524258d4066898583912e167c311d3f4224e002eda0d78c061addb4aa5_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:7c48e5f5655db34fa346aed3a7a7e8e109c0d4f40c820f109494daf81046d791_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:5e300275660b37e5017b2fd3f614adb2ae96d59e434ea931ce2778aa5f51fd06_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:6158d287db74defd81c382f5f2c3304ee730064bdc9823dee440dbb325b2e5c8_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:c7194cc27e4be27a21369eaf28b7481f0133db221a6f0781ffcb2d9ca947e0db_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:615a46aeac92682b400010a81afcc7b69cb506bee102c69dfd94d43423db1853_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:63db781d5e639ea19a72f2cde5d47dea7fe0afe5206e6ebe476052563eb6a3cd_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:862fed90f9699602ebd5858fc04377d87c3f30c826847f3e0a61d48c49e162f1_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:5f55baba4c52c19c4d28faf0cf5dee64720d6e49c8081ccd38574d7c2960a98b_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b0d41dceb48071c537314247409226329f55cc2bd9b902066ca065f73e017b8f_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:c9cb503a6216553906461e897adbd3410b1cdf1876b56b0d6ce179f6851cfbbc_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:14dc3601abdef2e5334372ab553abb47300ca61245fc50193e48213a82211a45_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4fbb6836a47696dde61e2235666f4d0d8b32ed63772958407c30385b741626da_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:e3a49a1c07604fa64a5970403841ea9cddec05e5d9b558c5681e3ade60ab38ea_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:1c95dcc53d4cc7c694e5a11f7b39b6476d90cf3708358a1cc65f72ec0d38c46c_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:54cc52c368304c72657c43fb82142a7a9a5160cc3a6f244052bfdd5261ea99fd_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:c3b6856a4d946ec48d8c60d15faf95123268b1b73bc1a01510fc40a04274ec06_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:5ecf105bc936d0c37346e1091af73bca69f9c07e226ccd87290a22ec1d37d1a3_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:6556cb524258d4066898583912e167c311d3f4224e002eda0d78c061addb4aa5_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:7c48e5f5655db34fa346aed3a7a7e8e109c0d4f40c820f109494daf81046d791_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:5e300275660b37e5017b2fd3f614adb2ae96d59e434ea931ce2778aa5f51fd06_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:6158d287db74defd81c382f5f2c3304ee730064bdc9823dee440dbb325b2e5c8_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:c7194cc27e4be27a21369eaf28b7481f0133db221a6f0781ffcb2d9ca947e0db_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:615a46aeac92682b400010a81afcc7b69cb506bee102c69dfd94d43423db1853_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:63db781d5e639ea19a72f2cde5d47dea7fe0afe5206e6ebe476052563eb6a3cd_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:862fed90f9699602ebd5858fc04377d87c3f30c826847f3e0a61d48c49e162f1_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:5f55baba4c52c19c4d28faf0cf5dee64720d6e49c8081ccd38574d7c2960a98b_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b0d41dceb48071c537314247409226329f55cc2bd9b902066ca065f73e017b8f_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:c9cb503a6216553906461e897adbd3410b1cdf1876b56b0d6ce179f6851cfbbc_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:14dc3601abdef2e5334372ab553abb47300ca61245fc50193e48213a82211a45_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4fbb6836a47696dde61e2235666f4d0d8b32ed63772958407c30385b741626da_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:e3a49a1c07604fa64a5970403841ea9cddec05e5d9b558c5681e3ade60ab38ea_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS"
    },
    {
      "cve": "CVE-2024-24789",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2024-06-17T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2292668"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Golang. The ZIP implementation of the Go language archive/zip library behaves differently than the rest of the ZIP file format implementations. When handling ZIP files with a corrupted central directory record, the library skips over the invalid record and processes the next valid one. This flaw allows a malicious user to access hidden information or files inside maliciously crafted ZIP files.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: archive/zip: Incorrect handling of certain ZIP files",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:1c95dcc53d4cc7c694e5a11f7b39b6476d90cf3708358a1cc65f72ec0d38c46c_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:54cc52c368304c72657c43fb82142a7a9a5160cc3a6f244052bfdd5261ea99fd_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:c3b6856a4d946ec48d8c60d15faf95123268b1b73bc1a01510fc40a04274ec06_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:5ecf105bc936d0c37346e1091af73bca69f9c07e226ccd87290a22ec1d37d1a3_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:6556cb524258d4066898583912e167c311d3f4224e002eda0d78c061addb4aa5_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:7c48e5f5655db34fa346aed3a7a7e8e109c0d4f40c820f109494daf81046d791_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:5e300275660b37e5017b2fd3f614adb2ae96d59e434ea931ce2778aa5f51fd06_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:6158d287db74defd81c382f5f2c3304ee730064bdc9823dee440dbb325b2e5c8_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:c7194cc27e4be27a21369eaf28b7481f0133db221a6f0781ffcb2d9ca947e0db_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:615a46aeac92682b400010a81afcc7b69cb506bee102c69dfd94d43423db1853_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:63db781d5e639ea19a72f2cde5d47dea7fe0afe5206e6ebe476052563eb6a3cd_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:862fed90f9699602ebd5858fc04377d87c3f30c826847f3e0a61d48c49e162f1_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:5f55baba4c52c19c4d28faf0cf5dee64720d6e49c8081ccd38574d7c2960a98b_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b0d41dceb48071c537314247409226329f55cc2bd9b902066ca065f73e017b8f_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:c9cb503a6216553906461e897adbd3410b1cdf1876b56b0d6ce179f6851cfbbc_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:14dc3601abdef2e5334372ab553abb47300ca61245fc50193e48213a82211a45_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4fbb6836a47696dde61e2235666f4d0d8b32ed63772958407c30385b741626da_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:e3a49a1c07604fa64a5970403841ea9cddec05e5d9b558c5681e3ade60ab38ea_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-24789"
        },
        {
          "category": "external",
          "summary": "RHBZ#2292668",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292668"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-24789",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-24789"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24789",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24789"
        }
      ],
      "release_date": "2024-06-04T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-04-28T05:29:21+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2789521\n\nFor supported configurations, refer to:\n\nhttps://access.redhat.com/articles/1548993",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:1c95dcc53d4cc7c694e5a11f7b39b6476d90cf3708358a1cc65f72ec0d38c46c_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:54cc52c368304c72657c43fb82142a7a9a5160cc3a6f244052bfdd5261ea99fd_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:c3b6856a4d946ec48d8c60d15faf95123268b1b73bc1a01510fc40a04274ec06_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:5ecf105bc936d0c37346e1091af73bca69f9c07e226ccd87290a22ec1d37d1a3_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:6556cb524258d4066898583912e167c311d3f4224e002eda0d78c061addb4aa5_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:7c48e5f5655db34fa346aed3a7a7e8e109c0d4f40c820f109494daf81046d791_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:5e300275660b37e5017b2fd3f614adb2ae96d59e434ea931ce2778aa5f51fd06_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:6158d287db74defd81c382f5f2c3304ee730064bdc9823dee440dbb325b2e5c8_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:c7194cc27e4be27a21369eaf28b7481f0133db221a6f0781ffcb2d9ca947e0db_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:615a46aeac92682b400010a81afcc7b69cb506bee102c69dfd94d43423db1853_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:63db781d5e639ea19a72f2cde5d47dea7fe0afe5206e6ebe476052563eb6a3cd_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:862fed90f9699602ebd5858fc04377d87c3f30c826847f3e0a61d48c49e162f1_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:5f55baba4c52c19c4d28faf0cf5dee64720d6e49c8081ccd38574d7c2960a98b_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b0d41dceb48071c537314247409226329f55cc2bd9b902066ca065f73e017b8f_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:c9cb503a6216553906461e897adbd3410b1cdf1876b56b0d6ce179f6851cfbbc_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:14dc3601abdef2e5334372ab553abb47300ca61245fc50193e48213a82211a45_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4fbb6836a47696dde61e2235666f4d0d8b32ed63772958407c30385b741626da_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:e3a49a1c07604fa64a5970403841ea9cddec05e5d9b558c5681e3ade60ab38ea_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:4240"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:1c95dcc53d4cc7c694e5a11f7b39b6476d90cf3708358a1cc65f72ec0d38c46c_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:54cc52c368304c72657c43fb82142a7a9a5160cc3a6f244052bfdd5261ea99fd_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:c3b6856a4d946ec48d8c60d15faf95123268b1b73bc1a01510fc40a04274ec06_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:5ecf105bc936d0c37346e1091af73bca69f9c07e226ccd87290a22ec1d37d1a3_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:6556cb524258d4066898583912e167c311d3f4224e002eda0d78c061addb4aa5_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:7c48e5f5655db34fa346aed3a7a7e8e109c0d4f40c820f109494daf81046d791_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:5e300275660b37e5017b2fd3f614adb2ae96d59e434ea931ce2778aa5f51fd06_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:6158d287db74defd81c382f5f2c3304ee730064bdc9823dee440dbb325b2e5c8_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:c7194cc27e4be27a21369eaf28b7481f0133db221a6f0781ffcb2d9ca947e0db_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:615a46aeac92682b400010a81afcc7b69cb506bee102c69dfd94d43423db1853_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:63db781d5e639ea19a72f2cde5d47dea7fe0afe5206e6ebe476052563eb6a3cd_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:862fed90f9699602ebd5858fc04377d87c3f30c826847f3e0a61d48c49e162f1_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:5f55baba4c52c19c4d28faf0cf5dee64720d6e49c8081ccd38574d7c2960a98b_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b0d41dceb48071c537314247409226329f55cc2bd9b902066ca065f73e017b8f_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:c9cb503a6216553906461e897adbd3410b1cdf1876b56b0d6ce179f6851cfbbc_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:14dc3601abdef2e5334372ab553abb47300ca61245fc50193e48213a82211a45_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4fbb6836a47696dde61e2235666f4d0d8b32ed63772958407c30385b741626da_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:e3a49a1c07604fa64a5970403841ea9cddec05e5d9b558c5681e3ade60ab38ea_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: archive/zip: Incorrect handling of certain ZIP files"
    },
    {
      "cve": "CVE-2024-24790",
      "cwe": {
        "id": "CWE-115",
        "name": "Misinterpretation of Input"
      },
      "discovery_date": "2024-06-17T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2292787"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the Go language standard library net/netip. The method Is*() (IsPrivate(), IsPublic(), etc) doesn\u0027t behave properly when working with IPv6 mapped to IPv4 addresses. The unexpected behavior can lead to integrity and confidentiality issues, specifically when these methods are used to control access to resources or data.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This CVE has been marked as moderate as for our products a network-based attack vector is simply impossible when it comes to golang code,apart from that as per CVE flaw analysis reported by golang, this only affects integrity and confidentiality and has no effect on availability, hence CVSS has been marked as such.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:1c95dcc53d4cc7c694e5a11f7b39b6476d90cf3708358a1cc65f72ec0d38c46c_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:54cc52c368304c72657c43fb82142a7a9a5160cc3a6f244052bfdd5261ea99fd_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:c3b6856a4d946ec48d8c60d15faf95123268b1b73bc1a01510fc40a04274ec06_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:5ecf105bc936d0c37346e1091af73bca69f9c07e226ccd87290a22ec1d37d1a3_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:6556cb524258d4066898583912e167c311d3f4224e002eda0d78c061addb4aa5_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:7c48e5f5655db34fa346aed3a7a7e8e109c0d4f40c820f109494daf81046d791_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:5e300275660b37e5017b2fd3f614adb2ae96d59e434ea931ce2778aa5f51fd06_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:6158d287db74defd81c382f5f2c3304ee730064bdc9823dee440dbb325b2e5c8_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:c7194cc27e4be27a21369eaf28b7481f0133db221a6f0781ffcb2d9ca947e0db_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:615a46aeac92682b400010a81afcc7b69cb506bee102c69dfd94d43423db1853_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:63db781d5e639ea19a72f2cde5d47dea7fe0afe5206e6ebe476052563eb6a3cd_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:862fed90f9699602ebd5858fc04377d87c3f30c826847f3e0a61d48c49e162f1_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:5f55baba4c52c19c4d28faf0cf5dee64720d6e49c8081ccd38574d7c2960a98b_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b0d41dceb48071c537314247409226329f55cc2bd9b902066ca065f73e017b8f_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:c9cb503a6216553906461e897adbd3410b1cdf1876b56b0d6ce179f6851cfbbc_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:14dc3601abdef2e5334372ab553abb47300ca61245fc50193e48213a82211a45_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4fbb6836a47696dde61e2235666f4d0d8b32ed63772958407c30385b741626da_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:e3a49a1c07604fa64a5970403841ea9cddec05e5d9b558c5681e3ade60ab38ea_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-24790"
        },
        {
          "category": "external",
          "summary": "RHBZ#2292787",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292787"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-24790",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-24790"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24790",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24790"
        }
      ],
      "release_date": "2024-06-04T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-04-28T05:29:21+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2789521\n\nFor supported configurations, refer to:\n\nhttps://access.redhat.com/articles/1548993",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:1c95dcc53d4cc7c694e5a11f7b39b6476d90cf3708358a1cc65f72ec0d38c46c_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:54cc52c368304c72657c43fb82142a7a9a5160cc3a6f244052bfdd5261ea99fd_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:c3b6856a4d946ec48d8c60d15faf95123268b1b73bc1a01510fc40a04274ec06_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:5ecf105bc936d0c37346e1091af73bca69f9c07e226ccd87290a22ec1d37d1a3_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:6556cb524258d4066898583912e167c311d3f4224e002eda0d78c061addb4aa5_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:7c48e5f5655db34fa346aed3a7a7e8e109c0d4f40c820f109494daf81046d791_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:5e300275660b37e5017b2fd3f614adb2ae96d59e434ea931ce2778aa5f51fd06_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:6158d287db74defd81c382f5f2c3304ee730064bdc9823dee440dbb325b2e5c8_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:c7194cc27e4be27a21369eaf28b7481f0133db221a6f0781ffcb2d9ca947e0db_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:615a46aeac92682b400010a81afcc7b69cb506bee102c69dfd94d43423db1853_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:63db781d5e639ea19a72f2cde5d47dea7fe0afe5206e6ebe476052563eb6a3cd_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:862fed90f9699602ebd5858fc04377d87c3f30c826847f3e0a61d48c49e162f1_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:5f55baba4c52c19c4d28faf0cf5dee64720d6e49c8081ccd38574d7c2960a98b_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b0d41dceb48071c537314247409226329f55cc2bd9b902066ca065f73e017b8f_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:c9cb503a6216553906461e897adbd3410b1cdf1876b56b0d6ce179f6851cfbbc_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:14dc3601abdef2e5334372ab553abb47300ca61245fc50193e48213a82211a45_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4fbb6836a47696dde61e2235666f4d0d8b32ed63772958407c30385b741626da_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:e3a49a1c07604fa64a5970403841ea9cddec05e5d9b558c5681e3ade60ab38ea_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:4240"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:1c95dcc53d4cc7c694e5a11f7b39b6476d90cf3708358a1cc65f72ec0d38c46c_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:54cc52c368304c72657c43fb82142a7a9a5160cc3a6f244052bfdd5261ea99fd_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:c3b6856a4d946ec48d8c60d15faf95123268b1b73bc1a01510fc40a04274ec06_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:5ecf105bc936d0c37346e1091af73bca69f9c07e226ccd87290a22ec1d37d1a3_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:6556cb524258d4066898583912e167c311d3f4224e002eda0d78c061addb4aa5_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:7c48e5f5655db34fa346aed3a7a7e8e109c0d4f40c820f109494daf81046d791_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:5e300275660b37e5017b2fd3f614adb2ae96d59e434ea931ce2778aa5f51fd06_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:6158d287db74defd81c382f5f2c3304ee730064bdc9823dee440dbb325b2e5c8_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:c7194cc27e4be27a21369eaf28b7481f0133db221a6f0781ffcb2d9ca947e0db_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:615a46aeac92682b400010a81afcc7b69cb506bee102c69dfd94d43423db1853_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:63db781d5e639ea19a72f2cde5d47dea7fe0afe5206e6ebe476052563eb6a3cd_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:862fed90f9699602ebd5858fc04377d87c3f30c826847f3e0a61d48c49e162f1_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:5f55baba4c52c19c4d28faf0cf5dee64720d6e49c8081ccd38574d7c2960a98b_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b0d41dceb48071c537314247409226329f55cc2bd9b902066ca065f73e017b8f_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:c9cb503a6216553906461e897adbd3410b1cdf1876b56b0d6ce179f6851cfbbc_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:14dc3601abdef2e5334372ab553abb47300ca61245fc50193e48213a82211a45_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4fbb6836a47696dde61e2235666f4d0d8b32ed63772958407c30385b741626da_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:e3a49a1c07604fa64a5970403841ea9cddec05e5d9b558c5681e3ade60ab38ea_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:1c95dcc53d4cc7c694e5a11f7b39b6476d90cf3708358a1cc65f72ec0d38c46c_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:54cc52c368304c72657c43fb82142a7a9a5160cc3a6f244052bfdd5261ea99fd_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:c3b6856a4d946ec48d8c60d15faf95123268b1b73bc1a01510fc40a04274ec06_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:5ecf105bc936d0c37346e1091af73bca69f9c07e226ccd87290a22ec1d37d1a3_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:6556cb524258d4066898583912e167c311d3f4224e002eda0d78c061addb4aa5_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:7c48e5f5655db34fa346aed3a7a7e8e109c0d4f40c820f109494daf81046d791_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:5e300275660b37e5017b2fd3f614adb2ae96d59e434ea931ce2778aa5f51fd06_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:6158d287db74defd81c382f5f2c3304ee730064bdc9823dee440dbb325b2e5c8_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:c7194cc27e4be27a21369eaf28b7481f0133db221a6f0781ffcb2d9ca947e0db_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:615a46aeac92682b400010a81afcc7b69cb506bee102c69dfd94d43423db1853_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:63db781d5e639ea19a72f2cde5d47dea7fe0afe5206e6ebe476052563eb6a3cd_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:862fed90f9699602ebd5858fc04377d87c3f30c826847f3e0a61d48c49e162f1_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:5f55baba4c52c19c4d28faf0cf5dee64720d6e49c8081ccd38574d7c2960a98b_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b0d41dceb48071c537314247409226329f55cc2bd9b902066ca065f73e017b8f_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:c9cb503a6216553906461e897adbd3410b1cdf1876b56b0d6ce179f6851cfbbc_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:14dc3601abdef2e5334372ab553abb47300ca61245fc50193e48213a82211a45_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4fbb6836a47696dde61e2235666f4d0d8b32ed63772958407c30385b741626da_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:e3a49a1c07604fa64a5970403841ea9cddec05e5d9b558c5681e3ade60ab38ea_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses"
    },
    {
      "cve": "CVE-2024-34156",
      "cwe": {
        "id": "CWE-674",
        "name": "Uncontrolled Recursion"
      },
      "discovery_date": "2024-09-06T21:20:09.377905+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2310528"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability in Go\u0027s `encoding/gob` package is of high severity because it exposes applications to potential Denial of Service (DoS) attacks through stack exhaustion. Since `gob` relies on recursive function calls to decode nested structures, an attacker could exploit this by sending crafted messages with excessively deep nesting, causing the application to panic due to stack overflow. This risk is particularly important in scenarios where untrusted or external input is processed, as it can lead to system unavailability or crashes, undermining the reliability and availability of services.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:1c95dcc53d4cc7c694e5a11f7b39b6476d90cf3708358a1cc65f72ec0d38c46c_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:54cc52c368304c72657c43fb82142a7a9a5160cc3a6f244052bfdd5261ea99fd_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:c3b6856a4d946ec48d8c60d15faf95123268b1b73bc1a01510fc40a04274ec06_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:5ecf105bc936d0c37346e1091af73bca69f9c07e226ccd87290a22ec1d37d1a3_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:6556cb524258d4066898583912e167c311d3f4224e002eda0d78c061addb4aa5_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:7c48e5f5655db34fa346aed3a7a7e8e109c0d4f40c820f109494daf81046d791_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:5e300275660b37e5017b2fd3f614adb2ae96d59e434ea931ce2778aa5f51fd06_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:6158d287db74defd81c382f5f2c3304ee730064bdc9823dee440dbb325b2e5c8_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:c7194cc27e4be27a21369eaf28b7481f0133db221a6f0781ffcb2d9ca947e0db_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:615a46aeac92682b400010a81afcc7b69cb506bee102c69dfd94d43423db1853_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:63db781d5e639ea19a72f2cde5d47dea7fe0afe5206e6ebe476052563eb6a3cd_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:862fed90f9699602ebd5858fc04377d87c3f30c826847f3e0a61d48c49e162f1_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:5f55baba4c52c19c4d28faf0cf5dee64720d6e49c8081ccd38574d7c2960a98b_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b0d41dceb48071c537314247409226329f55cc2bd9b902066ca065f73e017b8f_s390x",
          "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:c9cb503a6216553906461e897adbd3410b1cdf1876b56b0d6ce179f6851cfbbc_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:14dc3601abdef2e5334372ab553abb47300ca61245fc50193e48213a82211a45_amd64",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4fbb6836a47696dde61e2235666f4d0d8b32ed63772958407c30385b741626da_ppc64le",
          "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:e3a49a1c07604fa64a5970403841ea9cddec05e5d9b558c5681e3ade60ab38ea_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-34156"
        },
        {
          "category": "external",
          "summary": "RHBZ#2310528",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310528"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-34156",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-34156",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34156"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/611239",
          "url": "https://go.dev/cl/611239"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/69139",
          "url": "https://go.dev/issue/69139"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk",
          "url": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2024-3106",
          "url": "https://pkg.go.dev/vuln/GO-2024-3106"
        }
      ],
      "release_date": "2024-09-06T21:15:12.020000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-04-28T05:29:21+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2789521\n\nFor supported configurations, refer to:\n\nhttps://access.redhat.com/articles/1548993",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:1c95dcc53d4cc7c694e5a11f7b39b6476d90cf3708358a1cc65f72ec0d38c46c_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:54cc52c368304c72657c43fb82142a7a9a5160cc3a6f244052bfdd5261ea99fd_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:c3b6856a4d946ec48d8c60d15faf95123268b1b73bc1a01510fc40a04274ec06_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:5ecf105bc936d0c37346e1091af73bca69f9c07e226ccd87290a22ec1d37d1a3_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:6556cb524258d4066898583912e167c311d3f4224e002eda0d78c061addb4aa5_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:7c48e5f5655db34fa346aed3a7a7e8e109c0d4f40c820f109494daf81046d791_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:5e300275660b37e5017b2fd3f614adb2ae96d59e434ea931ce2778aa5f51fd06_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:6158d287db74defd81c382f5f2c3304ee730064bdc9823dee440dbb325b2e5c8_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:c7194cc27e4be27a21369eaf28b7481f0133db221a6f0781ffcb2d9ca947e0db_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:615a46aeac92682b400010a81afcc7b69cb506bee102c69dfd94d43423db1853_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:63db781d5e639ea19a72f2cde5d47dea7fe0afe5206e6ebe476052563eb6a3cd_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:862fed90f9699602ebd5858fc04377d87c3f30c826847f3e0a61d48c49e162f1_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:5f55baba4c52c19c4d28faf0cf5dee64720d6e49c8081ccd38574d7c2960a98b_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b0d41dceb48071c537314247409226329f55cc2bd9b902066ca065f73e017b8f_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:c9cb503a6216553906461e897adbd3410b1cdf1876b56b0d6ce179f6851cfbbc_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:14dc3601abdef2e5334372ab553abb47300ca61245fc50193e48213a82211a45_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4fbb6836a47696dde61e2235666f4d0d8b32ed63772958407c30385b741626da_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:e3a49a1c07604fa64a5970403841ea9cddec05e5d9b558c5681e3ade60ab38ea_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:4240"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:1c95dcc53d4cc7c694e5a11f7b39b6476d90cf3708358a1cc65f72ec0d38c46c_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:54cc52c368304c72657c43fb82142a7a9a5160cc3a6f244052bfdd5261ea99fd_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:c3b6856a4d946ec48d8c60d15faf95123268b1b73bc1a01510fc40a04274ec06_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:5ecf105bc936d0c37346e1091af73bca69f9c07e226ccd87290a22ec1d37d1a3_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:6556cb524258d4066898583912e167c311d3f4224e002eda0d78c061addb4aa5_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:7c48e5f5655db34fa346aed3a7a7e8e109c0d4f40c820f109494daf81046d791_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:5e300275660b37e5017b2fd3f614adb2ae96d59e434ea931ce2778aa5f51fd06_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:6158d287db74defd81c382f5f2c3304ee730064bdc9823dee440dbb325b2e5c8_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:c7194cc27e4be27a21369eaf28b7481f0133db221a6f0781ffcb2d9ca947e0db_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:615a46aeac92682b400010a81afcc7b69cb506bee102c69dfd94d43423db1853_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:63db781d5e639ea19a72f2cde5d47dea7fe0afe5206e6ebe476052563eb6a3cd_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:862fed90f9699602ebd5858fc04377d87c3f30c826847f3e0a61d48c49e162f1_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:5f55baba4c52c19c4d28faf0cf5dee64720d6e49c8081ccd38574d7c2960a98b_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b0d41dceb48071c537314247409226329f55cc2bd9b902066ca065f73e017b8f_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:c9cb503a6216553906461e897adbd3410b1cdf1876b56b0d6ce179f6851cfbbc_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:14dc3601abdef2e5334372ab553abb47300ca61245fc50193e48213a82211a45_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4fbb6836a47696dde61e2235666f4d0d8b32ed63772958407c30385b741626da_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:e3a49a1c07604fa64a5970403841ea9cddec05e5d9b558c5681e3ade60ab38ea_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:1c95dcc53d4cc7c694e5a11f7b39b6476d90cf3708358a1cc65f72ec0d38c46c_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:54cc52c368304c72657c43fb82142a7a9a5160cc3a6f244052bfdd5261ea99fd_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/keepalived-rhel9@sha256:c3b6856a4d946ec48d8c60d15faf95123268b1b73bc1a01510fc40a04274ec06_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:5ecf105bc936d0c37346e1091af73bca69f9c07e226ccd87290a22ec1d37d1a3_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:6556cb524258d4066898583912e167c311d3f4224e002eda0d78c061addb4aa5_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-dashboard-rhel9@sha256:7c48e5f5655db34fa346aed3a7a7e8e109c0d4f40c820f109494daf81046d791_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:5e300275660b37e5017b2fd3f614adb2ae96d59e434ea931ce2778aa5f51fd06_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:6158d287db74defd81c382f5f2c3304ee730064bdc9823dee440dbb325b2e5c8_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-6-rhel9@sha256:c7194cc27e4be27a21369eaf28b7481f0133db221a6f0781ffcb2d9ca947e0db_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:615a46aeac92682b400010a81afcc7b69cb506bee102c69dfd94d43423db1853_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:63db781d5e639ea19a72f2cde5d47dea7fe0afe5206e6ebe476052563eb6a3cd_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:862fed90f9699602ebd5858fc04377d87c3f30c826847f3e0a61d48c49e162f1_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:5f55baba4c52c19c4d28faf0cf5dee64720d6e49c8081ccd38574d7c2960a98b_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:b0d41dceb48071c537314247409226329f55cc2bd9b902066ca065f73e017b8f_s390x",
            "9Base-RHCEPH-6.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:c9cb503a6216553906461e897adbd3410b1cdf1876b56b0d6ce179f6851cfbbc_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:14dc3601abdef2e5334372ab553abb47300ca61245fc50193e48213a82211a45_amd64",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4fbb6836a47696dde61e2235666f4d0d8b32ed63772958407c30385b741626da_ppc64le",
            "9Base-RHCEPH-6.1-Tools:rhceph/snmp-notifier-rhel9@sha256:e3a49a1c07604fa64a5970403841ea9cddec05e5d9b558c5681e3ade60ab38ea_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion"
    }
  ]
}

RHSA-2025:9776

Vulnerability from csaf_redhat - Published: 2025-06-26 12:12 - Updated: 2026-06-29 08:15

Summary

Red Hat Security Advisory: New RHCS 8.1 container image is now available in the Red Hat Ecosystem Catalog.

Severity

Important

Notes

Topic: A new container image for Red Hat Ceph Storage 8.1 is now available in the Red Hat Ecosystem Catalog.

Details: Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. This new container image is based on Red Hat Ceph Storage 8.1 and Red Hat Enterprise Linux 8.10, 9.5, 9.6. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat Ceph Storage Release Notes for information on the most significant of these changes: https://docs.redhat.com/en/documentation/red_hat_ceph_storage/8/html/8.1_release_notes All users of Red Hat Ceph Storage are advised to pull these new images from the Red Hat Ecosystem catalog, which provides numerous enhancements and bug fixes.

CVE-2022-23491

A flaw was found in python-certifi. Untrusted certificates from TrustCor have been found in the root certificates store.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE-345 - Insufficient Verification of Data Authenticity

Affected products

Fixed 27 products

Product	Version	Remediation
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2023-45290

A flaw was discovered in Go's net/http standard library package. When parsing a multipart form (either explicitly with Request.ParseMultipartForm or implicitly with Request.FormValue, Request.PostFormValue, or Request.FormFile), limits on the total size of the parsed form were not applied to the memory consumed while reading a single form line. This permits a maliciously crafted input containing very long lines to cause allocation of arbitrarily large amounts of memory, potentially leading to memory exhaustion. With fix, the ParseMultipartForm function now correctly limits the maximum size of form lines.

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CWE-20 - Improper Input Validation

Affected products

Fixed 27 products

Product	Version	Remediation
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x	—	Vendor Fix fix Workaround

Threats

Impact Moderate

CVE-2024-6104

A vulnerability was found in go-retryablehttp. The package may suffer from a lack of input sanitization by not cleaning up URL data when writing to the logs. This issue could expose sensitive authentication information.

6.0 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

CWE-532 - Insertion of Sensitive Information into Log File

Affected products

Fixed 27 products

Product	Version	Remediation
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x	—	Vendor Fix fix Workaround

Threats

Impact Moderate

CVE-2024-24783

A flaw was found in Go's crypto/x509 standard library package. Verifying a certificate chain that contains a certificate with an unknown public key algorithm will cause a Certificate.Verify to panic. This issue affects all crypto/tls clients and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert.

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

CWE-295 - Improper Certificate Validation

Affected products

Fixed 27 products

Product	Version	Remediation
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x	—	Vendor Fix fix Workaround

Threats

Impact Moderate

CVE-2024-24784

A flaw was found in Go's net/mail standard library package. The ParseAddressList function incorrectly handles comments (text within parentheses) within display names. Since this is a misalignment with conforming address parsers, it can result in different trust decisions made by programs using different parsers.

5.4 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

CWE-115 - Misinterpretation of Input

Affected products

Fixed 27 products

Product	Version	Remediation
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x	—	Vendor Fix fix Workaround

Threats

Impact Moderate

CVE-2024-24785

A flaw was found in Go's html/template standard library package. If errors returned from MarshalJSON methods contain user-controlled data, they may be used to break the contextual auto-escaping behavior of the html/template package, allowing subsequent actions to inject unexpected content into templates.

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

CWE-74 - Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Affected products

Fixed 27 products

Product	Version	Remediation
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x	—	Vendor Fix fix Workaround

Threats

Impact Moderate

CVE-2024-24786

A flaw was found in Golang's protobuf module, where the unmarshal function can enter an infinite loop when processing certain invalid inputs. This issue occurs during unmarshaling into a message that includes a google.protobuf.Any or when the UnmarshalOptions.DiscardUnknown option is enabled. This flaw allows an attacker to craft malicious input tailored to trigger the identified flaw in the unmarshal function. By providing carefully constructed invalid inputs, they could potentially cause the function to enter an infinite loop, resulting in a denial of service condition or other unintended behaviors in the affected system.

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Affected products

Fixed 27 products

Product	Version	Remediation
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x	—	Vendor Fix fix Workaround

Threats

Impact Moderate

CVE-2024-24788

A flaw was found in the net package of the Go stdlib. When a malformed DNS message is received as a response to a query, the Lookup functions within the net package can get stuck in an infinite loop. This issue can lead to resource exhaustion and denial of service (DoS) conditions.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')

Affected products

Fixed 27 products

Product	Version	Remediation
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x	—	Vendor Fix fix Workaround

Threats

Impact Moderate

CVE-2024-24789

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

CWE-20 - Improper Input Validation

Affected products

Fixed 27 products

Product	Version	Remediation
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64	—	Vendor Fix fix
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x	—	Vendor Fix fix

Threats

Impact Moderate

CVE-2024-24790

6.7 (Medium)


                        
                          CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE-115 - Misinterpretation of Input

Affected products

Fixed 27 products

Product	Version	Remediation
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x	—	Vendor Fix fix Workaround

Threats

Impact Moderate

CVE-2024-24791

A flaw was found in Go. The net/http module mishandles specific server responses from HTTP/1.1 client requests. This issue may render a connection invalid and cause a denial of service.

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-20 - Improper Input Validation

Affected products

Fixed 27 products

Product	Version	Remediation
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x	—	Vendor Fix fix Workaround

Threats

Impact Moderate

CVE-2024-34155

A flaw was found in the go/parser package of the Golang standard library. Calling any Parse functions on Go source code containing deeply nested literals can cause a panic due to stack exhaustion.

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-674 - Uncontrolled Recursion

Affected products

Fixed 27 products

Product	Version	Remediation
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x	—	Vendor Fix fix Workaround

Threats

Impact Moderate

CVE-2024-34156

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-674 - Uncontrolled Recursion

Affected products

Fixed 27 products

Product	Version	Remediation
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x	—	Vendor Fix fix Workaround

Threats

Impact Important

References

84 references

URL	Category
https://access.redhat.com/errata/RHSA-2025:9776	self
https://access.redhat.com/security/updates/classi…	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2022-23491	self
https://bugzilla.redhat.com/show_bug.cgi?id=2180089	external
https://www.cve.org/CVERecord?id=CVE-2022-23491	external
https://nvd.nist.gov/vuln/detail/CVE-2022-23491	external
https://github.com/certifi/python-certifi/securit…	external
https://access.redhat.com/security/cve/CVE-2023-45290	self
https://bugzilla.redhat.com/show_bug.cgi?id=2268017	external
https://www.cve.org/CVERecord?id=CVE-2023-45290	external
https://nvd.nist.gov/vuln/detail/CVE-2023-45290	external
http://www.openwall.com/lists/oss-security/2024/03/08/4	external
https://go.dev/cl/569341	external
https://go.dev/issue/65383	external
https://groups.google.com/g/golang-announce/c/5pw…	external
https://pkg.go.dev/vuln/GO-2024-2599	external
https://security.netapp.com/advisory/ntap-20240329-0004	external
https://access.redhat.com/security/cve/CVE-2024-6104	self
https://bugzilla.redhat.com/show_bug.cgi?id=2294000	external
https://www.cve.org/CVERecord?id=CVE-2024-6104	external
https://nvd.nist.gov/vuln/detail/CVE-2024-6104	external
https://access.redhat.com/security/cve/CVE-2024-24783	self
https://bugzilla.redhat.com/show_bug.cgi?id=2268019	external
https://www.cve.org/CVERecord?id=CVE-2024-24783	external
https://nvd.nist.gov/vuln/detail/CVE-2024-24783	external
https://github.com/advisories/GHSA-3q2c-pvp5-3cqp	external
https://go.dev/cl/569339	external
https://go.dev/issue/65390	external
https://pkg.go.dev/vuln/GO-2024-2598	external
https://security.netapp.com/advisory/ntap-20240329-0005	external
https://access.redhat.com/security/cve/CVE-2024-24784	self
https://bugzilla.redhat.com/show_bug.cgi?id=2268021	external
https://www.cve.org/CVERecord?id=CVE-2024-24784	external
https://nvd.nist.gov/vuln/detail/CVE-2024-24784	external
https://access.redhat.com/security/cve/CVE-2024-24785	self
https://bugzilla.redhat.com/show_bug.cgi?id=2268022	external
https://www.cve.org/CVERecord?id=CVE-2024-24785	external
https://nvd.nist.gov/vuln/detail/CVE-2024-24785	external
https://go.dev/cl/564196	external
https://go.dev/issue/65697	external
https://vuln.go.dev/ID/GO-2024-2610.json	external
https://access.redhat.com/security/cve/CVE-2024-24786	self
https://bugzilla.redhat.com/show_bug.cgi?id=2268046	external
https://www.cve.org/CVERecord?id=CVE-2024-24786	external
https://nvd.nist.gov/vuln/detail/CVE-2024-24786	external
https://go.dev/cl/569356	external
https://groups.google.com/g/golang-announce/c/ArQ…	external
https://pkg.go.dev/vuln/GO-2024-2611	external
https://access.redhat.com/security/cve/CVE-2024-24788	self
https://bugzilla.redhat.com/show_bug.cgi?id=2279814	external
https://www.cve.org/CVERecord?id=CVE-2024-24788	external
https://nvd.nist.gov/vuln/detail/CVE-2024-24788	external
https://pkg.go.dev/vuln/GO-2024-2824	external
https://access.redhat.com/security/cve/CVE-2024-24789	self
https://bugzilla.redhat.com/show_bug.cgi?id=2292668	external
https://www.cve.org/CVERecord?id=CVE-2024-24789	external
https://nvd.nist.gov/vuln/detail/CVE-2024-24789	external
https://access.redhat.com/security/cve/CVE-2024-24790	self
https://bugzilla.redhat.com/show_bug.cgi?id=2292787	external
https://www.cve.org/CVERecord?id=CVE-2024-24790	external
https://nvd.nist.gov/vuln/detail/CVE-2024-24790	external
https://access.redhat.com/security/cve/CVE-2024-24791	self
https://bugzilla.redhat.com/show_bug.cgi?id=2295310	external
https://www.cve.org/CVERecord?id=CVE-2024-24791	external
https://nvd.nist.gov/vuln/detail/CVE-2024-24791	external
https://go.dev/cl/591255	external
https://go.dev/issue/67555	external
https://groups.google.com/g/golang-dev/c/t0rK-qHB…	external
https://access.redhat.com/security/cve/CVE-2024-34155	self
https://bugzilla.redhat.com/show_bug.cgi?id=2310527	external
https://www.cve.org/CVERecord?id=CVE-2024-34155	external
https://nvd.nist.gov/vuln/detail/CVE-2024-34155	external
https://go.dev/cl/611238	external
https://go.dev/issue/69138	external
https://groups.google.com/g/golang-dev/c/S9POB9NCTdk	external
https://pkg.go.dev/vuln/GO-2024-3105	external
https://access.redhat.com/security/cve/CVE-2024-34156	self
https://bugzilla.redhat.com/show_bug.cgi?id=2310528	external
https://www.cve.org/CVERecord?id=CVE-2024-34156	external
https://nvd.nist.gov/vuln/detail/CVE-2024-34156	external
https://go.dev/cl/611239	external
https://go.dev/issue/69139	external
https://pkg.go.dev/vuln/GO-2024-3106	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "A new container image for Red Hat Ceph Storage 8.1 is now available in the Red Hat Ecosystem Catalog.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. \n \nThis new container image is based on Red Hat Ceph Storage 8.1 and Red Hat Enterprise Linux 8.10, 9.5, 9.6. \n \nSpace precludes documenting all of these changes in this advisory. Users are directed to the Red Hat Ceph Storage Release Notes for information on the most significant of these changes:\n\nhttps://docs.redhat.com/en/documentation/red_hat_ceph_storage/8/html/8.1_release_notes\n\nAll users of Red Hat Ceph Storage are advised to pull these new images from the Red Hat Ecosystem catalog, which provides numerous enhancements and bug fixes.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2025:9776",
        "url": "https://access.redhat.com/errata/RHSA-2025:9776"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_9776.json"
      }
    ],
    "title": "Red Hat Security Advisory: New RHCS 8.1 container image is now available in the Red Hat Ecosystem Catalog.",
    "tracking": {
      "current_release_date": "2026-06-29T08:15:36+00:00",
      "generator": {
        "date": "2026-06-29T08:15:36+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "5.2.6"
        }
      },
      "id": "RHSA-2025:9776",
      "initial_release_date": "2025-06-26T12:12:44+00:00",
      "revision_history": [
        {
          "date": "2025-06-26T12:12:44+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2025-06-26T12:12:44+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-06-29T08:15:36+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Ceph Storage 8.1 Tools",
                "product": {
                  "name": "Red Hat Ceph Storage 8.1 Tools",
                  "product_id": "9Base-RHCEPH-8.1-Tools",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:ceph_storage:8.1::el9"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Ceph Storage"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
                "product": {
                  "name": "rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
                  "product_id": "rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph/grafana-rhel9\u0026tag=11.5.2-6"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
                "product": {
                  "name": "rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
                  "product_id": "rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph/keepalived-rhel9\u0026tag=2.2.8-65"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
                "product": {
                  "name": "rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
                  "product_id": "rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph/oauth2-proxy-rhel9\u0026tag=v7.6.0-27"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
                "product": {
                  "name": "rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
                  "product_id": "rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph/rhceph-promtail-rhel9\u0026tag=v3.0.0-34"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
                "product": {
                  "name": "rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
                  "product_id": "rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph/rhceph-8-rhel9\u0026tag=8-492"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
                "product": {
                  "name": "rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
                  "product_id": "rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph/rhceph-haproxy-rhel9\u0026tag=2.4.22-67"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
                "product": {
                  "name": "rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
                  "product_id": "rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:oci/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph/snmp-notifier-rhel9\u0026tag=1.2.1-115"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
                "product": {
                  "name": "rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
                  "product_id": "rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07?arch=amd64\u0026repository_url=registry.redhat.io/rhceph/grafana-rhel9\u0026tag=11.5.2-6"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
                "product": {
                  "name": "rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
                  "product_id": "rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a?arch=amd64\u0026repository_url=registry.redhat.io/rhceph/keepalived-rhel9\u0026tag=2.2.8-65"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
                "product": {
                  "name": "rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
                  "product_id": "rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671?arch=amd64\u0026repository_url=registry.redhat.io/rhceph/oauth2-proxy-rhel9\u0026tag=v7.6.0-27"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
                "product": {
                  "name": "rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
                  "product_id": "rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9?arch=amd64\u0026repository_url=registry.redhat.io/rhceph/rhceph-promtail-rhel9\u0026tag=v3.0.0-34"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
                "product": {
                  "name": "rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
                  "product_id": "rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c?arch=amd64\u0026repository_url=registry.redhat.io/rhceph/rhceph-8-rhel9\u0026tag=8-492"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
                "product": {
                  "name": "rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
                  "product_id": "rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e?arch=amd64\u0026repository_url=registry.redhat.io/rhceph/rhceph-haproxy-rhel9\u0026tag=2.4.22-67"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
                "product": {
                  "name": "rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
                  "product_id": "rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2?arch=amd64\u0026repository_url=registry.redhat.io/rhceph/snmp-notifier-rhel9\u0026tag=1.2.1-115"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "amd64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
                "product": {
                  "name": "rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
                  "product_id": "rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427?arch=s390x\u0026repository_url=registry.redhat.io/rhceph/grafana-rhel9\u0026tag=11.5.2-6"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
                "product": {
                  "name": "rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
                  "product_id": "rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333?arch=s390x\u0026repository_url=registry.redhat.io/rhceph/keepalived-rhel9\u0026tag=2.2.8-65"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
                "product": {
                  "name": "rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
                  "product_id": "rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92?arch=s390x\u0026repository_url=registry.redhat.io/rhceph/oauth2-proxy-rhel9\u0026tag=v7.6.0-27"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
                "product": {
                  "name": "rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
                  "product_id": "rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9?arch=s390x\u0026repository_url=registry.redhat.io/rhceph/rhceph-promtail-rhel9\u0026tag=v3.0.0-34"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
                "product": {
                  "name": "rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
                  "product_id": "rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24?arch=s390x\u0026repository_url=registry.redhat.io/rhceph/rhceph-8-rhel9\u0026tag=8-492"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
                "product": {
                  "name": "rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
                  "product_id": "rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee?arch=s390x\u0026repository_url=registry.redhat.io/rhceph/rhceph-haproxy-rhel9\u0026tag=2.4.22-67"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x",
                "product": {
                  "name": "rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x",
                  "product_id": "rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x",
                  "product_identification_helper": {
                    "purl": "pkg:oci/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06?arch=s390x\u0026repository_url=registry.redhat.io/rhceph/snmp-notifier-rhel9\u0026tag=1.2.1-115"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
                "product": {
                  "name": "rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
                  "product_id": "rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc?arch=arm64\u0026repository_url=registry.redhat.io/rhceph/grafana-rhel9\u0026tag=11.5.2-6"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
                "product": {
                  "name": "rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
                  "product_id": "rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43?arch=arm64\u0026repository_url=registry.redhat.io/rhceph/keepalived-rhel9\u0026tag=2.2.8-65"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
                "product": {
                  "name": "rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
                  "product_id": "rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92?arch=arm64\u0026repository_url=registry.redhat.io/rhceph/oauth2-proxy-rhel9\u0026tag=v7.6.0-27"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
                "product": {
                  "name": "rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
                  "product_id": "rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2?arch=arm64\u0026repository_url=registry.redhat.io/rhceph/rhceph-8-rhel9\u0026tag=8-492"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
                "product": {
                  "name": "rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
                  "product_id": "rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2?arch=arm64\u0026repository_url=registry.redhat.io/rhceph/rhceph-haproxy-rhel9\u0026tag=2.4.22-67"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
                "product": {
                  "name": "rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
                  "product_id": "rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
                  "product_identification_helper": {
                    "purl": "pkg:oci/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74?arch=arm64\u0026repository_url=registry.redhat.io/rhceph/snmp-notifier-rhel9\u0026tag=1.2.1-115"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "arm64"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le as a component of Red Hat Ceph Storage 8.1 Tools",
          "product_id": "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le"
        },
        "product_reference": "rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
        "relates_to_product_reference": "9Base-RHCEPH-8.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64 as a component of Red Hat Ceph Storage 8.1 Tools",
          "product_id": "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64"
        },
        "product_reference": "rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
        "relates_to_product_reference": "9Base-RHCEPH-8.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x as a component of Red Hat Ceph Storage 8.1 Tools",
          "product_id": "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x"
        },
        "product_reference": "rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
        "relates_to_product_reference": "9Base-RHCEPH-8.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64 as a component of Red Hat Ceph Storage 8.1 Tools",
          "product_id": "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64"
        },
        "product_reference": "rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
        "relates_to_product_reference": "9Base-RHCEPH-8.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64 as a component of Red Hat Ceph Storage 8.1 Tools",
          "product_id": "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64"
        },
        "product_reference": "rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
        "relates_to_product_reference": "9Base-RHCEPH-8.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64 as a component of Red Hat Ceph Storage 8.1 Tools",
          "product_id": "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64"
        },
        "product_reference": "rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
        "relates_to_product_reference": "9Base-RHCEPH-8.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le as a component of Red Hat Ceph Storage 8.1 Tools",
          "product_id": "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le"
        },
        "product_reference": "rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
        "relates_to_product_reference": "9Base-RHCEPH-8.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x as a component of Red Hat Ceph Storage 8.1 Tools",
          "product_id": "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x"
        },
        "product_reference": "rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
        "relates_to_product_reference": "9Base-RHCEPH-8.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64 as a component of Red Hat Ceph Storage 8.1 Tools",
          "product_id": "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64"
        },
        "product_reference": "rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
        "relates_to_product_reference": "9Base-RHCEPH-8.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x as a component of Red Hat Ceph Storage 8.1 Tools",
          "product_id": "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x"
        },
        "product_reference": "rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
        "relates_to_product_reference": "9Base-RHCEPH-8.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64 as a component of Red Hat Ceph Storage 8.1 Tools",
          "product_id": "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64"
        },
        "product_reference": "rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
        "relates_to_product_reference": "9Base-RHCEPH-8.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le as a component of Red Hat Ceph Storage 8.1 Tools",
          "product_id": "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le"
        },
        "product_reference": "rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
        "relates_to_product_reference": "9Base-RHCEPH-8.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x as a component of Red Hat Ceph Storage 8.1 Tools",
          "product_id": "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x"
        },
        "product_reference": "rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
        "relates_to_product_reference": "9Base-RHCEPH-8.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64 as a component of Red Hat Ceph Storage 8.1 Tools",
          "product_id": "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64"
        },
        "product_reference": "rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
        "relates_to_product_reference": "9Base-RHCEPH-8.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le as a component of Red Hat Ceph Storage 8.1 Tools",
          "product_id": "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le"
        },
        "product_reference": "rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
        "relates_to_product_reference": "9Base-RHCEPH-8.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64 as a component of Red Hat Ceph Storage 8.1 Tools",
          "product_id": "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64"
        },
        "product_reference": "rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
        "relates_to_product_reference": "9Base-RHCEPH-8.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64 as a component of Red Hat Ceph Storage 8.1 Tools",
          "product_id": "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64"
        },
        "product_reference": "rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
        "relates_to_product_reference": "9Base-RHCEPH-8.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le as a component of Red Hat Ceph Storage 8.1 Tools",
          "product_id": "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le"
        },
        "product_reference": "rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
        "relates_to_product_reference": "9Base-RHCEPH-8.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x as a component of Red Hat Ceph Storage 8.1 Tools",
          "product_id": "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x"
        },
        "product_reference": "rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
        "relates_to_product_reference": "9Base-RHCEPH-8.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64 as a component of Red Hat Ceph Storage 8.1 Tools",
          "product_id": "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64"
        },
        "product_reference": "rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
        "relates_to_product_reference": "9Base-RHCEPH-8.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x as a component of Red Hat Ceph Storage 8.1 Tools",
          "product_id": "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x"
        },
        "product_reference": "rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
        "relates_to_product_reference": "9Base-RHCEPH-8.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64 as a component of Red Hat Ceph Storage 8.1 Tools",
          "product_id": "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64"
        },
        "product_reference": "rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
        "relates_to_product_reference": "9Base-RHCEPH-8.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le as a component of Red Hat Ceph Storage 8.1 Tools",
          "product_id": "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le"
        },
        "product_reference": "rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
        "relates_to_product_reference": "9Base-RHCEPH-8.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64 as a component of Red Hat Ceph Storage 8.1 Tools",
          "product_id": "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64"
        },
        "product_reference": "rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
        "relates_to_product_reference": "9Base-RHCEPH-8.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le as a component of Red Hat Ceph Storage 8.1 Tools",
          "product_id": "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le"
        },
        "product_reference": "rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
        "relates_to_product_reference": "9Base-RHCEPH-8.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64 as a component of Red Hat Ceph Storage 8.1 Tools",
          "product_id": "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64"
        },
        "product_reference": "rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
        "relates_to_product_reference": "9Base-RHCEPH-8.1-Tools"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x as a component of Red Hat Ceph Storage 8.1 Tools",
          "product_id": "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
        },
        "product_reference": "rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x",
        "relates_to_product_reference": "9Base-RHCEPH-8.1-Tools"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-23491",
      "cwe": {
        "id": "CWE-345",
        "name": "Insufficient Verification of Data Authenticity"
      },
      "discovery_date": "2023-03-16T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2180089"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in python-certifi. Untrusted certificates from TrustCor have been found in the root certificates store.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "python-certifi: untrusted root certificates",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Satellite is not vulnerable to this flaw as it ships a build of python-certifi that is patched to use system certs from /etc/pki/tls/certs/ca-bundle.crt.Redhat has rated this CVE as moderate because most redhat products use system-wide root CA certificate bundle instead of certifi bundle.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2022-23491"
        },
        {
          "category": "external",
          "summary": "RHBZ#2180089",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2180089"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2022-23491",
          "url": "https://www.cve.org/CVERecord?id=CVE-2022-23491"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2022-23491",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23491"
        },
        {
          "category": "external",
          "summary": "https://github.com/certifi/python-certifi/security/advisories/GHSA-43fp-rhv2-5gv8",
          "url": "https://github.com/certifi/python-certifi/security/advisories/GHSA-43fp-rhv2-5gv8"
        }
      ],
      "release_date": "2022-12-07T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-06-26T12:12:44+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2789521\n\nFor supported configurations, refer to:\n\nhttps://access.redhat.com/articles/1548993",
          "product_ids": [
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:9776"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "python-certifi: untrusted root certificates"
    },
    {
      "cve": "CVE-2023-45290",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2024-03-05T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2268017"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was discovered in Go\u0027s net/http standard library package. When parsing a multipart form (either explicitly with Request.ParseMultipartForm or implicitly with Request.FormValue, Request.PostFormValue, or Request.FormFile), limits on the total size of the parsed form were not applied to the memory consumed while reading a single form line. This permits a maliciously crafted input containing very long lines to cause allocation of arbitrarily large amounts of memory, potentially leading to memory exhaustion. With fix, the ParseMultipartForm function now correctly limits the maximum size of form lines.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: net/http: golang: mime/multipart: golang: net/textproto: memory exhaustion in Request.ParseMultipartForm",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2023-45290"
        },
        {
          "category": "external",
          "summary": "RHBZ#2268017",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268017"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2023-45290",
          "url": "https://www.cve.org/CVERecord?id=CVE-2023-45290"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-45290",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45290"
        },
        {
          "category": "external",
          "summary": "http://www.openwall.com/lists/oss-security/2024/03/08/4",
          "url": "http://www.openwall.com/lists/oss-security/2024/03/08/4"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/569341",
          "url": "https://go.dev/cl/569341"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/65383",
          "url": "https://go.dev/issue/65383"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg",
          "url": "https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2024-2599",
          "url": "https://pkg.go.dev/vuln/GO-2024-2599"
        },
        {
          "category": "external",
          "summary": "https://security.netapp.com/advisory/ntap-20240329-0004",
          "url": "https://security.netapp.com/advisory/ntap-20240329-0004"
        }
      ],
      "release_date": "2024-03-05T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-06-26T12:12:44+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2789521\n\nFor supported configurations, refer to:\n\nhttps://access.redhat.com/articles/1548993",
          "product_ids": [
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:9776"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: net/http: golang: mime/multipart: golang: net/textproto: memory exhaustion in Request.ParseMultipartForm"
    },
    {
      "cve": "CVE-2024-6104",
      "cwe": {
        "id": "CWE-532",
        "name": "Insertion of Sensitive Information into Log File"
      },
      "discovery_date": "2024-06-24T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2294000"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A vulnerability was found in go-retryablehttp. The package may suffer from a lack of input sanitization by not cleaning up URL data when writing to the logs. This issue could expose sensitive authentication information.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "go-retryablehttp: url might write sensitive information to log file",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-6104"
        },
        {
          "category": "external",
          "summary": "RHBZ#2294000",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2294000"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-6104",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-6104"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-6104",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6104"
        }
      ],
      "release_date": "2024-06-24T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-06-26T12:12:44+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2789521\n\nFor supported configurations, refer to:\n\nhttps://access.redhat.com/articles/1548993",
          "product_ids": [
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:9776"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 6.0,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "go-retryablehttp: url might write sensitive information to log file"
    },
    {
      "cve": "CVE-2024-24783",
      "cwe": {
        "id": "CWE-295",
        "name": "Improper Certificate Validation"
      },
      "discovery_date": "2024-03-05T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2268019"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Go\u0027s crypto/x509 standard library package. Verifying a certificate chain that contains a certificate with an unknown public key algorithm will cause a Certificate.Verify to panic. This issue affects all crypto/tls clients and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-24783"
        },
        {
          "category": "external",
          "summary": "RHBZ#2268019",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268019"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-24783",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-24783"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24783",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24783"
        },
        {
          "category": "external",
          "summary": "http://www.openwall.com/lists/oss-security/2024/03/08/4",
          "url": "http://www.openwall.com/lists/oss-security/2024/03/08/4"
        },
        {
          "category": "external",
          "summary": "https://github.com/advisories/GHSA-3q2c-pvp5-3cqp",
          "url": "https://github.com/advisories/GHSA-3q2c-pvp5-3cqp"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/569339",
          "url": "https://go.dev/cl/569339"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/65390",
          "url": "https://go.dev/issue/65390"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg",
          "url": "https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2024-2598",
          "url": "https://pkg.go.dev/vuln/GO-2024-2598"
        },
        {
          "category": "external",
          "summary": "https://security.netapp.com/advisory/ntap-20240329-0005",
          "url": "https://security.netapp.com/advisory/ntap-20240329-0005"
        }
      ],
      "release_date": "2024-03-05T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-06-26T12:12:44+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2789521\n\nFor supported configurations, refer to:\n\nhttps://access.redhat.com/articles/1548993",
          "product_ids": [
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:9776"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm"
    },
    {
      "cve": "CVE-2024-24784",
      "cwe": {
        "id": "CWE-115",
        "name": "Misinterpretation of Input"
      },
      "discovery_date": "2024-03-05T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2268021"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Go\u0027s net/mail standard library package. The ParseAddressList function incorrectly handles comments (text within parentheses) within display names. Since this is a misalignment with conforming address parsers, it can result in different trust decisions made by programs using different parsers.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: net/mail: comments in display names are incorrectly handled",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-24784"
        },
        {
          "category": "external",
          "summary": "RHBZ#2268021",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268021"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-24784",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-24784"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24784",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24784"
        }
      ],
      "release_date": "2024-03-05T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-06-26T12:12:44+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2789521\n\nFor supported configurations, refer to:\n\nhttps://access.redhat.com/articles/1548993",
          "product_ids": [
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:9776"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: net/mail: comments in display names are incorrectly handled"
    },
    {
      "cve": "CVE-2024-24785",
      "cwe": {
        "id": "CWE-74",
        "name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
      },
      "discovery_date": "2024-03-05T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2268022"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Go\u0027s html/template standard library package. If errors returned from MarshalJSON methods contain user-controlled data, they may be used to break the contextual auto-escaping behavior of the html/template package, allowing subsequent actions to inject unexpected content into templates.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: html/template: errors returned from MarshalJSON methods may break template escaping",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-24785"
        },
        {
          "category": "external",
          "summary": "RHBZ#2268022",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268022"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-24785",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-24785"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24785",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24785"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/564196",
          "url": "https://go.dev/cl/564196"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/65697",
          "url": "https://go.dev/issue/65697"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg",
          "url": "https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg"
        },
        {
          "category": "external",
          "summary": "https://vuln.go.dev/ID/GO-2024-2610.json",
          "url": "https://vuln.go.dev/ID/GO-2024-2610.json"
        }
      ],
      "release_date": "2024-03-05T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-06-26T12:12:44+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2789521\n\nFor supported configurations, refer to:\n\nhttps://access.redhat.com/articles/1548993",
          "product_ids": [
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:9776"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: html/template: errors returned from MarshalJSON methods may break template escaping"
    },
    {
      "cve": "CVE-2024-24786",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "discovery_date": "2024-03-06T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2268046"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Golang\u0027s protobuf module, where the unmarshal function can enter an infinite loop when processing certain invalid inputs. This issue occurs during unmarshaling into a message that includes a google.protobuf.Any or when the UnmarshalOptions.DiscardUnknown option is enabled. This flaw allows an attacker to craft malicious input tailored to trigger the identified flaw in the unmarshal function. By providing carefully constructed invalid inputs, they could potentially cause the function to enter an infinite loop, resulting in a denial of service condition or other unintended behaviors in the affected system.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-24786"
        },
        {
          "category": "external",
          "summary": "RHBZ#2268046",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268046"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-24786",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-24786"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24786",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24786"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/569356",
          "url": "https://go.dev/cl/569356"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/",
          "url": "https://groups.google.com/g/golang-announce/c/ArQ6CDgtEjY/"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2024-2611",
          "url": "https://pkg.go.dev/vuln/GO-2024-2611"
        }
      ],
      "release_date": "2024-03-05T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-06-26T12:12:44+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2789521\n\nFor supported configurations, refer to:\n\nhttps://access.redhat.com/articles/1548993",
          "product_ids": [
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:9776"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang-protobuf: encoding/protojson, internal/encoding/json: infinite loop in protojson.Unmarshal when unmarshaling certain forms of invalid JSON"
    },
    {
      "cve": "CVE-2024-24788",
      "cwe": {
        "id": "CWE-835",
        "name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
      },
      "discovery_date": "2024-05-09T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2279814"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the net package of the Go stdlib. When a malformed DNS message is received as a response to a query, the Lookup functions within the net package can get stuck in an infinite loop. This issue can lead to resource exhaustion and denial of service (DoS) conditions.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: net: malformed DNS message can cause infinite loop",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-24788"
        },
        {
          "category": "external",
          "summary": "RHBZ#2279814",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2279814"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-24788",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-24788"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24788",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24788"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2024-2824",
          "url": "https://pkg.go.dev/vuln/GO-2024-2824"
        }
      ],
      "release_date": "2024-05-08T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-06-26T12:12:44+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2789521\n\nFor supported configurations, refer to:\n\nhttps://access.redhat.com/articles/1548993",
          "product_ids": [
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:9776"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: net: malformed DNS message can cause infinite loop"
    },
    {
      "cve": "CVE-2024-24789",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2024-06-17T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2292668"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Golang. The ZIP implementation of the Go language archive/zip library behaves differently than the rest of the ZIP file format implementations. When handling ZIP files with a corrupted central directory record, the library skips over the invalid record and processes the next valid one. This flaw allows a malicious user to access hidden information or files inside maliciously crafted ZIP files.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: archive/zip: Incorrect handling of certain ZIP files",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-24789"
        },
        {
          "category": "external",
          "summary": "RHBZ#2292668",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292668"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-24789",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-24789"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24789",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24789"
        }
      ],
      "release_date": "2024-06-04T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-06-26T12:12:44+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2789521\n\nFor supported configurations, refer to:\n\nhttps://access.redhat.com/articles/1548993",
          "product_ids": [
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:9776"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: archive/zip: Incorrect handling of certain ZIP files"
    },
    {
      "cve": "CVE-2024-24790",
      "cwe": {
        "id": "CWE-115",
        "name": "Misinterpretation of Input"
      },
      "discovery_date": "2024-06-17T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2292787"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the Go language standard library net/netip. The method Is*() (IsPrivate(), IsPublic(), etc) doesn\u0027t behave properly when working with IPv6 mapped to IPv4 addresses. The unexpected behavior can lead to integrity and confidentiality issues, specifically when these methods are used to control access to resources or data.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This CVE has been marked as moderate as for our products a network-based attack vector is simply impossible when it comes to golang code,apart from that as per CVE flaw analysis reported by golang, this only affects integrity and confidentiality and has no effect on availability, hence CVSS has been marked as such.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-24790"
        },
        {
          "category": "external",
          "summary": "RHBZ#2292787",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292787"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-24790",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-24790"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24790",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24790"
        }
      ],
      "release_date": "2024-06-04T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-06-26T12:12:44+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2789521\n\nFor supported configurations, refer to:\n\nhttps://access.redhat.com/articles/1548993",
          "product_ids": [
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:9776"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses"
    },
    {
      "cve": "CVE-2024-24791",
      "cwe": {
        "id": "CWE-20",
        "name": "Improper Input Validation"
      },
      "discovery_date": "2024-07-02T00:00:00+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2295310"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in Go. The net/http module mishandles specific server responses from HTTP/1.1 client requests. This issue may render a connection invalid and cause a denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "net/http: Denial of service due to improper 100-continue handling in net/http",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "An attacker would need to control a malicious server and induce a client to connect to it, requiring some amount of preparation outside of the attacker\u0027s control. This reduces the severity score of this flaw to Moderate.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-24791"
        },
        {
          "category": "external",
          "summary": "RHBZ#2295310",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295310"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-24791",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-24791"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24791",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24791"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/591255",
          "url": "https://go.dev/cl/591255"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/67555",
          "url": "https://go.dev/issue/67555"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ",
          "url": "https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ"
        }
      ],
      "release_date": "2024-07-02T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-06-26T12:12:44+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2789521\n\nFor supported configurations, refer to:\n\nhttps://access.redhat.com/articles/1548993",
          "product_ids": [
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:9776"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "net/http: Denial of service due to improper 100-continue handling in net/http"
    },
    {
      "cve": "CVE-2024-34155",
      "cwe": {
        "id": "CWE-674",
        "name": "Uncontrolled Recursion"
      },
      "discovery_date": "2024-09-06T21:20:06.929766+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2310527"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the go/parser package of the Golang standard library. Calling any Parse functions on Go source code containing deeply nested literals can cause a panic due to stack exhaustion.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-34155"
        },
        {
          "category": "external",
          "summary": "RHBZ#2310527",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310527"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-34155",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-34155"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-34155",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34155"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/611238",
          "url": "https://go.dev/cl/611238"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/69138",
          "url": "https://go.dev/issue/69138"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk",
          "url": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2024-3105",
          "url": "https://pkg.go.dev/vuln/GO-2024-3105"
        }
      ],
      "release_date": "2024-09-06T21:15:11.947000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-06-26T12:12:44+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2789521\n\nFor supported configurations, refer to:\n\nhttps://access.redhat.com/articles/1548993",
          "product_ids": [
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:9776"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion"
    },
    {
      "cve": "CVE-2024-34156",
      "cwe": {
        "id": "CWE-674",
        "name": "Uncontrolled Recursion"
      },
      "discovery_date": "2024-09-06T21:20:09.377905+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2310528"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability in Go\u0027s `encoding/gob` package is of high severity because it exposes applications to potential Denial of Service (DoS) attacks through stack exhaustion. Since `gob` relies on recursive function calls to decode nested structures, an attacker could exploit this by sending crafted messages with excessively deep nesting, causing the application to panic due to stack overflow. This risk is particularly important in scenarios where untrusted or external input is processed, as it can lead to system unavailability or crashes, undermining the reliability and availability of services.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
          "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
          "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
          "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2024-34156"
        },
        {
          "category": "external",
          "summary": "RHBZ#2310528",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310528"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2024-34156",
          "url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-34156",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34156"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/611239",
          "url": "https://go.dev/cl/611239"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/69139",
          "url": "https://go.dev/issue/69139"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk",
          "url": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2024-3106",
          "url": "https://pkg.go.dev/vuln/GO-2024-3106"
        }
      ],
      "release_date": "2024-09-06T21:15:12.020000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-06-26T12:12:44+00:00",
          "details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/2789521\n\nFor supported configurations, refer to:\n\nhttps://access.redhat.com/articles/1548993",
          "product_ids": [
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:9776"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:0ce0f0dc070b6a3e8bbea15f62d4abd713e2b4233d4d5413cfa232e86fc8cd34_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:2f3593633800e8d09f96a28892e2fb1a11a22e92d85233a8c4740ee06727eafc_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:7602811891a649c8c2a1a97dbd22ff0d235bceeaec69e724c1e6a237175f9427_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/grafana-rhel9@sha256:a8f5dacb3d12ed3e7f65cefc30fdd2f946256d6f2e638a87c1560643327fbe07_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:31b50dc109ed8250673bb1f32c57f8979d6e604ff3204050504a31755241240a_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:42a7329701d51049a318b3de4a1601d4d612a0076ac91e934322890b68337d43_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:61d686df696d549d714efe63b23990d696b15c5bc0f9a105837fea191f63bf75_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/keepalived-rhel9@sha256:b6e7648e3d3082fe9a0b526f716ab9ea087935e982794bf22627c2b708463333_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:179b92c189dc97cb73c00844fb58e59f1a3b434f3e3e52471bb3a12a8b1c0a92_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:1d74f24b455f471a80593c65735288f0c24ba820bed1bb45ea62e02c6ca21b92_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:bd593607b20997448e75c2cd7c5f1be95ce822a8ecfce6fb79de031a27880671_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/oauth2-proxy-rhel9@sha256:c6dec2f2200128a260c1c8e3d04105c6cc72b9f92fc84fa8f2dcb75a51ba3c97_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:04a10d4c7b05974dfb2836388aeef65dd2b6451997b627b68d4ea3d3ee330f24_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:20a6bb51cc2ad40eff6e31674d9ebf80279322de2daa58fa83dbf98b0438625c_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3a0a175d4cf85f149b33135a55f0f1c61a97c514b97ec70f653932c774c20eaf_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-8-rhel9@sha256:3b3aa3ec99316b78217396b29a63d4eadb508232e3d69c6bcd4e4ee901003ba2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:6b625192b4a477e36bb34bfbc366e7d17195265a7d2f3923735b06ecd1dc07a2_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:887b2b34e5461d3fd48e534c4fe1f2df349a3948f79e9def7b1c72de2c20cf5c_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:d9f5c146b156760f1d00e19e6816020990b17bdf8c6849421cd3d2996e60b7ee_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-haproxy-rhel9@sha256:ecc791e89ebf6320345e227f9652e83aac583a430905d09cd11f5c5f366f6d5e_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:7c4e5dd98dc05d31f134cfa4d5d440badc5a351e7c89dd13f17a5a9cf730f1c9_s390x",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:99cdaa49b634f8353a65645af597ec931b502e8f0230d6cb83dbde5ec1ee8ef9_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/rhceph-promtail-rhel9@sha256:cead10daa28adb2f78a2fac3915afb0d677239da623aecf802750c35dca2c433_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:010c445a177724925666188b81b53f62f1369ca5ea20fbc3c7fe1146426df2a2_amd64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:4e631ea10d245c1cff2324c01ba3842f44bc0925165eed8eaeb2d10259d59e14_ppc64le",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:c7a1ccdc359ad2bc1406cf3406c4d43a4249bec2c84045959ceccd523109ad74_arm64",
            "9Base-RHCEPH-8.1-Tools:rhceph/snmp-notifier-rhel9@sha256:d604a03d3a4cb2019b0b18e7d19173a54555de487ee333c2b9f137331c29ce06_s390x"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion"
    }
  ]
}

SUSE-SU-2024:1935-1

Vulnerability from csaf_suse - Published: 2024-06-07 08:25 - Updated: 2024-06-07 08:25

Summary

Security update for go1.22

Severity

Moderate

Notes

Title of the patch: Security update for go1.22

Description of the patch: This update for go1.22 fixes the following issues: go1.21.11 release (bsc#1212475). - CVE-2024-24789: Fixed mishandling of corrupt central directory record in archive/zip (bsc#1225973). - CVE-2024-24790: Fixed unexpected behavior from Is methods for IPv4-mapped IPv6 addresses (bsc#1225974).

Patchnames: SUSE-2024-1935,SUSE-SLE-SDK-12-SP5-2024-1935

CVE-2024-24789

6.2 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-1.22.4-1.12.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-1.22.4-1.12.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-1.22.4-1.12.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-1.22.4-1.12.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-doc-1.22.4-1.12.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-doc-1.22.4-1.12.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-doc-1.22.4-1.12.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-doc-1.22.4-1.12.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2024-24790

6.2 (Medium)


                        
                          CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-1.22.4-1.12.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-1.22.4-1.12.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-1.22.4-1.12.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-1.22.4-1.12.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-doc-1.22.4-1.12.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-doc-1.22.4-1.12.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-doc-1.22.4-1.12.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-doc-1.22.4-1.12.1.x86_64	—	Vendor Fix

Threats

Impact moderate

References

13 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/s…	self
https://www.suse.com/support/update/announcement/…	self
https://lists.suse.com/pipermail/sle-updates/2024…	self
https://bugzilla.suse.com/1218424	self
https://bugzilla.suse.com/1225973	self
https://bugzilla.suse.com/1225974	self
https://www.suse.com/security/cve/CVE-2024-24789/	self
https://www.suse.com/security/cve/CVE-2024-24790/	self
https://www.suse.com/security/cve/CVE-2024-24789	external
https://bugzilla.suse.com/1225973	external
https://www.suse.com/security/cve/CVE-2024-24790	external
https://bugzilla.suse.com/1225974	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for go1.22",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for go1.22 fixes the following issues:\n\ngo1.21.11 release (bsc#1212475).\n\n- CVE-2024-24789: Fixed mishandling of corrupt central directory record in archive/zip (bsc#1225973).\n- CVE-2024-24790: Fixed unexpected behavior from Is methods for IPv4-mapped IPv6 addresses (bsc#1225974).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2024-1935,SUSE-SLE-SDK-12-SP5-2024-1935",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_1935-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2024:1935-1",
        "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20241935-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2024:1935-1",
        "url": "https://lists.suse.com/pipermail/sle-updates/2024-June/035488.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1218424",
        "url": "https://bugzilla.suse.com/1218424"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1225973",
        "url": "https://bugzilla.suse.com/1225973"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1225974",
        "url": "https://bugzilla.suse.com/1225974"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-24789 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-24789/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-24790 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-24790/"
      }
    ],
    "title": "Security update for go1.22",
    "tracking": {
      "current_release_date": "2024-06-07T08:25:49Z",
      "generator": {
        "date": "2024-06-07T08:25:49Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2024:1935-1",
      "initial_release_date": "2024-06-07T08:25:49Z",
      "revision_history": [
        {
          "date": "2024-06-07T08:25:49Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "go1.22-1.22.4-1.12.1.aarch64",
                "product": {
                  "name": "go1.22-1.22.4-1.12.1.aarch64",
                  "product_id": "go1.22-1.22.4-1.12.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "go1.22-doc-1.22.4-1.12.1.aarch64",
                "product": {
                  "name": "go1.22-doc-1.22.4-1.12.1.aarch64",
                  "product_id": "go1.22-doc-1.22.4-1.12.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "go1.22-1.22.4-1.12.1.i586",
                "product": {
                  "name": "go1.22-1.22.4-1.12.1.i586",
                  "product_id": "go1.22-1.22.4-1.12.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "go1.22-doc-1.22.4-1.12.1.i586",
                "product": {
                  "name": "go1.22-doc-1.22.4-1.12.1.i586",
                  "product_id": "go1.22-doc-1.22.4-1.12.1.i586"
                }
              }
            ],
            "category": "architecture",
            "name": "i586"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "go1.22-1.22.4-1.12.1.ppc64le",
                "product": {
                  "name": "go1.22-1.22.4-1.12.1.ppc64le",
                  "product_id": "go1.22-1.22.4-1.12.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "go1.22-doc-1.22.4-1.12.1.ppc64le",
                "product": {
                  "name": "go1.22-doc-1.22.4-1.12.1.ppc64le",
                  "product_id": "go1.22-doc-1.22.4-1.12.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "go1.22-1.22.4-1.12.1.s390x",
                "product": {
                  "name": "go1.22-1.22.4-1.12.1.s390x",
                  "product_id": "go1.22-1.22.4-1.12.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "go1.22-doc-1.22.4-1.12.1.s390x",
                "product": {
                  "name": "go1.22-doc-1.22.4-1.12.1.s390x",
                  "product_id": "go1.22-doc-1.22.4-1.12.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "go1.22-1.22.4-1.12.1.x86_64",
                "product": {
                  "name": "go1.22-1.22.4-1.12.1.x86_64",
                  "product_id": "go1.22-1.22.4-1.12.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "go1.22-doc-1.22.4-1.12.1.x86_64",
                "product": {
                  "name": "go1.22-doc-1.22.4-1.12.1.x86_64",
                  "product_id": "go1.22-doc-1.22.4-1.12.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Software Development Kit 12 SP5",
                "product": {
                  "name": "SUSE Linux Enterprise Software Development Kit 12 SP5",
                  "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-sdk:12:sp5"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.22-1.22.4-1.12.1.aarch64 as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
          "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-1.22.4-1.12.1.aarch64"
        },
        "product_reference": "go1.22-1.22.4-1.12.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.22-1.22.4-1.12.1.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
          "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-1.22.4-1.12.1.ppc64le"
        },
        "product_reference": "go1.22-1.22.4-1.12.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.22-1.22.4-1.12.1.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
          "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-1.22.4-1.12.1.s390x"
        },
        "product_reference": "go1.22-1.22.4-1.12.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.22-1.22.4-1.12.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
          "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-1.22.4-1.12.1.x86_64"
        },
        "product_reference": "go1.22-1.22.4-1.12.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.22-doc-1.22.4-1.12.1.aarch64 as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
          "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-doc-1.22.4-1.12.1.aarch64"
        },
        "product_reference": "go1.22-doc-1.22.4-1.12.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.22-doc-1.22.4-1.12.1.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
          "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-doc-1.22.4-1.12.1.ppc64le"
        },
        "product_reference": "go1.22-doc-1.22.4-1.12.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.22-doc-1.22.4-1.12.1.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
          "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-doc-1.22.4-1.12.1.s390x"
        },
        "product_reference": "go1.22-doc-1.22.4-1.12.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.22-doc-1.22.4-1.12.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
          "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-doc-1.22.4-1.12.1.x86_64"
        },
        "product_reference": "go1.22-doc-1.22.4-1.12.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-24789",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-24789"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The archive/zip package\u0027s handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be exploited to create an zip file with contents that vary depending on the implementation reading the file. The archive/zip package now rejects files containing these errors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-1.22.4-1.12.1.aarch64",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-1.22.4-1.12.1.ppc64le",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-1.22.4-1.12.1.s390x",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-1.22.4-1.12.1.x86_64",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-doc-1.22.4-1.12.1.aarch64",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-doc-1.22.4-1.12.1.ppc64le",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-doc-1.22.4-1.12.1.s390x",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-doc-1.22.4-1.12.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-24789",
          "url": "https://www.suse.com/security/cve/CVE-2024-24789"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1225973 for CVE-2024-24789",
          "url": "https://bugzilla.suse.com/1225973"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-1.22.4-1.12.1.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-1.22.4-1.12.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-1.22.4-1.12.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-1.22.4-1.12.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-doc-1.22.4-1.12.1.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-doc-1.22.4-1.12.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-doc-1.22.4-1.12.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-doc-1.22.4-1.12.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-1.22.4-1.12.1.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-1.22.4-1.12.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-1.22.4-1.12.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-1.22.4-1.12.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-doc-1.22.4-1.12.1.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-doc-1.22.4-1.12.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-doc-1.22.4-1.12.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-doc-1.22.4-1.12.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-07T08:25:49Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-24789"
    },
    {
      "cve": "CVE-2024-24790",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-24790"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The various Is methods (IsPrivate, IsLoopback, etc) did not work as expected for IPv4-mapped IPv6 addresses, returning false for addresses which would return true in their traditional IPv4 forms.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-1.22.4-1.12.1.aarch64",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-1.22.4-1.12.1.ppc64le",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-1.22.4-1.12.1.s390x",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-1.22.4-1.12.1.x86_64",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-doc-1.22.4-1.12.1.aarch64",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-doc-1.22.4-1.12.1.ppc64le",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-doc-1.22.4-1.12.1.s390x",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-doc-1.22.4-1.12.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-24790",
          "url": "https://www.suse.com/security/cve/CVE-2024-24790"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1225974 for CVE-2024-24790",
          "url": "https://bugzilla.suse.com/1225974"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-1.22.4-1.12.1.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-1.22.4-1.12.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-1.22.4-1.12.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-1.22.4-1.12.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-doc-1.22.4-1.12.1.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-doc-1.22.4-1.12.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-doc-1.22.4-1.12.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-doc-1.22.4-1.12.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-1.22.4-1.12.1.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-1.22.4-1.12.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-1.22.4-1.12.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-1.22.4-1.12.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-doc-1.22.4-1.12.1.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-doc-1.22.4-1.12.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-doc-1.22.4-1.12.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.22-doc-1.22.4-1.12.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-07T08:25:49Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-24790"
    }
  ]
}

SUSE-SU-2024:1936-1

Vulnerability from csaf_suse - Published: 2024-06-07 08:26 - Updated: 2024-06-07 08:26

Summary

Security update for go1.21

Severity

Moderate

Notes

Title of the patch: Security update for go1.21

Description of the patch: This update for go1.21 fixes the following issues: go1.21.11 release (bsc#1212475). - CVE-2024-24789: Fixed mishandling of corrupt central directory record in archive/zip (bsc#1225973). - CVE-2024-24790: Fixed unexpected behavior from Is methods for IPv4-mapped IPv6 addresses (bsc#1225974).

Patchnames: SUSE-2024-1936,SUSE-SLE-SDK-12-SP5-2024-1936

CVE-2024-24789

6.2 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-1.21.11-1.36.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-1.21.11-1.36.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-1.21.11-1.36.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-1.21.11-1.36.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-doc-1.21.11-1.36.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-doc-1.21.11-1.36.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-doc-1.21.11-1.36.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-doc-1.21.11-1.36.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2024-24790

6.2 (Medium)


                        
                          CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-1.21.11-1.36.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-1.21.11-1.36.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-1.21.11-1.36.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-1.21.11-1.36.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-doc-1.21.11-1.36.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-doc-1.21.11-1.36.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-doc-1.21.11-1.36.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-doc-1.21.11-1.36.1.x86_64	—	Vendor Fix

Threats

Impact moderate

References

13 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/s…	self
https://www.suse.com/support/update/announcement/…	self
https://lists.suse.com/pipermail/sle-updates/2024…	self
https://bugzilla.suse.com/1212475	self
https://bugzilla.suse.com/1225973	self
https://bugzilla.suse.com/1225974	self
https://www.suse.com/security/cve/CVE-2024-24789/	self
https://www.suse.com/security/cve/CVE-2024-24790/	self
https://www.suse.com/security/cve/CVE-2024-24789	external
https://bugzilla.suse.com/1225973	external
https://www.suse.com/security/cve/CVE-2024-24790	external
https://bugzilla.suse.com/1225974	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for go1.21",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for go1.21 fixes the following issues:\n\ngo1.21.11 release (bsc#1212475).\n\n- CVE-2024-24789: Fixed mishandling of corrupt central directory record in archive/zip (bsc#1225973).\n- CVE-2024-24790: Fixed unexpected behavior from Is methods for IPv4-mapped IPv6 addresses (bsc#1225974).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2024-1936,SUSE-SLE-SDK-12-SP5-2024-1936",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_1936-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2024:1936-1",
        "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20241936-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2024:1936-1",
        "url": "https://lists.suse.com/pipermail/sle-updates/2024-June/035487.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1212475",
        "url": "https://bugzilla.suse.com/1212475"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1225973",
        "url": "https://bugzilla.suse.com/1225973"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1225974",
        "url": "https://bugzilla.suse.com/1225974"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-24789 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-24789/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-24790 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-24790/"
      }
    ],
    "title": "Security update for go1.21",
    "tracking": {
      "current_release_date": "2024-06-07T08:26:47Z",
      "generator": {
        "date": "2024-06-07T08:26:47Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2024:1936-1",
      "initial_release_date": "2024-06-07T08:26:47Z",
      "revision_history": [
        {
          "date": "2024-06-07T08:26:47Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "go1.21-1.21.11-1.36.1.aarch64",
                "product": {
                  "name": "go1.21-1.21.11-1.36.1.aarch64",
                  "product_id": "go1.21-1.21.11-1.36.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "go1.21-doc-1.21.11-1.36.1.aarch64",
                "product": {
                  "name": "go1.21-doc-1.21.11-1.36.1.aarch64",
                  "product_id": "go1.21-doc-1.21.11-1.36.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "go1.21-1.21.11-1.36.1.i586",
                "product": {
                  "name": "go1.21-1.21.11-1.36.1.i586",
                  "product_id": "go1.21-1.21.11-1.36.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "go1.21-doc-1.21.11-1.36.1.i586",
                "product": {
                  "name": "go1.21-doc-1.21.11-1.36.1.i586",
                  "product_id": "go1.21-doc-1.21.11-1.36.1.i586"
                }
              }
            ],
            "category": "architecture",
            "name": "i586"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "go1.21-1.21.11-1.36.1.ppc64le",
                "product": {
                  "name": "go1.21-1.21.11-1.36.1.ppc64le",
                  "product_id": "go1.21-1.21.11-1.36.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "go1.21-doc-1.21.11-1.36.1.ppc64le",
                "product": {
                  "name": "go1.21-doc-1.21.11-1.36.1.ppc64le",
                  "product_id": "go1.21-doc-1.21.11-1.36.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "go1.21-1.21.11-1.36.1.s390x",
                "product": {
                  "name": "go1.21-1.21.11-1.36.1.s390x",
                  "product_id": "go1.21-1.21.11-1.36.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "go1.21-doc-1.21.11-1.36.1.s390x",
                "product": {
                  "name": "go1.21-doc-1.21.11-1.36.1.s390x",
                  "product_id": "go1.21-doc-1.21.11-1.36.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "go1.21-1.21.11-1.36.1.x86_64",
                "product": {
                  "name": "go1.21-1.21.11-1.36.1.x86_64",
                  "product_id": "go1.21-1.21.11-1.36.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "go1.21-doc-1.21.11-1.36.1.x86_64",
                "product": {
                  "name": "go1.21-doc-1.21.11-1.36.1.x86_64",
                  "product_id": "go1.21-doc-1.21.11-1.36.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Software Development Kit 12 SP5",
                "product": {
                  "name": "SUSE Linux Enterprise Software Development Kit 12 SP5",
                  "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-sdk:12:sp5"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-1.21.11-1.36.1.aarch64 as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
          "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-1.21.11-1.36.1.aarch64"
        },
        "product_reference": "go1.21-1.21.11-1.36.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-1.21.11-1.36.1.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
          "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-1.21.11-1.36.1.ppc64le"
        },
        "product_reference": "go1.21-1.21.11-1.36.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-1.21.11-1.36.1.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
          "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-1.21.11-1.36.1.s390x"
        },
        "product_reference": "go1.21-1.21.11-1.36.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-1.21.11-1.36.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
          "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-1.21.11-1.36.1.x86_64"
        },
        "product_reference": "go1.21-1.21.11-1.36.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-doc-1.21.11-1.36.1.aarch64 as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
          "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-doc-1.21.11-1.36.1.aarch64"
        },
        "product_reference": "go1.21-doc-1.21.11-1.36.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-doc-1.21.11-1.36.1.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
          "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-doc-1.21.11-1.36.1.ppc64le"
        },
        "product_reference": "go1.21-doc-1.21.11-1.36.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-doc-1.21.11-1.36.1.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
          "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-doc-1.21.11-1.36.1.s390x"
        },
        "product_reference": "go1.21-doc-1.21.11-1.36.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-doc-1.21.11-1.36.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
          "product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-doc-1.21.11-1.36.1.x86_64"
        },
        "product_reference": "go1.21-doc-1.21.11-1.36.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-24789",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-24789"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The archive/zip package\u0027s handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be exploited to create an zip file with contents that vary depending on the implementation reading the file. The archive/zip package now rejects files containing these errors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-1.21.11-1.36.1.aarch64",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-1.21.11-1.36.1.ppc64le",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-1.21.11-1.36.1.s390x",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-1.21.11-1.36.1.x86_64",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-doc-1.21.11-1.36.1.aarch64",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-doc-1.21.11-1.36.1.ppc64le",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-doc-1.21.11-1.36.1.s390x",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-doc-1.21.11-1.36.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-24789",
          "url": "https://www.suse.com/security/cve/CVE-2024-24789"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1225973 for CVE-2024-24789",
          "url": "https://bugzilla.suse.com/1225973"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-1.21.11-1.36.1.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-1.21.11-1.36.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-1.21.11-1.36.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-1.21.11-1.36.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-doc-1.21.11-1.36.1.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-doc-1.21.11-1.36.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-doc-1.21.11-1.36.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-doc-1.21.11-1.36.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-1.21.11-1.36.1.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-1.21.11-1.36.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-1.21.11-1.36.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-1.21.11-1.36.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-doc-1.21.11-1.36.1.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-doc-1.21.11-1.36.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-doc-1.21.11-1.36.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-doc-1.21.11-1.36.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-07T08:26:47Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-24789"
    },
    {
      "cve": "CVE-2024-24790",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-24790"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The various Is methods (IsPrivate, IsLoopback, etc) did not work as expected for IPv4-mapped IPv6 addresses, returning false for addresses which would return true in their traditional IPv4 forms.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-1.21.11-1.36.1.aarch64",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-1.21.11-1.36.1.ppc64le",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-1.21.11-1.36.1.s390x",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-1.21.11-1.36.1.x86_64",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-doc-1.21.11-1.36.1.aarch64",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-doc-1.21.11-1.36.1.ppc64le",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-doc-1.21.11-1.36.1.s390x",
          "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-doc-1.21.11-1.36.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-24790",
          "url": "https://www.suse.com/security/cve/CVE-2024-24790"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1225974 for CVE-2024-24790",
          "url": "https://bugzilla.suse.com/1225974"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-1.21.11-1.36.1.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-1.21.11-1.36.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-1.21.11-1.36.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-1.21.11-1.36.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-doc-1.21.11-1.36.1.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-doc-1.21.11-1.36.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-doc-1.21.11-1.36.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-doc-1.21.11-1.36.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-1.21.11-1.36.1.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-1.21.11-1.36.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-1.21.11-1.36.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-1.21.11-1.36.1.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-doc-1.21.11-1.36.1.aarch64",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-doc-1.21.11-1.36.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-doc-1.21.11-1.36.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12 SP5:go1.21-doc-1.21.11-1.36.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-07T08:26:47Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-24790"
    }
  ]
}

SUSE-SU-2024:1969-1

Vulnerability from csaf_suse - Published: 2024-06-10 18:04 - Updated: 2024-06-10 18:04

Summary

Security update for go1.21

Severity

Moderate

Notes

Title of the patch: Security update for go1.21

Patchnames: SUSE-2024-1969,SUSE-SLE-Module-Development-Tools-15-SP5-2024-1969,SUSE-SLE-Module-Development-Tools-15-SP6-2024-1969,openSUSE-SLE-15.5-2024-1969,openSUSE-SLE-15.6-2024-1969

CVE-2024-24789

6.2 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Affected products

Recommended 48 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.11-150000.1.36.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.11-150000.1.36.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.11-150000.1.36.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.11-150000.1.36.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.11-150000.1.36.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.11-150000.1.36.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.11-150000.1.36.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.11-150000.1.36.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.11-150000.1.36.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.11-150000.1.36.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.11-150000.1.36.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.11-150000.1.36.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-1.21.11-150000.1.36.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-1.21.11-150000.1.36.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-1.21.11-150000.1.36.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-1.21.11-150000.1.36.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-doc-1.21.11-150000.1.36.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-doc-1.21.11-150000.1.36.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-doc-1.21.11-150000.1.36.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-doc-1.21.11-150000.1.36.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-race-1.21.11-150000.1.36.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-race-1.21.11-150000.1.36.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-race-1.21.11-150000.1.36.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-race-1.21.11-150000.1.36.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-1.21.11-150000.1.36.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-1.21.11-150000.1.36.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-1.21.11-150000.1.36.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-1.21.11-150000.1.36.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-doc-1.21.11-150000.1.36.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-doc-1.21.11-150000.1.36.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-doc-1.21.11-150000.1.36.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-doc-1.21.11-150000.1.36.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-race-1.21.11-150000.1.36.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-race-1.21.11-150000.1.36.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-race-1.21.11-150000.1.36.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-race-1.21.11-150000.1.36.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-1.21.11-150000.1.36.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-1.21.11-150000.1.36.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-1.21.11-150000.1.36.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-1.21.11-150000.1.36.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-doc-1.21.11-150000.1.36.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-doc-1.21.11-150000.1.36.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-doc-1.21.11-150000.1.36.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-doc-1.21.11-150000.1.36.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-race-1.21.11-150000.1.36.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-race-1.21.11-150000.1.36.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-race-1.21.11-150000.1.36.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-race-1.21.11-150000.1.36.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2024-24790

6.2 (Medium)


                        
                          CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L

Affected products

Recommended 48 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.11-150000.1.36.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.11-150000.1.36.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.11-150000.1.36.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.11-150000.1.36.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.11-150000.1.36.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.11-150000.1.36.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.11-150000.1.36.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.11-150000.1.36.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.11-150000.1.36.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.11-150000.1.36.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.11-150000.1.36.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.11-150000.1.36.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-1.21.11-150000.1.36.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-1.21.11-150000.1.36.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-1.21.11-150000.1.36.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-1.21.11-150000.1.36.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-doc-1.21.11-150000.1.36.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-doc-1.21.11-150000.1.36.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-doc-1.21.11-150000.1.36.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-doc-1.21.11-150000.1.36.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-race-1.21.11-150000.1.36.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-race-1.21.11-150000.1.36.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-race-1.21.11-150000.1.36.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-race-1.21.11-150000.1.36.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-1.21.11-150000.1.36.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-1.21.11-150000.1.36.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-1.21.11-150000.1.36.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-1.21.11-150000.1.36.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-doc-1.21.11-150000.1.36.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-doc-1.21.11-150000.1.36.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-doc-1.21.11-150000.1.36.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-doc-1.21.11-150000.1.36.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-race-1.21.11-150000.1.36.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-race-1.21.11-150000.1.36.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-race-1.21.11-150000.1.36.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-race-1.21.11-150000.1.36.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-1.21.11-150000.1.36.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-1.21.11-150000.1.36.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-1.21.11-150000.1.36.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-1.21.11-150000.1.36.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-doc-1.21.11-150000.1.36.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-doc-1.21.11-150000.1.36.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-doc-1.21.11-150000.1.36.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-doc-1.21.11-150000.1.36.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-race-1.21.11-150000.1.36.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-race-1.21.11-150000.1.36.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-race-1.21.11-150000.1.36.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-race-1.21.11-150000.1.36.1.x86_64	—	Vendor Fix

Threats

Impact moderate

References

13 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/s…	self
https://www.suse.com/support/update/announcement/…	self
https://lists.suse.com/pipermail/sle-updates/2024…	self
https://bugzilla.suse.com/1212475	self
https://bugzilla.suse.com/1225973	self
https://bugzilla.suse.com/1225974	self
https://www.suse.com/security/cve/CVE-2024-24789/	self
https://www.suse.com/security/cve/CVE-2024-24790/	self
https://www.suse.com/security/cve/CVE-2024-24789	external
https://bugzilla.suse.com/1225973	external
https://www.suse.com/security/cve/CVE-2024-24790	external
https://bugzilla.suse.com/1225974	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for go1.21",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for go1.21 fixes the following issues:\n\ngo1.21.11 release (bsc#1212475).\n\n- CVE-2024-24789: Fixed mishandling of corrupt central directory record in archive/zip (bsc#1225973).\n- CVE-2024-24790: Fixed unexpected behavior from Is methods for IPv4-mapped IPv6 addresses (bsc#1225974).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2024-1969,SUSE-SLE-Module-Development-Tools-15-SP5-2024-1969,SUSE-SLE-Module-Development-Tools-15-SP6-2024-1969,openSUSE-SLE-15.5-2024-1969,openSUSE-SLE-15.6-2024-1969",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_1969-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2024:1969-1",
        "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20241969-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2024:1969-1",
        "url": "https://lists.suse.com/pipermail/sle-updates/2024-June/035524.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1212475",
        "url": "https://bugzilla.suse.com/1212475"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1225973",
        "url": "https://bugzilla.suse.com/1225973"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1225974",
        "url": "https://bugzilla.suse.com/1225974"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-24789 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-24789/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-24790 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-24790/"
      }
    ],
    "title": "Security update for go1.21",
    "tracking": {
      "current_release_date": "2024-06-10T18:04:52Z",
      "generator": {
        "date": "2024-06-10T18:04:52Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2024:1969-1",
      "initial_release_date": "2024-06-10T18:04:52Z",
      "revision_history": [
        {
          "date": "2024-06-10T18:04:52Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "go1.21-1.21.11-150000.1.36.1.aarch64",
                "product": {
                  "name": "go1.21-1.21.11-150000.1.36.1.aarch64",
                  "product_id": "go1.21-1.21.11-150000.1.36.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "go1.21-doc-1.21.11-150000.1.36.1.aarch64",
                "product": {
                  "name": "go1.21-doc-1.21.11-150000.1.36.1.aarch64",
                  "product_id": "go1.21-doc-1.21.11-150000.1.36.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "go1.21-race-1.21.11-150000.1.36.1.aarch64",
                "product": {
                  "name": "go1.21-race-1.21.11-150000.1.36.1.aarch64",
                  "product_id": "go1.21-race-1.21.11-150000.1.36.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "go1.21-1.21.11-150000.1.36.1.i586",
                "product": {
                  "name": "go1.21-1.21.11-150000.1.36.1.i586",
                  "product_id": "go1.21-1.21.11-150000.1.36.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "go1.21-doc-1.21.11-150000.1.36.1.i586",
                "product": {
                  "name": "go1.21-doc-1.21.11-150000.1.36.1.i586",
                  "product_id": "go1.21-doc-1.21.11-150000.1.36.1.i586"
                }
              }
            ],
            "category": "architecture",
            "name": "i586"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "go1.21-1.21.11-150000.1.36.1.ppc64le",
                "product": {
                  "name": "go1.21-1.21.11-150000.1.36.1.ppc64le",
                  "product_id": "go1.21-1.21.11-150000.1.36.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "go1.21-doc-1.21.11-150000.1.36.1.ppc64le",
                "product": {
                  "name": "go1.21-doc-1.21.11-150000.1.36.1.ppc64le",
                  "product_id": "go1.21-doc-1.21.11-150000.1.36.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "go1.21-race-1.21.11-150000.1.36.1.ppc64le",
                "product": {
                  "name": "go1.21-race-1.21.11-150000.1.36.1.ppc64le",
                  "product_id": "go1.21-race-1.21.11-150000.1.36.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "go1.21-1.21.11-150000.1.36.1.s390x",
                "product": {
                  "name": "go1.21-1.21.11-150000.1.36.1.s390x",
                  "product_id": "go1.21-1.21.11-150000.1.36.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "go1.21-doc-1.21.11-150000.1.36.1.s390x",
                "product": {
                  "name": "go1.21-doc-1.21.11-150000.1.36.1.s390x",
                  "product_id": "go1.21-doc-1.21.11-150000.1.36.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "go1.21-race-1.21.11-150000.1.36.1.s390x",
                "product": {
                  "name": "go1.21-race-1.21.11-150000.1.36.1.s390x",
                  "product_id": "go1.21-race-1.21.11-150000.1.36.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "go1.21-1.21.11-150000.1.36.1.x86_64",
                "product": {
                  "name": "go1.21-1.21.11-150000.1.36.1.x86_64",
                  "product_id": "go1.21-1.21.11-150000.1.36.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "go1.21-doc-1.21.11-150000.1.36.1.x86_64",
                "product": {
                  "name": "go1.21-doc-1.21.11-150000.1.36.1.x86_64",
                  "product_id": "go1.21-doc-1.21.11-150000.1.36.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "go1.21-race-1.21.11-150000.1.36.1.x86_64",
                "product": {
                  "name": "go1.21-race-1.21.11-150000.1.36.1.x86_64",
                  "product_id": "go1.21-race-1.21.11-150000.1.36.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Module for Development Tools 15 SP5",
                "product": {
                  "name": "SUSE Linux Enterprise Module for Development Tools 15 SP5",
                  "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-development-tools:15:sp5"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Module for Development Tools 15 SP6",
                "product": {
                  "name": "SUSE Linux Enterprise Module for Development Tools 15 SP6",
                  "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-development-tools:15:sp6"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "openSUSE Leap 15.5",
                "product": {
                  "name": "openSUSE Leap 15.5",
                  "product_id": "openSUSE Leap 15.5",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:leap:15.5"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "openSUSE Leap 15.6",
                "product": {
                  "name": "openSUSE Leap 15.6",
                  "product_id": "openSUSE Leap 15.6",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:leap:15.6"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-1.21.11-150000.1.36.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.11-150000.1.36.1.aarch64"
        },
        "product_reference": "go1.21-1.21.11-150000.1.36.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-1.21.11-150000.1.36.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.11-150000.1.36.1.ppc64le"
        },
        "product_reference": "go1.21-1.21.11-150000.1.36.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-1.21.11-150000.1.36.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.11-150000.1.36.1.s390x"
        },
        "product_reference": "go1.21-1.21.11-150000.1.36.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-1.21.11-150000.1.36.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.11-150000.1.36.1.x86_64"
        },
        "product_reference": "go1.21-1.21.11-150000.1.36.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-doc-1.21.11-150000.1.36.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.11-150000.1.36.1.aarch64"
        },
        "product_reference": "go1.21-doc-1.21.11-150000.1.36.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-doc-1.21.11-150000.1.36.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.11-150000.1.36.1.ppc64le"
        },
        "product_reference": "go1.21-doc-1.21.11-150000.1.36.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-doc-1.21.11-150000.1.36.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.11-150000.1.36.1.s390x"
        },
        "product_reference": "go1.21-doc-1.21.11-150000.1.36.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-doc-1.21.11-150000.1.36.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.11-150000.1.36.1.x86_64"
        },
        "product_reference": "go1.21-doc-1.21.11-150000.1.36.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-race-1.21.11-150000.1.36.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.11-150000.1.36.1.aarch64"
        },
        "product_reference": "go1.21-race-1.21.11-150000.1.36.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-race-1.21.11-150000.1.36.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.11-150000.1.36.1.ppc64le"
        },
        "product_reference": "go1.21-race-1.21.11-150000.1.36.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-race-1.21.11-150000.1.36.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.11-150000.1.36.1.s390x"
        },
        "product_reference": "go1.21-race-1.21.11-150000.1.36.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-race-1.21.11-150000.1.36.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.11-150000.1.36.1.x86_64"
        },
        "product_reference": "go1.21-race-1.21.11-150000.1.36.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-1.21.11-150000.1.36.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-1.21.11-150000.1.36.1.aarch64"
        },
        "product_reference": "go1.21-1.21.11-150000.1.36.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-1.21.11-150000.1.36.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-1.21.11-150000.1.36.1.ppc64le"
        },
        "product_reference": "go1.21-1.21.11-150000.1.36.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-1.21.11-150000.1.36.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-1.21.11-150000.1.36.1.s390x"
        },
        "product_reference": "go1.21-1.21.11-150000.1.36.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-1.21.11-150000.1.36.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-1.21.11-150000.1.36.1.x86_64"
        },
        "product_reference": "go1.21-1.21.11-150000.1.36.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-doc-1.21.11-150000.1.36.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-doc-1.21.11-150000.1.36.1.aarch64"
        },
        "product_reference": "go1.21-doc-1.21.11-150000.1.36.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-doc-1.21.11-150000.1.36.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-doc-1.21.11-150000.1.36.1.ppc64le"
        },
        "product_reference": "go1.21-doc-1.21.11-150000.1.36.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-doc-1.21.11-150000.1.36.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-doc-1.21.11-150000.1.36.1.s390x"
        },
        "product_reference": "go1.21-doc-1.21.11-150000.1.36.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-doc-1.21.11-150000.1.36.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-doc-1.21.11-150000.1.36.1.x86_64"
        },
        "product_reference": "go1.21-doc-1.21.11-150000.1.36.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-race-1.21.11-150000.1.36.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-race-1.21.11-150000.1.36.1.aarch64"
        },
        "product_reference": "go1.21-race-1.21.11-150000.1.36.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-race-1.21.11-150000.1.36.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-race-1.21.11-150000.1.36.1.ppc64le"
        },
        "product_reference": "go1.21-race-1.21.11-150000.1.36.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-race-1.21.11-150000.1.36.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-race-1.21.11-150000.1.36.1.s390x"
        },
        "product_reference": "go1.21-race-1.21.11-150000.1.36.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-race-1.21.11-150000.1.36.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-race-1.21.11-150000.1.36.1.x86_64"
        },
        "product_reference": "go1.21-race-1.21.11-150000.1.36.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-1.21.11-150000.1.36.1.aarch64 as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:go1.21-1.21.11-150000.1.36.1.aarch64"
        },
        "product_reference": "go1.21-1.21.11-150000.1.36.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-1.21.11-150000.1.36.1.ppc64le as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:go1.21-1.21.11-150000.1.36.1.ppc64le"
        },
        "product_reference": "go1.21-1.21.11-150000.1.36.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-1.21.11-150000.1.36.1.s390x as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:go1.21-1.21.11-150000.1.36.1.s390x"
        },
        "product_reference": "go1.21-1.21.11-150000.1.36.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-1.21.11-150000.1.36.1.x86_64 as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:go1.21-1.21.11-150000.1.36.1.x86_64"
        },
        "product_reference": "go1.21-1.21.11-150000.1.36.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-doc-1.21.11-150000.1.36.1.aarch64 as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:go1.21-doc-1.21.11-150000.1.36.1.aarch64"
        },
        "product_reference": "go1.21-doc-1.21.11-150000.1.36.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-doc-1.21.11-150000.1.36.1.ppc64le as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:go1.21-doc-1.21.11-150000.1.36.1.ppc64le"
        },
        "product_reference": "go1.21-doc-1.21.11-150000.1.36.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-doc-1.21.11-150000.1.36.1.s390x as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:go1.21-doc-1.21.11-150000.1.36.1.s390x"
        },
        "product_reference": "go1.21-doc-1.21.11-150000.1.36.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-doc-1.21.11-150000.1.36.1.x86_64 as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:go1.21-doc-1.21.11-150000.1.36.1.x86_64"
        },
        "product_reference": "go1.21-doc-1.21.11-150000.1.36.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-race-1.21.11-150000.1.36.1.aarch64 as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:go1.21-race-1.21.11-150000.1.36.1.aarch64"
        },
        "product_reference": "go1.21-race-1.21.11-150000.1.36.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-race-1.21.11-150000.1.36.1.ppc64le as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:go1.21-race-1.21.11-150000.1.36.1.ppc64le"
        },
        "product_reference": "go1.21-race-1.21.11-150000.1.36.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-race-1.21.11-150000.1.36.1.s390x as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:go1.21-race-1.21.11-150000.1.36.1.s390x"
        },
        "product_reference": "go1.21-race-1.21.11-150000.1.36.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-race-1.21.11-150000.1.36.1.x86_64 as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:go1.21-race-1.21.11-150000.1.36.1.x86_64"
        },
        "product_reference": "go1.21-race-1.21.11-150000.1.36.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-1.21.11-150000.1.36.1.aarch64 as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:go1.21-1.21.11-150000.1.36.1.aarch64"
        },
        "product_reference": "go1.21-1.21.11-150000.1.36.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-1.21.11-150000.1.36.1.ppc64le as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:go1.21-1.21.11-150000.1.36.1.ppc64le"
        },
        "product_reference": "go1.21-1.21.11-150000.1.36.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-1.21.11-150000.1.36.1.s390x as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:go1.21-1.21.11-150000.1.36.1.s390x"
        },
        "product_reference": "go1.21-1.21.11-150000.1.36.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-1.21.11-150000.1.36.1.x86_64 as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:go1.21-1.21.11-150000.1.36.1.x86_64"
        },
        "product_reference": "go1.21-1.21.11-150000.1.36.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-doc-1.21.11-150000.1.36.1.aarch64 as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:go1.21-doc-1.21.11-150000.1.36.1.aarch64"
        },
        "product_reference": "go1.21-doc-1.21.11-150000.1.36.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-doc-1.21.11-150000.1.36.1.ppc64le as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:go1.21-doc-1.21.11-150000.1.36.1.ppc64le"
        },
        "product_reference": "go1.21-doc-1.21.11-150000.1.36.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-doc-1.21.11-150000.1.36.1.s390x as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:go1.21-doc-1.21.11-150000.1.36.1.s390x"
        },
        "product_reference": "go1.21-doc-1.21.11-150000.1.36.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-doc-1.21.11-150000.1.36.1.x86_64 as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:go1.21-doc-1.21.11-150000.1.36.1.x86_64"
        },
        "product_reference": "go1.21-doc-1.21.11-150000.1.36.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-race-1.21.11-150000.1.36.1.aarch64 as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:go1.21-race-1.21.11-150000.1.36.1.aarch64"
        },
        "product_reference": "go1.21-race-1.21.11-150000.1.36.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-race-1.21.11-150000.1.36.1.ppc64le as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:go1.21-race-1.21.11-150000.1.36.1.ppc64le"
        },
        "product_reference": "go1.21-race-1.21.11-150000.1.36.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-race-1.21.11-150000.1.36.1.s390x as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:go1.21-race-1.21.11-150000.1.36.1.s390x"
        },
        "product_reference": "go1.21-race-1.21.11-150000.1.36.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-race-1.21.11-150000.1.36.1.x86_64 as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:go1.21-race-1.21.11-150000.1.36.1.x86_64"
        },
        "product_reference": "go1.21-race-1.21.11-150000.1.36.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-24789",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-24789"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The archive/zip package\u0027s handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be exploited to create an zip file with contents that vary depending on the implementation reading the file. The archive/zip package now rejects files containing these errors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.11-150000.1.36.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.11-150000.1.36.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.11-150000.1.36.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.11-150000.1.36.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.11-150000.1.36.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.11-150000.1.36.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.11-150000.1.36.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.11-150000.1.36.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.11-150000.1.36.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.11-150000.1.36.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.11-150000.1.36.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.11-150000.1.36.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-1.21.11-150000.1.36.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-1.21.11-150000.1.36.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-1.21.11-150000.1.36.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-1.21.11-150000.1.36.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-doc-1.21.11-150000.1.36.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-doc-1.21.11-150000.1.36.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-doc-1.21.11-150000.1.36.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-doc-1.21.11-150000.1.36.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-race-1.21.11-150000.1.36.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-race-1.21.11-150000.1.36.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-race-1.21.11-150000.1.36.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-race-1.21.11-150000.1.36.1.x86_64",
          "openSUSE Leap 15.5:go1.21-1.21.11-150000.1.36.1.aarch64",
          "openSUSE Leap 15.5:go1.21-1.21.11-150000.1.36.1.ppc64le",
          "openSUSE Leap 15.5:go1.21-1.21.11-150000.1.36.1.s390x",
          "openSUSE Leap 15.5:go1.21-1.21.11-150000.1.36.1.x86_64",
          "openSUSE Leap 15.5:go1.21-doc-1.21.11-150000.1.36.1.aarch64",
          "openSUSE Leap 15.5:go1.21-doc-1.21.11-150000.1.36.1.ppc64le",
          "openSUSE Leap 15.5:go1.21-doc-1.21.11-150000.1.36.1.s390x",
          "openSUSE Leap 15.5:go1.21-doc-1.21.11-150000.1.36.1.x86_64",
          "openSUSE Leap 15.5:go1.21-race-1.21.11-150000.1.36.1.aarch64",
          "openSUSE Leap 15.5:go1.21-race-1.21.11-150000.1.36.1.ppc64le",
          "openSUSE Leap 15.5:go1.21-race-1.21.11-150000.1.36.1.s390x",
          "openSUSE Leap 15.5:go1.21-race-1.21.11-150000.1.36.1.x86_64",
          "openSUSE Leap 15.6:go1.21-1.21.11-150000.1.36.1.aarch64",
          "openSUSE Leap 15.6:go1.21-1.21.11-150000.1.36.1.ppc64le",
          "openSUSE Leap 15.6:go1.21-1.21.11-150000.1.36.1.s390x",
          "openSUSE Leap 15.6:go1.21-1.21.11-150000.1.36.1.x86_64",
          "openSUSE Leap 15.6:go1.21-doc-1.21.11-150000.1.36.1.aarch64",
          "openSUSE Leap 15.6:go1.21-doc-1.21.11-150000.1.36.1.ppc64le",
          "openSUSE Leap 15.6:go1.21-doc-1.21.11-150000.1.36.1.s390x",
          "openSUSE Leap 15.6:go1.21-doc-1.21.11-150000.1.36.1.x86_64",
          "openSUSE Leap 15.6:go1.21-race-1.21.11-150000.1.36.1.aarch64",
          "openSUSE Leap 15.6:go1.21-race-1.21.11-150000.1.36.1.ppc64le",
          "openSUSE Leap 15.6:go1.21-race-1.21.11-150000.1.36.1.s390x",
          "openSUSE Leap 15.6:go1.21-race-1.21.11-150000.1.36.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-24789",
          "url": "https://www.suse.com/security/cve/CVE-2024-24789"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1225973 for CVE-2024-24789",
          "url": "https://bugzilla.suse.com/1225973"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.11-150000.1.36.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.11-150000.1.36.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.11-150000.1.36.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.11-150000.1.36.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.11-150000.1.36.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.11-150000.1.36.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.11-150000.1.36.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.11-150000.1.36.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.11-150000.1.36.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.11-150000.1.36.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.11-150000.1.36.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.11-150000.1.36.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-1.21.11-150000.1.36.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-1.21.11-150000.1.36.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-1.21.11-150000.1.36.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-1.21.11-150000.1.36.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-doc-1.21.11-150000.1.36.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-doc-1.21.11-150000.1.36.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-doc-1.21.11-150000.1.36.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-doc-1.21.11-150000.1.36.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-race-1.21.11-150000.1.36.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-race-1.21.11-150000.1.36.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-race-1.21.11-150000.1.36.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-race-1.21.11-150000.1.36.1.x86_64",
            "openSUSE Leap 15.5:go1.21-1.21.11-150000.1.36.1.aarch64",
            "openSUSE Leap 15.5:go1.21-1.21.11-150000.1.36.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-1.21.11-150000.1.36.1.s390x",
            "openSUSE Leap 15.5:go1.21-1.21.11-150000.1.36.1.x86_64",
            "openSUSE Leap 15.5:go1.21-doc-1.21.11-150000.1.36.1.aarch64",
            "openSUSE Leap 15.5:go1.21-doc-1.21.11-150000.1.36.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-doc-1.21.11-150000.1.36.1.s390x",
            "openSUSE Leap 15.5:go1.21-doc-1.21.11-150000.1.36.1.x86_64",
            "openSUSE Leap 15.5:go1.21-race-1.21.11-150000.1.36.1.aarch64",
            "openSUSE Leap 15.5:go1.21-race-1.21.11-150000.1.36.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-race-1.21.11-150000.1.36.1.s390x",
            "openSUSE Leap 15.5:go1.21-race-1.21.11-150000.1.36.1.x86_64",
            "openSUSE Leap 15.6:go1.21-1.21.11-150000.1.36.1.aarch64",
            "openSUSE Leap 15.6:go1.21-1.21.11-150000.1.36.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-1.21.11-150000.1.36.1.s390x",
            "openSUSE Leap 15.6:go1.21-1.21.11-150000.1.36.1.x86_64",
            "openSUSE Leap 15.6:go1.21-doc-1.21.11-150000.1.36.1.aarch64",
            "openSUSE Leap 15.6:go1.21-doc-1.21.11-150000.1.36.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-doc-1.21.11-150000.1.36.1.s390x",
            "openSUSE Leap 15.6:go1.21-doc-1.21.11-150000.1.36.1.x86_64",
            "openSUSE Leap 15.6:go1.21-race-1.21.11-150000.1.36.1.aarch64",
            "openSUSE Leap 15.6:go1.21-race-1.21.11-150000.1.36.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-race-1.21.11-150000.1.36.1.s390x",
            "openSUSE Leap 15.6:go1.21-race-1.21.11-150000.1.36.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.11-150000.1.36.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.11-150000.1.36.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.11-150000.1.36.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.11-150000.1.36.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.11-150000.1.36.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.11-150000.1.36.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.11-150000.1.36.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.11-150000.1.36.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.11-150000.1.36.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.11-150000.1.36.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.11-150000.1.36.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.11-150000.1.36.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-1.21.11-150000.1.36.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-1.21.11-150000.1.36.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-1.21.11-150000.1.36.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-1.21.11-150000.1.36.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-doc-1.21.11-150000.1.36.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-doc-1.21.11-150000.1.36.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-doc-1.21.11-150000.1.36.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-doc-1.21.11-150000.1.36.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-race-1.21.11-150000.1.36.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-race-1.21.11-150000.1.36.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-race-1.21.11-150000.1.36.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-race-1.21.11-150000.1.36.1.x86_64",
            "openSUSE Leap 15.5:go1.21-1.21.11-150000.1.36.1.aarch64",
            "openSUSE Leap 15.5:go1.21-1.21.11-150000.1.36.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-1.21.11-150000.1.36.1.s390x",
            "openSUSE Leap 15.5:go1.21-1.21.11-150000.1.36.1.x86_64",
            "openSUSE Leap 15.5:go1.21-doc-1.21.11-150000.1.36.1.aarch64",
            "openSUSE Leap 15.5:go1.21-doc-1.21.11-150000.1.36.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-doc-1.21.11-150000.1.36.1.s390x",
            "openSUSE Leap 15.5:go1.21-doc-1.21.11-150000.1.36.1.x86_64",
            "openSUSE Leap 15.5:go1.21-race-1.21.11-150000.1.36.1.aarch64",
            "openSUSE Leap 15.5:go1.21-race-1.21.11-150000.1.36.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-race-1.21.11-150000.1.36.1.s390x",
            "openSUSE Leap 15.5:go1.21-race-1.21.11-150000.1.36.1.x86_64",
            "openSUSE Leap 15.6:go1.21-1.21.11-150000.1.36.1.aarch64",
            "openSUSE Leap 15.6:go1.21-1.21.11-150000.1.36.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-1.21.11-150000.1.36.1.s390x",
            "openSUSE Leap 15.6:go1.21-1.21.11-150000.1.36.1.x86_64",
            "openSUSE Leap 15.6:go1.21-doc-1.21.11-150000.1.36.1.aarch64",
            "openSUSE Leap 15.6:go1.21-doc-1.21.11-150000.1.36.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-doc-1.21.11-150000.1.36.1.s390x",
            "openSUSE Leap 15.6:go1.21-doc-1.21.11-150000.1.36.1.x86_64",
            "openSUSE Leap 15.6:go1.21-race-1.21.11-150000.1.36.1.aarch64",
            "openSUSE Leap 15.6:go1.21-race-1.21.11-150000.1.36.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-race-1.21.11-150000.1.36.1.s390x",
            "openSUSE Leap 15.6:go1.21-race-1.21.11-150000.1.36.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-10T18:04:52Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-24789"
    },
    {
      "cve": "CVE-2024-24790",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-24790"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The various Is methods (IsPrivate, IsLoopback, etc) did not work as expected for IPv4-mapped IPv6 addresses, returning false for addresses which would return true in their traditional IPv4 forms.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.11-150000.1.36.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.11-150000.1.36.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.11-150000.1.36.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.11-150000.1.36.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.11-150000.1.36.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.11-150000.1.36.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.11-150000.1.36.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.11-150000.1.36.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.11-150000.1.36.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.11-150000.1.36.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.11-150000.1.36.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.11-150000.1.36.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-1.21.11-150000.1.36.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-1.21.11-150000.1.36.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-1.21.11-150000.1.36.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-1.21.11-150000.1.36.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-doc-1.21.11-150000.1.36.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-doc-1.21.11-150000.1.36.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-doc-1.21.11-150000.1.36.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-doc-1.21.11-150000.1.36.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-race-1.21.11-150000.1.36.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-race-1.21.11-150000.1.36.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-race-1.21.11-150000.1.36.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-race-1.21.11-150000.1.36.1.x86_64",
          "openSUSE Leap 15.5:go1.21-1.21.11-150000.1.36.1.aarch64",
          "openSUSE Leap 15.5:go1.21-1.21.11-150000.1.36.1.ppc64le",
          "openSUSE Leap 15.5:go1.21-1.21.11-150000.1.36.1.s390x",
          "openSUSE Leap 15.5:go1.21-1.21.11-150000.1.36.1.x86_64",
          "openSUSE Leap 15.5:go1.21-doc-1.21.11-150000.1.36.1.aarch64",
          "openSUSE Leap 15.5:go1.21-doc-1.21.11-150000.1.36.1.ppc64le",
          "openSUSE Leap 15.5:go1.21-doc-1.21.11-150000.1.36.1.s390x",
          "openSUSE Leap 15.5:go1.21-doc-1.21.11-150000.1.36.1.x86_64",
          "openSUSE Leap 15.5:go1.21-race-1.21.11-150000.1.36.1.aarch64",
          "openSUSE Leap 15.5:go1.21-race-1.21.11-150000.1.36.1.ppc64le",
          "openSUSE Leap 15.5:go1.21-race-1.21.11-150000.1.36.1.s390x",
          "openSUSE Leap 15.5:go1.21-race-1.21.11-150000.1.36.1.x86_64",
          "openSUSE Leap 15.6:go1.21-1.21.11-150000.1.36.1.aarch64",
          "openSUSE Leap 15.6:go1.21-1.21.11-150000.1.36.1.ppc64le",
          "openSUSE Leap 15.6:go1.21-1.21.11-150000.1.36.1.s390x",
          "openSUSE Leap 15.6:go1.21-1.21.11-150000.1.36.1.x86_64",
          "openSUSE Leap 15.6:go1.21-doc-1.21.11-150000.1.36.1.aarch64",
          "openSUSE Leap 15.6:go1.21-doc-1.21.11-150000.1.36.1.ppc64le",
          "openSUSE Leap 15.6:go1.21-doc-1.21.11-150000.1.36.1.s390x",
          "openSUSE Leap 15.6:go1.21-doc-1.21.11-150000.1.36.1.x86_64",
          "openSUSE Leap 15.6:go1.21-race-1.21.11-150000.1.36.1.aarch64",
          "openSUSE Leap 15.6:go1.21-race-1.21.11-150000.1.36.1.ppc64le",
          "openSUSE Leap 15.6:go1.21-race-1.21.11-150000.1.36.1.s390x",
          "openSUSE Leap 15.6:go1.21-race-1.21.11-150000.1.36.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-24790",
          "url": "https://www.suse.com/security/cve/CVE-2024-24790"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1225974 for CVE-2024-24790",
          "url": "https://bugzilla.suse.com/1225974"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.11-150000.1.36.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.11-150000.1.36.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.11-150000.1.36.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.11-150000.1.36.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.11-150000.1.36.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.11-150000.1.36.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.11-150000.1.36.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.11-150000.1.36.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.11-150000.1.36.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.11-150000.1.36.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.11-150000.1.36.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.11-150000.1.36.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-1.21.11-150000.1.36.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-1.21.11-150000.1.36.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-1.21.11-150000.1.36.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-1.21.11-150000.1.36.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-doc-1.21.11-150000.1.36.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-doc-1.21.11-150000.1.36.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-doc-1.21.11-150000.1.36.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-doc-1.21.11-150000.1.36.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-race-1.21.11-150000.1.36.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-race-1.21.11-150000.1.36.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-race-1.21.11-150000.1.36.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-race-1.21.11-150000.1.36.1.x86_64",
            "openSUSE Leap 15.5:go1.21-1.21.11-150000.1.36.1.aarch64",
            "openSUSE Leap 15.5:go1.21-1.21.11-150000.1.36.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-1.21.11-150000.1.36.1.s390x",
            "openSUSE Leap 15.5:go1.21-1.21.11-150000.1.36.1.x86_64",
            "openSUSE Leap 15.5:go1.21-doc-1.21.11-150000.1.36.1.aarch64",
            "openSUSE Leap 15.5:go1.21-doc-1.21.11-150000.1.36.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-doc-1.21.11-150000.1.36.1.s390x",
            "openSUSE Leap 15.5:go1.21-doc-1.21.11-150000.1.36.1.x86_64",
            "openSUSE Leap 15.5:go1.21-race-1.21.11-150000.1.36.1.aarch64",
            "openSUSE Leap 15.5:go1.21-race-1.21.11-150000.1.36.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-race-1.21.11-150000.1.36.1.s390x",
            "openSUSE Leap 15.5:go1.21-race-1.21.11-150000.1.36.1.x86_64",
            "openSUSE Leap 15.6:go1.21-1.21.11-150000.1.36.1.aarch64",
            "openSUSE Leap 15.6:go1.21-1.21.11-150000.1.36.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-1.21.11-150000.1.36.1.s390x",
            "openSUSE Leap 15.6:go1.21-1.21.11-150000.1.36.1.x86_64",
            "openSUSE Leap 15.6:go1.21-doc-1.21.11-150000.1.36.1.aarch64",
            "openSUSE Leap 15.6:go1.21-doc-1.21.11-150000.1.36.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-doc-1.21.11-150000.1.36.1.s390x",
            "openSUSE Leap 15.6:go1.21-doc-1.21.11-150000.1.36.1.x86_64",
            "openSUSE Leap 15.6:go1.21-race-1.21.11-150000.1.36.1.aarch64",
            "openSUSE Leap 15.6:go1.21-race-1.21.11-150000.1.36.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-race-1.21.11-150000.1.36.1.s390x",
            "openSUSE Leap 15.6:go1.21-race-1.21.11-150000.1.36.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.11-150000.1.36.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.11-150000.1.36.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.11-150000.1.36.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.11-150000.1.36.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.11-150000.1.36.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.11-150000.1.36.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.11-150000.1.36.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.11-150000.1.36.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.11-150000.1.36.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.11-150000.1.36.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.11-150000.1.36.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.11-150000.1.36.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-1.21.11-150000.1.36.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-1.21.11-150000.1.36.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-1.21.11-150000.1.36.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-1.21.11-150000.1.36.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-doc-1.21.11-150000.1.36.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-doc-1.21.11-150000.1.36.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-doc-1.21.11-150000.1.36.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-doc-1.21.11-150000.1.36.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-race-1.21.11-150000.1.36.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-race-1.21.11-150000.1.36.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-race-1.21.11-150000.1.36.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-race-1.21.11-150000.1.36.1.x86_64",
            "openSUSE Leap 15.5:go1.21-1.21.11-150000.1.36.1.aarch64",
            "openSUSE Leap 15.5:go1.21-1.21.11-150000.1.36.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-1.21.11-150000.1.36.1.s390x",
            "openSUSE Leap 15.5:go1.21-1.21.11-150000.1.36.1.x86_64",
            "openSUSE Leap 15.5:go1.21-doc-1.21.11-150000.1.36.1.aarch64",
            "openSUSE Leap 15.5:go1.21-doc-1.21.11-150000.1.36.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-doc-1.21.11-150000.1.36.1.s390x",
            "openSUSE Leap 15.5:go1.21-doc-1.21.11-150000.1.36.1.x86_64",
            "openSUSE Leap 15.5:go1.21-race-1.21.11-150000.1.36.1.aarch64",
            "openSUSE Leap 15.5:go1.21-race-1.21.11-150000.1.36.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-race-1.21.11-150000.1.36.1.s390x",
            "openSUSE Leap 15.5:go1.21-race-1.21.11-150000.1.36.1.x86_64",
            "openSUSE Leap 15.6:go1.21-1.21.11-150000.1.36.1.aarch64",
            "openSUSE Leap 15.6:go1.21-1.21.11-150000.1.36.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-1.21.11-150000.1.36.1.s390x",
            "openSUSE Leap 15.6:go1.21-1.21.11-150000.1.36.1.x86_64",
            "openSUSE Leap 15.6:go1.21-doc-1.21.11-150000.1.36.1.aarch64",
            "openSUSE Leap 15.6:go1.21-doc-1.21.11-150000.1.36.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-doc-1.21.11-150000.1.36.1.s390x",
            "openSUSE Leap 15.6:go1.21-doc-1.21.11-150000.1.36.1.x86_64",
            "openSUSE Leap 15.6:go1.21-race-1.21.11-150000.1.36.1.aarch64",
            "openSUSE Leap 15.6:go1.21-race-1.21.11-150000.1.36.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-race-1.21.11-150000.1.36.1.s390x",
            "openSUSE Leap 15.6:go1.21-race-1.21.11-150000.1.36.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-10T18:04:52Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-24790"
    }
  ]
}

SUSE-SU-2024:1970-1

Vulnerability from csaf_suse - Published: 2024-06-10 18:05 - Updated: 2024-06-10 18:05

Summary

Security update for go1.22

Severity

Moderate

Notes

Title of the patch: Security update for go1.22

Patchnames: SUSE-2024-1970,SUSE-SLE-Module-Development-Tools-15-SP5-2024-1970,SUSE-SLE-Module-Development-Tools-15-SP6-2024-1970,openSUSE-SLE-15.5-2024-1970,openSUSE-SLE-15.6-2024-1970

CVE-2024-24789

6.2 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Affected products

Recommended 48 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-1.22.4-150000.1.18.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-1.22.4-150000.1.18.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-1.22.4-150000.1.18.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-1.22.4-150000.1.18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-doc-1.22.4-150000.1.18.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-doc-1.22.4-150000.1.18.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-doc-1.22.4-150000.1.18.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-doc-1.22.4-150000.1.18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-race-1.22.4-150000.1.18.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-race-1.22.4-150000.1.18.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-race-1.22.4-150000.1.18.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-race-1.22.4-150000.1.18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-1.22.4-150000.1.18.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-1.22.4-150000.1.18.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-1.22.4-150000.1.18.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-1.22.4-150000.1.18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-doc-1.22.4-150000.1.18.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-doc-1.22.4-150000.1.18.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-doc-1.22.4-150000.1.18.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-doc-1.22.4-150000.1.18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-race-1.22.4-150000.1.18.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-race-1.22.4-150000.1.18.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-race-1.22.4-150000.1.18.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-race-1.22.4-150000.1.18.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.22-1.22.4-150000.1.18.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.22-1.22.4-150000.1.18.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.22-1.22.4-150000.1.18.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.22-1.22.4-150000.1.18.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.22-doc-1.22.4-150000.1.18.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.22-doc-1.22.4-150000.1.18.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.22-doc-1.22.4-150000.1.18.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.22-doc-1.22.4-150000.1.18.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.22-race-1.22.4-150000.1.18.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.22-race-1.22.4-150000.1.18.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.22-race-1.22.4-150000.1.18.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.22-race-1.22.4-150000.1.18.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.22-1.22.4-150000.1.18.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.22-1.22.4-150000.1.18.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.22-1.22.4-150000.1.18.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.22-1.22.4-150000.1.18.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.22-doc-1.22.4-150000.1.18.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.22-doc-1.22.4-150000.1.18.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.22-doc-1.22.4-150000.1.18.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.22-doc-1.22.4-150000.1.18.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.22-race-1.22.4-150000.1.18.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.22-race-1.22.4-150000.1.18.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.22-race-1.22.4-150000.1.18.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.22-race-1.22.4-150000.1.18.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2024-24790

6.2 (Medium)


                        
                          CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L

Affected products

Recommended 48 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-1.22.4-150000.1.18.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-1.22.4-150000.1.18.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-1.22.4-150000.1.18.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-1.22.4-150000.1.18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-doc-1.22.4-150000.1.18.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-doc-1.22.4-150000.1.18.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-doc-1.22.4-150000.1.18.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-doc-1.22.4-150000.1.18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-race-1.22.4-150000.1.18.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-race-1.22.4-150000.1.18.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-race-1.22.4-150000.1.18.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-race-1.22.4-150000.1.18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-1.22.4-150000.1.18.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-1.22.4-150000.1.18.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-1.22.4-150000.1.18.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-1.22.4-150000.1.18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-doc-1.22.4-150000.1.18.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-doc-1.22.4-150000.1.18.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-doc-1.22.4-150000.1.18.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-doc-1.22.4-150000.1.18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-race-1.22.4-150000.1.18.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-race-1.22.4-150000.1.18.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-race-1.22.4-150000.1.18.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-race-1.22.4-150000.1.18.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.22-1.22.4-150000.1.18.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.22-1.22.4-150000.1.18.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.22-1.22.4-150000.1.18.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.22-1.22.4-150000.1.18.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.22-doc-1.22.4-150000.1.18.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.22-doc-1.22.4-150000.1.18.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.22-doc-1.22.4-150000.1.18.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.22-doc-1.22.4-150000.1.18.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.22-race-1.22.4-150000.1.18.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.22-race-1.22.4-150000.1.18.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.22-race-1.22.4-150000.1.18.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.22-race-1.22.4-150000.1.18.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.22-1.22.4-150000.1.18.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.22-1.22.4-150000.1.18.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.22-1.22.4-150000.1.18.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.22-1.22.4-150000.1.18.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.22-doc-1.22.4-150000.1.18.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.22-doc-1.22.4-150000.1.18.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.22-doc-1.22.4-150000.1.18.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.22-doc-1.22.4-150000.1.18.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.22-race-1.22.4-150000.1.18.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.22-race-1.22.4-150000.1.18.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.22-race-1.22.4-150000.1.18.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.22-race-1.22.4-150000.1.18.1.x86_64	—	Vendor Fix

Threats

Impact moderate

References

13 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/s…	self
https://www.suse.com/support/update/announcement/…	self
https://lists.suse.com/pipermail/sle-security-upd…	self
https://bugzilla.suse.com/1218424	self
https://bugzilla.suse.com/1225973	self
https://bugzilla.suse.com/1225974	self
https://www.suse.com/security/cve/CVE-2024-24789/	self
https://www.suse.com/security/cve/CVE-2024-24790/	self
https://www.suse.com/security/cve/CVE-2024-24789	external
https://bugzilla.suse.com/1225973	external
https://www.suse.com/security/cve/CVE-2024-24790	external
https://bugzilla.suse.com/1225974	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for go1.22",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for go1.22 fixes the following issues:\n\ngo1.21.11 release (bsc#1212475).\n\n- CVE-2024-24789: Fixed mishandling of corrupt central directory record in archive/zip (bsc#1225973).\n- CVE-2024-24790: Fixed unexpected behavior from Is methods for IPv4-mapped IPv6 addresses (bsc#1225974).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2024-1970,SUSE-SLE-Module-Development-Tools-15-SP5-2024-1970,SUSE-SLE-Module-Development-Tools-15-SP6-2024-1970,openSUSE-SLE-15.5-2024-1970,openSUSE-SLE-15.6-2024-1970",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_1970-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2024:1970-1",
        "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20241970-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2024:1970-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-June/018674.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1218424",
        "url": "https://bugzilla.suse.com/1218424"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1225973",
        "url": "https://bugzilla.suse.com/1225973"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1225974",
        "url": "https://bugzilla.suse.com/1225974"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-24789 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-24789/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-24790 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-24790/"
      }
    ],
    "title": "Security update for go1.22",
    "tracking": {
      "current_release_date": "2024-06-10T18:05:07Z",
      "generator": {
        "date": "2024-06-10T18:05:07Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2024:1970-1",
      "initial_release_date": "2024-06-10T18:05:07Z",
      "revision_history": [
        {
          "date": "2024-06-10T18:05:07Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "go1.22-1.22.4-150000.1.18.1.aarch64",
                "product": {
                  "name": "go1.22-1.22.4-150000.1.18.1.aarch64",
                  "product_id": "go1.22-1.22.4-150000.1.18.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "go1.22-doc-1.22.4-150000.1.18.1.aarch64",
                "product": {
                  "name": "go1.22-doc-1.22.4-150000.1.18.1.aarch64",
                  "product_id": "go1.22-doc-1.22.4-150000.1.18.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "go1.22-race-1.22.4-150000.1.18.1.aarch64",
                "product": {
                  "name": "go1.22-race-1.22.4-150000.1.18.1.aarch64",
                  "product_id": "go1.22-race-1.22.4-150000.1.18.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "go1.22-1.22.4-150000.1.18.1.i586",
                "product": {
                  "name": "go1.22-1.22.4-150000.1.18.1.i586",
                  "product_id": "go1.22-1.22.4-150000.1.18.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "go1.22-doc-1.22.4-150000.1.18.1.i586",
                "product": {
                  "name": "go1.22-doc-1.22.4-150000.1.18.1.i586",
                  "product_id": "go1.22-doc-1.22.4-150000.1.18.1.i586"
                }
              }
            ],
            "category": "architecture",
            "name": "i586"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "go1.22-1.22.4-150000.1.18.1.ppc64le",
                "product": {
                  "name": "go1.22-1.22.4-150000.1.18.1.ppc64le",
                  "product_id": "go1.22-1.22.4-150000.1.18.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "go1.22-doc-1.22.4-150000.1.18.1.ppc64le",
                "product": {
                  "name": "go1.22-doc-1.22.4-150000.1.18.1.ppc64le",
                  "product_id": "go1.22-doc-1.22.4-150000.1.18.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "go1.22-race-1.22.4-150000.1.18.1.ppc64le",
                "product": {
                  "name": "go1.22-race-1.22.4-150000.1.18.1.ppc64le",
                  "product_id": "go1.22-race-1.22.4-150000.1.18.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "go1.22-1.22.4-150000.1.18.1.s390x",
                "product": {
                  "name": "go1.22-1.22.4-150000.1.18.1.s390x",
                  "product_id": "go1.22-1.22.4-150000.1.18.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "go1.22-doc-1.22.4-150000.1.18.1.s390x",
                "product": {
                  "name": "go1.22-doc-1.22.4-150000.1.18.1.s390x",
                  "product_id": "go1.22-doc-1.22.4-150000.1.18.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "go1.22-race-1.22.4-150000.1.18.1.s390x",
                "product": {
                  "name": "go1.22-race-1.22.4-150000.1.18.1.s390x",
                  "product_id": "go1.22-race-1.22.4-150000.1.18.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "go1.22-1.22.4-150000.1.18.1.x86_64",
                "product": {
                  "name": "go1.22-1.22.4-150000.1.18.1.x86_64",
                  "product_id": "go1.22-1.22.4-150000.1.18.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "go1.22-doc-1.22.4-150000.1.18.1.x86_64",
                "product": {
                  "name": "go1.22-doc-1.22.4-150000.1.18.1.x86_64",
                  "product_id": "go1.22-doc-1.22.4-150000.1.18.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "go1.22-race-1.22.4-150000.1.18.1.x86_64",
                "product": {
                  "name": "go1.22-race-1.22.4-150000.1.18.1.x86_64",
                  "product_id": "go1.22-race-1.22.4-150000.1.18.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Module for Development Tools 15 SP5",
                "product": {
                  "name": "SUSE Linux Enterprise Module for Development Tools 15 SP5",
                  "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-development-tools:15:sp5"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Module for Development Tools 15 SP6",
                "product": {
                  "name": "SUSE Linux Enterprise Module for Development Tools 15 SP6",
                  "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-development-tools:15:sp6"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "openSUSE Leap 15.5",
                "product": {
                  "name": "openSUSE Leap 15.5",
                  "product_id": "openSUSE Leap 15.5",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:leap:15.5"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "openSUSE Leap 15.6",
                "product": {
                  "name": "openSUSE Leap 15.6",
                  "product_id": "openSUSE Leap 15.6",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:leap:15.6"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.22-1.22.4-150000.1.18.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-1.22.4-150000.1.18.1.aarch64"
        },
        "product_reference": "go1.22-1.22.4-150000.1.18.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.22-1.22.4-150000.1.18.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-1.22.4-150000.1.18.1.ppc64le"
        },
        "product_reference": "go1.22-1.22.4-150000.1.18.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.22-1.22.4-150000.1.18.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-1.22.4-150000.1.18.1.s390x"
        },
        "product_reference": "go1.22-1.22.4-150000.1.18.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.22-1.22.4-150000.1.18.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-1.22.4-150000.1.18.1.x86_64"
        },
        "product_reference": "go1.22-1.22.4-150000.1.18.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.22-doc-1.22.4-150000.1.18.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-doc-1.22.4-150000.1.18.1.aarch64"
        },
        "product_reference": "go1.22-doc-1.22.4-150000.1.18.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.22-doc-1.22.4-150000.1.18.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-doc-1.22.4-150000.1.18.1.ppc64le"
        },
        "product_reference": "go1.22-doc-1.22.4-150000.1.18.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.22-doc-1.22.4-150000.1.18.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-doc-1.22.4-150000.1.18.1.s390x"
        },
        "product_reference": "go1.22-doc-1.22.4-150000.1.18.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.22-doc-1.22.4-150000.1.18.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-doc-1.22.4-150000.1.18.1.x86_64"
        },
        "product_reference": "go1.22-doc-1.22.4-150000.1.18.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.22-race-1.22.4-150000.1.18.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-race-1.22.4-150000.1.18.1.aarch64"
        },
        "product_reference": "go1.22-race-1.22.4-150000.1.18.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.22-race-1.22.4-150000.1.18.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-race-1.22.4-150000.1.18.1.ppc64le"
        },
        "product_reference": "go1.22-race-1.22.4-150000.1.18.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.22-race-1.22.4-150000.1.18.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-race-1.22.4-150000.1.18.1.s390x"
        },
        "product_reference": "go1.22-race-1.22.4-150000.1.18.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.22-race-1.22.4-150000.1.18.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-race-1.22.4-150000.1.18.1.x86_64"
        },
        "product_reference": "go1.22-race-1.22.4-150000.1.18.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.22-1.22.4-150000.1.18.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-1.22.4-150000.1.18.1.aarch64"
        },
        "product_reference": "go1.22-1.22.4-150000.1.18.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.22-1.22.4-150000.1.18.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-1.22.4-150000.1.18.1.ppc64le"
        },
        "product_reference": "go1.22-1.22.4-150000.1.18.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.22-1.22.4-150000.1.18.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-1.22.4-150000.1.18.1.s390x"
        },
        "product_reference": "go1.22-1.22.4-150000.1.18.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.22-1.22.4-150000.1.18.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-1.22.4-150000.1.18.1.x86_64"
        },
        "product_reference": "go1.22-1.22.4-150000.1.18.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.22-doc-1.22.4-150000.1.18.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-doc-1.22.4-150000.1.18.1.aarch64"
        },
        "product_reference": "go1.22-doc-1.22.4-150000.1.18.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.22-doc-1.22.4-150000.1.18.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-doc-1.22.4-150000.1.18.1.ppc64le"
        },
        "product_reference": "go1.22-doc-1.22.4-150000.1.18.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.22-doc-1.22.4-150000.1.18.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-doc-1.22.4-150000.1.18.1.s390x"
        },
        "product_reference": "go1.22-doc-1.22.4-150000.1.18.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.22-doc-1.22.4-150000.1.18.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-doc-1.22.4-150000.1.18.1.x86_64"
        },
        "product_reference": "go1.22-doc-1.22.4-150000.1.18.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.22-race-1.22.4-150000.1.18.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-race-1.22.4-150000.1.18.1.aarch64"
        },
        "product_reference": "go1.22-race-1.22.4-150000.1.18.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.22-race-1.22.4-150000.1.18.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-race-1.22.4-150000.1.18.1.ppc64le"
        },
        "product_reference": "go1.22-race-1.22.4-150000.1.18.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.22-race-1.22.4-150000.1.18.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-race-1.22.4-150000.1.18.1.s390x"
        },
        "product_reference": "go1.22-race-1.22.4-150000.1.18.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.22-race-1.22.4-150000.1.18.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-race-1.22.4-150000.1.18.1.x86_64"
        },
        "product_reference": "go1.22-race-1.22.4-150000.1.18.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.22-1.22.4-150000.1.18.1.aarch64 as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:go1.22-1.22.4-150000.1.18.1.aarch64"
        },
        "product_reference": "go1.22-1.22.4-150000.1.18.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.22-1.22.4-150000.1.18.1.ppc64le as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:go1.22-1.22.4-150000.1.18.1.ppc64le"
        },
        "product_reference": "go1.22-1.22.4-150000.1.18.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.22-1.22.4-150000.1.18.1.s390x as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:go1.22-1.22.4-150000.1.18.1.s390x"
        },
        "product_reference": "go1.22-1.22.4-150000.1.18.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.22-1.22.4-150000.1.18.1.x86_64 as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:go1.22-1.22.4-150000.1.18.1.x86_64"
        },
        "product_reference": "go1.22-1.22.4-150000.1.18.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.22-doc-1.22.4-150000.1.18.1.aarch64 as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:go1.22-doc-1.22.4-150000.1.18.1.aarch64"
        },
        "product_reference": "go1.22-doc-1.22.4-150000.1.18.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.22-doc-1.22.4-150000.1.18.1.ppc64le as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:go1.22-doc-1.22.4-150000.1.18.1.ppc64le"
        },
        "product_reference": "go1.22-doc-1.22.4-150000.1.18.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.22-doc-1.22.4-150000.1.18.1.s390x as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:go1.22-doc-1.22.4-150000.1.18.1.s390x"
        },
        "product_reference": "go1.22-doc-1.22.4-150000.1.18.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.22-doc-1.22.4-150000.1.18.1.x86_64 as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:go1.22-doc-1.22.4-150000.1.18.1.x86_64"
        },
        "product_reference": "go1.22-doc-1.22.4-150000.1.18.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.22-race-1.22.4-150000.1.18.1.aarch64 as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:go1.22-race-1.22.4-150000.1.18.1.aarch64"
        },
        "product_reference": "go1.22-race-1.22.4-150000.1.18.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.22-race-1.22.4-150000.1.18.1.ppc64le as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:go1.22-race-1.22.4-150000.1.18.1.ppc64le"
        },
        "product_reference": "go1.22-race-1.22.4-150000.1.18.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.22-race-1.22.4-150000.1.18.1.s390x as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:go1.22-race-1.22.4-150000.1.18.1.s390x"
        },
        "product_reference": "go1.22-race-1.22.4-150000.1.18.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.22-race-1.22.4-150000.1.18.1.x86_64 as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:go1.22-race-1.22.4-150000.1.18.1.x86_64"
        },
        "product_reference": "go1.22-race-1.22.4-150000.1.18.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.22-1.22.4-150000.1.18.1.aarch64 as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:go1.22-1.22.4-150000.1.18.1.aarch64"
        },
        "product_reference": "go1.22-1.22.4-150000.1.18.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.22-1.22.4-150000.1.18.1.ppc64le as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:go1.22-1.22.4-150000.1.18.1.ppc64le"
        },
        "product_reference": "go1.22-1.22.4-150000.1.18.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.22-1.22.4-150000.1.18.1.s390x as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:go1.22-1.22.4-150000.1.18.1.s390x"
        },
        "product_reference": "go1.22-1.22.4-150000.1.18.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.22-1.22.4-150000.1.18.1.x86_64 as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:go1.22-1.22.4-150000.1.18.1.x86_64"
        },
        "product_reference": "go1.22-1.22.4-150000.1.18.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.22-doc-1.22.4-150000.1.18.1.aarch64 as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:go1.22-doc-1.22.4-150000.1.18.1.aarch64"
        },
        "product_reference": "go1.22-doc-1.22.4-150000.1.18.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.22-doc-1.22.4-150000.1.18.1.ppc64le as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:go1.22-doc-1.22.4-150000.1.18.1.ppc64le"
        },
        "product_reference": "go1.22-doc-1.22.4-150000.1.18.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.22-doc-1.22.4-150000.1.18.1.s390x as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:go1.22-doc-1.22.4-150000.1.18.1.s390x"
        },
        "product_reference": "go1.22-doc-1.22.4-150000.1.18.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.22-doc-1.22.4-150000.1.18.1.x86_64 as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:go1.22-doc-1.22.4-150000.1.18.1.x86_64"
        },
        "product_reference": "go1.22-doc-1.22.4-150000.1.18.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.22-race-1.22.4-150000.1.18.1.aarch64 as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:go1.22-race-1.22.4-150000.1.18.1.aarch64"
        },
        "product_reference": "go1.22-race-1.22.4-150000.1.18.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.22-race-1.22.4-150000.1.18.1.ppc64le as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:go1.22-race-1.22.4-150000.1.18.1.ppc64le"
        },
        "product_reference": "go1.22-race-1.22.4-150000.1.18.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.22-race-1.22.4-150000.1.18.1.s390x as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:go1.22-race-1.22.4-150000.1.18.1.s390x"
        },
        "product_reference": "go1.22-race-1.22.4-150000.1.18.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.22-race-1.22.4-150000.1.18.1.x86_64 as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:go1.22-race-1.22.4-150000.1.18.1.x86_64"
        },
        "product_reference": "go1.22-race-1.22.4-150000.1.18.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-24789",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-24789"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The archive/zip package\u0027s handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be exploited to create an zip file with contents that vary depending on the implementation reading the file. The archive/zip package now rejects files containing these errors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-1.22.4-150000.1.18.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-1.22.4-150000.1.18.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-1.22.4-150000.1.18.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-1.22.4-150000.1.18.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-doc-1.22.4-150000.1.18.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-doc-1.22.4-150000.1.18.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-doc-1.22.4-150000.1.18.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-doc-1.22.4-150000.1.18.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-race-1.22.4-150000.1.18.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-race-1.22.4-150000.1.18.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-race-1.22.4-150000.1.18.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-race-1.22.4-150000.1.18.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-1.22.4-150000.1.18.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-1.22.4-150000.1.18.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-1.22.4-150000.1.18.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-1.22.4-150000.1.18.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-doc-1.22.4-150000.1.18.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-doc-1.22.4-150000.1.18.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-doc-1.22.4-150000.1.18.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-doc-1.22.4-150000.1.18.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-race-1.22.4-150000.1.18.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-race-1.22.4-150000.1.18.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-race-1.22.4-150000.1.18.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-race-1.22.4-150000.1.18.1.x86_64",
          "openSUSE Leap 15.5:go1.22-1.22.4-150000.1.18.1.aarch64",
          "openSUSE Leap 15.5:go1.22-1.22.4-150000.1.18.1.ppc64le",
          "openSUSE Leap 15.5:go1.22-1.22.4-150000.1.18.1.s390x",
          "openSUSE Leap 15.5:go1.22-1.22.4-150000.1.18.1.x86_64",
          "openSUSE Leap 15.5:go1.22-doc-1.22.4-150000.1.18.1.aarch64",
          "openSUSE Leap 15.5:go1.22-doc-1.22.4-150000.1.18.1.ppc64le",
          "openSUSE Leap 15.5:go1.22-doc-1.22.4-150000.1.18.1.s390x",
          "openSUSE Leap 15.5:go1.22-doc-1.22.4-150000.1.18.1.x86_64",
          "openSUSE Leap 15.5:go1.22-race-1.22.4-150000.1.18.1.aarch64",
          "openSUSE Leap 15.5:go1.22-race-1.22.4-150000.1.18.1.ppc64le",
          "openSUSE Leap 15.5:go1.22-race-1.22.4-150000.1.18.1.s390x",
          "openSUSE Leap 15.5:go1.22-race-1.22.4-150000.1.18.1.x86_64",
          "openSUSE Leap 15.6:go1.22-1.22.4-150000.1.18.1.aarch64",
          "openSUSE Leap 15.6:go1.22-1.22.4-150000.1.18.1.ppc64le",
          "openSUSE Leap 15.6:go1.22-1.22.4-150000.1.18.1.s390x",
          "openSUSE Leap 15.6:go1.22-1.22.4-150000.1.18.1.x86_64",
          "openSUSE Leap 15.6:go1.22-doc-1.22.4-150000.1.18.1.aarch64",
          "openSUSE Leap 15.6:go1.22-doc-1.22.4-150000.1.18.1.ppc64le",
          "openSUSE Leap 15.6:go1.22-doc-1.22.4-150000.1.18.1.s390x",
          "openSUSE Leap 15.6:go1.22-doc-1.22.4-150000.1.18.1.x86_64",
          "openSUSE Leap 15.6:go1.22-race-1.22.4-150000.1.18.1.aarch64",
          "openSUSE Leap 15.6:go1.22-race-1.22.4-150000.1.18.1.ppc64le",
          "openSUSE Leap 15.6:go1.22-race-1.22.4-150000.1.18.1.s390x",
          "openSUSE Leap 15.6:go1.22-race-1.22.4-150000.1.18.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-24789",
          "url": "https://www.suse.com/security/cve/CVE-2024-24789"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1225973 for CVE-2024-24789",
          "url": "https://bugzilla.suse.com/1225973"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-1.22.4-150000.1.18.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-1.22.4-150000.1.18.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-1.22.4-150000.1.18.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-1.22.4-150000.1.18.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-doc-1.22.4-150000.1.18.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-doc-1.22.4-150000.1.18.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-doc-1.22.4-150000.1.18.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-doc-1.22.4-150000.1.18.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-race-1.22.4-150000.1.18.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-race-1.22.4-150000.1.18.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-race-1.22.4-150000.1.18.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-race-1.22.4-150000.1.18.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-1.22.4-150000.1.18.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-1.22.4-150000.1.18.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-1.22.4-150000.1.18.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-1.22.4-150000.1.18.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-doc-1.22.4-150000.1.18.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-doc-1.22.4-150000.1.18.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-doc-1.22.4-150000.1.18.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-doc-1.22.4-150000.1.18.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-race-1.22.4-150000.1.18.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-race-1.22.4-150000.1.18.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-race-1.22.4-150000.1.18.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-race-1.22.4-150000.1.18.1.x86_64",
            "openSUSE Leap 15.5:go1.22-1.22.4-150000.1.18.1.aarch64",
            "openSUSE Leap 15.5:go1.22-1.22.4-150000.1.18.1.ppc64le",
            "openSUSE Leap 15.5:go1.22-1.22.4-150000.1.18.1.s390x",
            "openSUSE Leap 15.5:go1.22-1.22.4-150000.1.18.1.x86_64",
            "openSUSE Leap 15.5:go1.22-doc-1.22.4-150000.1.18.1.aarch64",
            "openSUSE Leap 15.5:go1.22-doc-1.22.4-150000.1.18.1.ppc64le",
            "openSUSE Leap 15.5:go1.22-doc-1.22.4-150000.1.18.1.s390x",
            "openSUSE Leap 15.5:go1.22-doc-1.22.4-150000.1.18.1.x86_64",
            "openSUSE Leap 15.5:go1.22-race-1.22.4-150000.1.18.1.aarch64",
            "openSUSE Leap 15.5:go1.22-race-1.22.4-150000.1.18.1.ppc64le",
            "openSUSE Leap 15.5:go1.22-race-1.22.4-150000.1.18.1.s390x",
            "openSUSE Leap 15.5:go1.22-race-1.22.4-150000.1.18.1.x86_64",
            "openSUSE Leap 15.6:go1.22-1.22.4-150000.1.18.1.aarch64",
            "openSUSE Leap 15.6:go1.22-1.22.4-150000.1.18.1.ppc64le",
            "openSUSE Leap 15.6:go1.22-1.22.4-150000.1.18.1.s390x",
            "openSUSE Leap 15.6:go1.22-1.22.4-150000.1.18.1.x86_64",
            "openSUSE Leap 15.6:go1.22-doc-1.22.4-150000.1.18.1.aarch64",
            "openSUSE Leap 15.6:go1.22-doc-1.22.4-150000.1.18.1.ppc64le",
            "openSUSE Leap 15.6:go1.22-doc-1.22.4-150000.1.18.1.s390x",
            "openSUSE Leap 15.6:go1.22-doc-1.22.4-150000.1.18.1.x86_64",
            "openSUSE Leap 15.6:go1.22-race-1.22.4-150000.1.18.1.aarch64",
            "openSUSE Leap 15.6:go1.22-race-1.22.4-150000.1.18.1.ppc64le",
            "openSUSE Leap 15.6:go1.22-race-1.22.4-150000.1.18.1.s390x",
            "openSUSE Leap 15.6:go1.22-race-1.22.4-150000.1.18.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-1.22.4-150000.1.18.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-1.22.4-150000.1.18.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-1.22.4-150000.1.18.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-1.22.4-150000.1.18.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-doc-1.22.4-150000.1.18.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-doc-1.22.4-150000.1.18.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-doc-1.22.4-150000.1.18.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-doc-1.22.4-150000.1.18.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-race-1.22.4-150000.1.18.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-race-1.22.4-150000.1.18.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-race-1.22.4-150000.1.18.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-race-1.22.4-150000.1.18.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-1.22.4-150000.1.18.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-1.22.4-150000.1.18.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-1.22.4-150000.1.18.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-1.22.4-150000.1.18.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-doc-1.22.4-150000.1.18.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-doc-1.22.4-150000.1.18.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-doc-1.22.4-150000.1.18.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-doc-1.22.4-150000.1.18.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-race-1.22.4-150000.1.18.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-race-1.22.4-150000.1.18.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-race-1.22.4-150000.1.18.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-race-1.22.4-150000.1.18.1.x86_64",
            "openSUSE Leap 15.5:go1.22-1.22.4-150000.1.18.1.aarch64",
            "openSUSE Leap 15.5:go1.22-1.22.4-150000.1.18.1.ppc64le",
            "openSUSE Leap 15.5:go1.22-1.22.4-150000.1.18.1.s390x",
            "openSUSE Leap 15.5:go1.22-1.22.4-150000.1.18.1.x86_64",
            "openSUSE Leap 15.5:go1.22-doc-1.22.4-150000.1.18.1.aarch64",
            "openSUSE Leap 15.5:go1.22-doc-1.22.4-150000.1.18.1.ppc64le",
            "openSUSE Leap 15.5:go1.22-doc-1.22.4-150000.1.18.1.s390x",
            "openSUSE Leap 15.5:go1.22-doc-1.22.4-150000.1.18.1.x86_64",
            "openSUSE Leap 15.5:go1.22-race-1.22.4-150000.1.18.1.aarch64",
            "openSUSE Leap 15.5:go1.22-race-1.22.4-150000.1.18.1.ppc64le",
            "openSUSE Leap 15.5:go1.22-race-1.22.4-150000.1.18.1.s390x",
            "openSUSE Leap 15.5:go1.22-race-1.22.4-150000.1.18.1.x86_64",
            "openSUSE Leap 15.6:go1.22-1.22.4-150000.1.18.1.aarch64",
            "openSUSE Leap 15.6:go1.22-1.22.4-150000.1.18.1.ppc64le",
            "openSUSE Leap 15.6:go1.22-1.22.4-150000.1.18.1.s390x",
            "openSUSE Leap 15.6:go1.22-1.22.4-150000.1.18.1.x86_64",
            "openSUSE Leap 15.6:go1.22-doc-1.22.4-150000.1.18.1.aarch64",
            "openSUSE Leap 15.6:go1.22-doc-1.22.4-150000.1.18.1.ppc64le",
            "openSUSE Leap 15.6:go1.22-doc-1.22.4-150000.1.18.1.s390x",
            "openSUSE Leap 15.6:go1.22-doc-1.22.4-150000.1.18.1.x86_64",
            "openSUSE Leap 15.6:go1.22-race-1.22.4-150000.1.18.1.aarch64",
            "openSUSE Leap 15.6:go1.22-race-1.22.4-150000.1.18.1.ppc64le",
            "openSUSE Leap 15.6:go1.22-race-1.22.4-150000.1.18.1.s390x",
            "openSUSE Leap 15.6:go1.22-race-1.22.4-150000.1.18.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-10T18:05:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-24789"
    },
    {
      "cve": "CVE-2024-24790",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-24790"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The various Is methods (IsPrivate, IsLoopback, etc) did not work as expected for IPv4-mapped IPv6 addresses, returning false for addresses which would return true in their traditional IPv4 forms.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-1.22.4-150000.1.18.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-1.22.4-150000.1.18.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-1.22.4-150000.1.18.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-1.22.4-150000.1.18.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-doc-1.22.4-150000.1.18.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-doc-1.22.4-150000.1.18.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-doc-1.22.4-150000.1.18.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-doc-1.22.4-150000.1.18.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-race-1.22.4-150000.1.18.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-race-1.22.4-150000.1.18.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-race-1.22.4-150000.1.18.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-race-1.22.4-150000.1.18.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-1.22.4-150000.1.18.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-1.22.4-150000.1.18.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-1.22.4-150000.1.18.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-1.22.4-150000.1.18.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-doc-1.22.4-150000.1.18.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-doc-1.22.4-150000.1.18.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-doc-1.22.4-150000.1.18.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-doc-1.22.4-150000.1.18.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-race-1.22.4-150000.1.18.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-race-1.22.4-150000.1.18.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-race-1.22.4-150000.1.18.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-race-1.22.4-150000.1.18.1.x86_64",
          "openSUSE Leap 15.5:go1.22-1.22.4-150000.1.18.1.aarch64",
          "openSUSE Leap 15.5:go1.22-1.22.4-150000.1.18.1.ppc64le",
          "openSUSE Leap 15.5:go1.22-1.22.4-150000.1.18.1.s390x",
          "openSUSE Leap 15.5:go1.22-1.22.4-150000.1.18.1.x86_64",
          "openSUSE Leap 15.5:go1.22-doc-1.22.4-150000.1.18.1.aarch64",
          "openSUSE Leap 15.5:go1.22-doc-1.22.4-150000.1.18.1.ppc64le",
          "openSUSE Leap 15.5:go1.22-doc-1.22.4-150000.1.18.1.s390x",
          "openSUSE Leap 15.5:go1.22-doc-1.22.4-150000.1.18.1.x86_64",
          "openSUSE Leap 15.5:go1.22-race-1.22.4-150000.1.18.1.aarch64",
          "openSUSE Leap 15.5:go1.22-race-1.22.4-150000.1.18.1.ppc64le",
          "openSUSE Leap 15.5:go1.22-race-1.22.4-150000.1.18.1.s390x",
          "openSUSE Leap 15.5:go1.22-race-1.22.4-150000.1.18.1.x86_64",
          "openSUSE Leap 15.6:go1.22-1.22.4-150000.1.18.1.aarch64",
          "openSUSE Leap 15.6:go1.22-1.22.4-150000.1.18.1.ppc64le",
          "openSUSE Leap 15.6:go1.22-1.22.4-150000.1.18.1.s390x",
          "openSUSE Leap 15.6:go1.22-1.22.4-150000.1.18.1.x86_64",
          "openSUSE Leap 15.6:go1.22-doc-1.22.4-150000.1.18.1.aarch64",
          "openSUSE Leap 15.6:go1.22-doc-1.22.4-150000.1.18.1.ppc64le",
          "openSUSE Leap 15.6:go1.22-doc-1.22.4-150000.1.18.1.s390x",
          "openSUSE Leap 15.6:go1.22-doc-1.22.4-150000.1.18.1.x86_64",
          "openSUSE Leap 15.6:go1.22-race-1.22.4-150000.1.18.1.aarch64",
          "openSUSE Leap 15.6:go1.22-race-1.22.4-150000.1.18.1.ppc64le",
          "openSUSE Leap 15.6:go1.22-race-1.22.4-150000.1.18.1.s390x",
          "openSUSE Leap 15.6:go1.22-race-1.22.4-150000.1.18.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-24790",
          "url": "https://www.suse.com/security/cve/CVE-2024-24790"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1225974 for CVE-2024-24790",
          "url": "https://bugzilla.suse.com/1225974"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-1.22.4-150000.1.18.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-1.22.4-150000.1.18.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-1.22.4-150000.1.18.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-1.22.4-150000.1.18.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-doc-1.22.4-150000.1.18.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-doc-1.22.4-150000.1.18.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-doc-1.22.4-150000.1.18.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-doc-1.22.4-150000.1.18.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-race-1.22.4-150000.1.18.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-race-1.22.4-150000.1.18.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-race-1.22.4-150000.1.18.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-race-1.22.4-150000.1.18.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-1.22.4-150000.1.18.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-1.22.4-150000.1.18.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-1.22.4-150000.1.18.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-1.22.4-150000.1.18.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-doc-1.22.4-150000.1.18.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-doc-1.22.4-150000.1.18.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-doc-1.22.4-150000.1.18.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-doc-1.22.4-150000.1.18.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-race-1.22.4-150000.1.18.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-race-1.22.4-150000.1.18.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-race-1.22.4-150000.1.18.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-race-1.22.4-150000.1.18.1.x86_64",
            "openSUSE Leap 15.5:go1.22-1.22.4-150000.1.18.1.aarch64",
            "openSUSE Leap 15.5:go1.22-1.22.4-150000.1.18.1.ppc64le",
            "openSUSE Leap 15.5:go1.22-1.22.4-150000.1.18.1.s390x",
            "openSUSE Leap 15.5:go1.22-1.22.4-150000.1.18.1.x86_64",
            "openSUSE Leap 15.5:go1.22-doc-1.22.4-150000.1.18.1.aarch64",
            "openSUSE Leap 15.5:go1.22-doc-1.22.4-150000.1.18.1.ppc64le",
            "openSUSE Leap 15.5:go1.22-doc-1.22.4-150000.1.18.1.s390x",
            "openSUSE Leap 15.5:go1.22-doc-1.22.4-150000.1.18.1.x86_64",
            "openSUSE Leap 15.5:go1.22-race-1.22.4-150000.1.18.1.aarch64",
            "openSUSE Leap 15.5:go1.22-race-1.22.4-150000.1.18.1.ppc64le",
            "openSUSE Leap 15.5:go1.22-race-1.22.4-150000.1.18.1.s390x",
            "openSUSE Leap 15.5:go1.22-race-1.22.4-150000.1.18.1.x86_64",
            "openSUSE Leap 15.6:go1.22-1.22.4-150000.1.18.1.aarch64",
            "openSUSE Leap 15.6:go1.22-1.22.4-150000.1.18.1.ppc64le",
            "openSUSE Leap 15.6:go1.22-1.22.4-150000.1.18.1.s390x",
            "openSUSE Leap 15.6:go1.22-1.22.4-150000.1.18.1.x86_64",
            "openSUSE Leap 15.6:go1.22-doc-1.22.4-150000.1.18.1.aarch64",
            "openSUSE Leap 15.6:go1.22-doc-1.22.4-150000.1.18.1.ppc64le",
            "openSUSE Leap 15.6:go1.22-doc-1.22.4-150000.1.18.1.s390x",
            "openSUSE Leap 15.6:go1.22-doc-1.22.4-150000.1.18.1.x86_64",
            "openSUSE Leap 15.6:go1.22-race-1.22.4-150000.1.18.1.aarch64",
            "openSUSE Leap 15.6:go1.22-race-1.22.4-150000.1.18.1.ppc64le",
            "openSUSE Leap 15.6:go1.22-race-1.22.4-150000.1.18.1.s390x",
            "openSUSE Leap 15.6:go1.22-race-1.22.4-150000.1.18.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-1.22.4-150000.1.18.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-1.22.4-150000.1.18.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-1.22.4-150000.1.18.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-1.22.4-150000.1.18.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-doc-1.22.4-150000.1.18.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-doc-1.22.4-150000.1.18.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-doc-1.22.4-150000.1.18.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-doc-1.22.4-150000.1.18.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-race-1.22.4-150000.1.18.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-race-1.22.4-150000.1.18.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-race-1.22.4-150000.1.18.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-race-1.22.4-150000.1.18.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-1.22.4-150000.1.18.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-1.22.4-150000.1.18.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-1.22.4-150000.1.18.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-1.22.4-150000.1.18.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-doc-1.22.4-150000.1.18.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-doc-1.22.4-150000.1.18.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-doc-1.22.4-150000.1.18.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-doc-1.22.4-150000.1.18.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-race-1.22.4-150000.1.18.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-race-1.22.4-150000.1.18.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-race-1.22.4-150000.1.18.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-race-1.22.4-150000.1.18.1.x86_64",
            "openSUSE Leap 15.5:go1.22-1.22.4-150000.1.18.1.aarch64",
            "openSUSE Leap 15.5:go1.22-1.22.4-150000.1.18.1.ppc64le",
            "openSUSE Leap 15.5:go1.22-1.22.4-150000.1.18.1.s390x",
            "openSUSE Leap 15.5:go1.22-1.22.4-150000.1.18.1.x86_64",
            "openSUSE Leap 15.5:go1.22-doc-1.22.4-150000.1.18.1.aarch64",
            "openSUSE Leap 15.5:go1.22-doc-1.22.4-150000.1.18.1.ppc64le",
            "openSUSE Leap 15.5:go1.22-doc-1.22.4-150000.1.18.1.s390x",
            "openSUSE Leap 15.5:go1.22-doc-1.22.4-150000.1.18.1.x86_64",
            "openSUSE Leap 15.5:go1.22-race-1.22.4-150000.1.18.1.aarch64",
            "openSUSE Leap 15.5:go1.22-race-1.22.4-150000.1.18.1.ppc64le",
            "openSUSE Leap 15.5:go1.22-race-1.22.4-150000.1.18.1.s390x",
            "openSUSE Leap 15.5:go1.22-race-1.22.4-150000.1.18.1.x86_64",
            "openSUSE Leap 15.6:go1.22-1.22.4-150000.1.18.1.aarch64",
            "openSUSE Leap 15.6:go1.22-1.22.4-150000.1.18.1.ppc64le",
            "openSUSE Leap 15.6:go1.22-1.22.4-150000.1.18.1.s390x",
            "openSUSE Leap 15.6:go1.22-1.22.4-150000.1.18.1.x86_64",
            "openSUSE Leap 15.6:go1.22-doc-1.22.4-150000.1.18.1.aarch64",
            "openSUSE Leap 15.6:go1.22-doc-1.22.4-150000.1.18.1.ppc64le",
            "openSUSE Leap 15.6:go1.22-doc-1.22.4-150000.1.18.1.s390x",
            "openSUSE Leap 15.6:go1.22-doc-1.22.4-150000.1.18.1.x86_64",
            "openSUSE Leap 15.6:go1.22-race-1.22.4-150000.1.18.1.aarch64",
            "openSUSE Leap 15.6:go1.22-race-1.22.4-150000.1.18.1.ppc64le",
            "openSUSE Leap 15.6:go1.22-race-1.22.4-150000.1.18.1.s390x",
            "openSUSE Leap 15.6:go1.22-race-1.22.4-150000.1.18.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-10T18:05:07Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-24790"
    }
  ]
}

SUSE-SU-2024:3089-1

Vulnerability from csaf_suse - Published: 2024-09-03 13:52 - Updated: 2024-09-03 13:52

Summary

Security update for go1.21-openssl

Severity

Important

Notes

Title of the patch: Security update for go1.21-openssl

Description of the patch: This update for go1.21-openssl fixes the following issues: - CVE-2024-24791: Fixed denial of service due to improper 100-continue handling (bsc#1227314) - CVE-2024-24789: Fixed mishandling of corrupt central directory record in archive/zip (bsc#1225973) - CVE-2024-24790: Fixed unexpected behavior from Is methods for IPv4-mapped IPv6 addresses in net/netip (bsc#1225974) - CVE-2024-24787: Fixed arbitrary code execution during build on darwin in cmd/go (bsc#1224017) - CVE-2023-45288: Fixed denial of service due to close connections when receiving too many headers in net/http and x/net/http2 (bsc#1221400) - CVE-2023-45289: Fixed incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http and net/http/cookiejar (bsc#1221000) - CVE-2023-45290: Fixed memory exhaustion in Request.ParseMultipartForm in net/http (bsc#1221001) - CVE-2024-24783: Fixed denial of service on certificates with an unknown public key algorithm in crypto/x509 (bsc#1220999) - CVE-2024-24784: Fixed comments in display names are incorrectly handled in net/mail (bsc#1221002) - CVE-2024-24785: Fixed errors returned from MarshalJSON methods may break template escaping in html/template (bsc#1221003) Other fixes: - Update to version 1.21.13.1 cut from the go1.21-fips-release (jsc#SLE-18320) - Update to version 1.21.13 (bsc#1212475) - Remove subpackage go1.x-openssl-libstd for compiled shared object libstd.so. (jsc#PED-1962) - Ensure VERSION file is present in GOROOT as required by go tool dist and go tool distpack (bsc#1219988)

Patchnames: SUSE-2024-3089,SUSE-SLE-Module-Development-Tools-15-SP5-2024-3089,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3089,SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3089,SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3089,SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3089,SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3089,openSUSE-SLE-15.5-2024-3089

CVE-2023-45288

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Affected products

Recommended 54 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2023-45289

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected products

Recommended 54 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2023-45290

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 54 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2024-24783

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 54 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2024-24784

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Affected products

Recommended 54 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2024-24785

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Affected products

Recommended 54 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2024-24787

6.4 (Medium)


                        
                          CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 54 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2024-24789

6.2 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Affected products

Recommended 54 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2024-24790

6.2 (Medium)


                        
                          CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L

Affected products

Recommended 54 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2024-24791

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 54 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64	—	Vendor Fix

Threats

Impact moderate

References

46 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/s…	self
https://www.suse.com/support/update/announcement/…	self
https://lists.suse.com/pipermail/sle-updates/2024…	self
https://bugzilla.suse.com/1212475	self
https://bugzilla.suse.com/1219988	self
https://bugzilla.suse.com/1220999	self
https://bugzilla.suse.com/1221000	self
https://bugzilla.suse.com/1221001	self
https://bugzilla.suse.com/1221002	self
https://bugzilla.suse.com/1221003	self
https://bugzilla.suse.com/1221400	self
https://bugzilla.suse.com/1224017	self
https://bugzilla.suse.com/1225973	self
https://bugzilla.suse.com/1225974	self
https://bugzilla.suse.com/1227314	self
https://www.suse.com/security/cve/CVE-2023-45288/	self
https://www.suse.com/security/cve/CVE-2023-45289/	self
https://www.suse.com/security/cve/CVE-2023-45290/	self
https://www.suse.com/security/cve/CVE-2024-24783/	self
https://www.suse.com/security/cve/CVE-2024-24784/	self
https://www.suse.com/security/cve/CVE-2024-24785/	self
https://www.suse.com/security/cve/CVE-2024-24787/	self
https://www.suse.com/security/cve/CVE-2024-24789/	self
https://www.suse.com/security/cve/CVE-2024-24790/	self
https://www.suse.com/security/cve/CVE-2024-24791/	self
https://www.suse.com/security/cve/CVE-2023-45288	external
https://bugzilla.suse.com/1221400	external
https://www.suse.com/security/cve/CVE-2023-45289	external
https://bugzilla.suse.com/1221000	external
https://www.suse.com/security/cve/CVE-2023-45290	external
https://bugzilla.suse.com/1221001	external
https://www.suse.com/security/cve/CVE-2024-24783	external
https://bugzilla.suse.com/1220999	external
https://www.suse.com/security/cve/CVE-2024-24784	external
https://bugzilla.suse.com/1221002	external
https://www.suse.com/security/cve/CVE-2024-24785	external
https://bugzilla.suse.com/1221003	external
https://www.suse.com/security/cve/CVE-2024-24787	external
https://bugzilla.suse.com/1224017	external
https://www.suse.com/security/cve/CVE-2024-24789	external
https://bugzilla.suse.com/1225973	external
https://www.suse.com/security/cve/CVE-2024-24790	external
https://bugzilla.suse.com/1225974	external
https://www.suse.com/security/cve/CVE-2024-24791	external
https://bugzilla.suse.com/1227314	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for go1.21-openssl",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for go1.21-openssl fixes the following issues:\n  \n- CVE-2024-24791: Fixed denial of service due to improper 100-continue handling (bsc#1227314)\n- CVE-2024-24789: Fixed mishandling of corrupt central directory record in archive/zip (bsc#1225973)\n- CVE-2024-24790: Fixed unexpected behavior from Is methods for IPv4-mapped IPv6 addresses in net/netip (bsc#1225974)\n- CVE-2024-24787: Fixed arbitrary code execution during build on darwin in cmd/go (bsc#1224017)\n- CVE-2023-45288: Fixed denial of service due to close connections when receiving too many headers in net/http and x/net/http2 (bsc#1221400)\n- CVE-2023-45289: Fixed incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http and net/http/cookiejar (bsc#1221000) \n- CVE-2023-45290: Fixed memory exhaustion in Request.ParseMultipartForm in net/http (bsc#1221001)\n- CVE-2024-24783: Fixed denial of service on certificates with an unknown public key algorithm in crypto/x509 (bsc#1220999)\n- CVE-2024-24784: Fixed comments in display names are incorrectly handled in net/mail (bsc#1221002)\n- CVE-2024-24785: Fixed errors returned from MarshalJSON methods may break template escaping in html/template (bsc#1221003)\n\nOther fixes:\n- Update to version 1.21.13.1 cut from the go1.21-fips-release (jsc#SLE-18320)\n- Update to version 1.21.13 (bsc#1212475)\n- Remove subpackage go1.x-openssl-libstd for compiled shared object libstd.so. (jsc#PED-1962)\n- Ensure VERSION file is present in GOROOT as required by go tool dist and go tool distpack (bsc#1219988)\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2024-3089,SUSE-SLE-Module-Development-Tools-15-SP5-2024-3089,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3089,SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3089,SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3089,SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3089,SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3089,openSUSE-SLE-15.5-2024-3089",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_3089-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2024:3089-1",
        "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20243089-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2024:3089-1",
        "url": "https://lists.suse.com/pipermail/sle-updates/2024-September/036783.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1212475",
        "url": "https://bugzilla.suse.com/1212475"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1219988",
        "url": "https://bugzilla.suse.com/1219988"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1220999",
        "url": "https://bugzilla.suse.com/1220999"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1221000",
        "url": "https://bugzilla.suse.com/1221000"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1221001",
        "url": "https://bugzilla.suse.com/1221001"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1221002",
        "url": "https://bugzilla.suse.com/1221002"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1221003",
        "url": "https://bugzilla.suse.com/1221003"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1221400",
        "url": "https://bugzilla.suse.com/1221400"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1224017",
        "url": "https://bugzilla.suse.com/1224017"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1225973",
        "url": "https://bugzilla.suse.com/1225973"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1225974",
        "url": "https://bugzilla.suse.com/1225974"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1227314",
        "url": "https://bugzilla.suse.com/1227314"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-45288 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-45288/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-45289 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-45289/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-45290 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-45290/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-24783 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-24783/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-24784 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-24784/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-24785 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-24785/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-24787 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-24787/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-24789 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-24789/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-24790 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-24790/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-24791 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-24791/"
      }
    ],
    "title": "Security update for go1.21-openssl",
    "tracking": {
      "current_release_date": "2024-09-03T13:52:11Z",
      "generator": {
        "date": "2024-09-03T13:52:11Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2024:3089-1",
      "initial_release_date": "2024-09-03T13:52:11Z",
      "revision_history": [
        {
          "date": "2024-09-03T13:52:11Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
                "product": {
                  "name": "go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
                  "product_id": "go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
                "product": {
                  "name": "go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
                  "product_id": "go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
                "product": {
                  "name": "go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
                  "product_id": "go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "go1.21-openssl-1.21.13.1-150000.1.11.1.i586",
                "product": {
                  "name": "go1.21-openssl-1.21.13.1-150000.1.11.1.i586",
                  "product_id": "go1.21-openssl-1.21.13.1-150000.1.11.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "go1.21-openssl-doc-1.21.13.1-150000.1.11.1.i586",
                "product": {
                  "name": "go1.21-openssl-doc-1.21.13.1-150000.1.11.1.i586",
                  "product_id": "go1.21-openssl-doc-1.21.13.1-150000.1.11.1.i586"
                }
              }
            ],
            "category": "architecture",
            "name": "i586"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
                "product": {
                  "name": "go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
                  "product_id": "go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
                "product": {
                  "name": "go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
                  "product_id": "go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
                "product": {
                  "name": "go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
                  "product_id": "go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
                "product": {
                  "name": "go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
                  "product_id": "go1.21-openssl-1.21.13.1-150000.1.11.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
                "product": {
                  "name": "go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
                  "product_id": "go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
                "product": {
                  "name": "go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
                  "product_id": "go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
                "product": {
                  "name": "go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
                  "product_id": "go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
                "product": {
                  "name": "go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
                  "product_id": "go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
                "product": {
                  "name": "go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
                  "product_id": "go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Module for Development Tools 15 SP5",
                "product": {
                  "name": "SUSE Linux Enterprise Module for Development Tools 15 SP5",
                  "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-development-tools:15:sp5"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
                "product": {
                  "name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
                  "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle_hpc-espos:15:sp4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
                "product": {
                  "name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
                  "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
                "product": {
                  "name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
                  "product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles-ltss:15:sp4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
                "product": {
                  "name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
                  "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles_sap:15:sp4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "openSUSE Leap 15.5",
                "product": {
                  "name": "openSUSE Leap 15.5",
                  "product_id": "openSUSE Leap 15.5",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:leap:15.5"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64"
        },
        "product_reference": "go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le"
        },
        "product_reference": "go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-1.21.13.1-150000.1.11.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x"
        },
        "product_reference": "go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64"
        },
        "product_reference": "go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64"
        },
        "product_reference": "go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le"
        },
        "product_reference": "go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x"
        },
        "product_reference": "go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64"
        },
        "product_reference": "go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64"
        },
        "product_reference": "go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le"
        },
        "product_reference": "go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x"
        },
        "product_reference": "go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64"
        },
        "product_reference": "go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64"
        },
        "product_reference": "go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64"
        },
        "product_reference": "go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64"
        },
        "product_reference": "go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64"
        },
        "product_reference": "go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64"
        },
        "product_reference": "go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64"
        },
        "product_reference": "go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64"
        },
        "product_reference": "go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64"
        },
        "product_reference": "go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64"
        },
        "product_reference": "go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64"
        },
        "product_reference": "go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64"
        },
        "product_reference": "go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64"
        },
        "product_reference": "go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64"
        },
        "product_reference": "go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le"
        },
        "product_reference": "go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-1.21.13.1-150000.1.11.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x"
        },
        "product_reference": "go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64"
        },
        "product_reference": "go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64"
        },
        "product_reference": "go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le"
        },
        "product_reference": "go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x"
        },
        "product_reference": "go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64"
        },
        "product_reference": "go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64"
        },
        "product_reference": "go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le"
        },
        "product_reference": "go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x"
        },
        "product_reference": "go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64"
        },
        "product_reference": "go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le"
        },
        "product_reference": "go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64"
        },
        "product_reference": "go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le"
        },
        "product_reference": "go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64"
        },
        "product_reference": "go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le"
        },
        "product_reference": "go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64"
        },
        "product_reference": "go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64 as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64"
        },
        "product_reference": "go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le"
        },
        "product_reference": "go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-1.21.13.1-150000.1.11.1.s390x as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x"
        },
        "product_reference": "go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64 as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64"
        },
        "product_reference": "go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64 as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64"
        },
        "product_reference": "go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le"
        },
        "product_reference": "go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x"
        },
        "product_reference": "go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64 as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64"
        },
        "product_reference": "go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64 as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64"
        },
        "product_reference": "go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le"
        },
        "product_reference": "go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x"
        },
        "product_reference": "go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64 as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64"
        },
        "product_reference": "go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-45288",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-45288"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request\u0027s headers exceed MaxHeaderBytes, no memory is allocated to store the excess headers, but they are still parsed. This permits an attacker to cause an HTTP/2 endpoint to read arbitrary amounts of header data, all associated with a request which is going to be rejected. These headers can include Huffman-encoded data which is significantly more expensive for the receiver to decode than for an attacker to send. The fix sets a limit on the amount of excess header frames we will process before closing a connection.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
          "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
          "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
          "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
          "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
          "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
          "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
          "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
          "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
          "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
          "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
          "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
          "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-45288",
          "url": "https://www.suse.com/security/cve/CVE-2023-45288"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1221400 for CVE-2023-45288",
          "url": "https://bugzilla.suse.com/1221400"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-09-03T13:52:11Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-45288"
    },
    {
      "cve": "CVE-2023-45289",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-45289"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When following an HTTP redirect to a domain which is not a subdomain match or exact match of the initial domain, an http.Client does not forward sensitive headers such as \"Authorization\" or \"Cookie\". For example, a redirect from foo.com to www.foo.com will forward the Authorization header, but a redirect to bar.com will not. A maliciously crafted HTTP redirect could cause sensitive headers to be unexpectedly forwarded.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
          "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
          "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
          "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
          "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
          "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
          "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
          "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
          "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
          "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
          "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
          "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
          "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-45289",
          "url": "https://www.suse.com/security/cve/CVE-2023-45289"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1221000 for CVE-2023-45289",
          "url": "https://bugzilla.suse.com/1221000"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-09-03T13:52:11Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-45289"
    },
    {
      "cve": "CVE-2023-45290",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-45290"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When parsing a multipart form (either explicitly with Request.ParseMultipartForm or implicitly with Request.FormValue, Request.PostFormValue, or Request.FormFile), limits on the total size of the parsed form were not applied to the memory consumed while reading a single form line. This permits a maliciously crafted input containing very long lines to cause allocation of arbitrarily large amounts of memory, potentially leading to memory exhaustion. With fix, the ParseMultipartForm function now correctly limits the maximum size of form lines.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
          "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
          "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
          "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
          "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
          "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
          "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
          "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
          "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
          "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
          "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
          "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
          "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-45290",
          "url": "https://www.suse.com/security/cve/CVE-2023-45290"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1221001 for CVE-2023-45290",
          "url": "https://bugzilla.suse.com/1221001"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-09-03T13:52:11Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-45290"
    },
    {
      "cve": "CVE-2024-24783",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-24783"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Verifying a certificate chain which contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This affects all crypto/tls clients, and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert. The default behavior is for TLS servers to not verify client certificates.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
          "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
          "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
          "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
          "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
          "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
          "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
          "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
          "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
          "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
          "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
          "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
          "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-24783",
          "url": "https://www.suse.com/security/cve/CVE-2024-24783"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1220999 for CVE-2024-24783",
          "url": "https://bugzilla.suse.com/1220999"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-09-03T13:52:11Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-24783"
    },
    {
      "cve": "CVE-2024-24784",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-24784"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The ParseAddressList function incorrectly handles comments (text within parentheses) within display names. Since this is a misalignment with conforming address parsers, it can result in different trust decisions being made by programs using different parsers.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
          "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
          "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
          "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
          "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
          "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
          "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
          "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
          "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
          "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
          "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
          "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
          "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-24784",
          "url": "https://www.suse.com/security/cve/CVE-2024-24784"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1221002 for CVE-2024-24784",
          "url": "https://bugzilla.suse.com/1221002"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-09-03T13:52:11Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-24784"
    },
    {
      "cve": "CVE-2024-24785",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-24785"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If errors returned from MarshalJSON methods contain user controlled data, they may be used to break the contextual auto-escaping behavior of the html/template package, allowing for subsequent actions to inject unexpected content into templates.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
          "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
          "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
          "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
          "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
          "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
          "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
          "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
          "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
          "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
          "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
          "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
          "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-24785",
          "url": "https://www.suse.com/security/cve/CVE-2024-24785"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1221003 for CVE-2024-24785",
          "url": "https://bugzilla.suse.com/1221003"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-09-03T13:52:11Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-24785"
    },
    {
      "cve": "CVE-2024-24787",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-24787"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "On Darwin, building a Go module which contains CGO can trigger arbitrary code execution when using the Apple version of ld, due to usage of the -lto_library flag in a \"#cgo LDFLAGS\" directive.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
          "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
          "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
          "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
          "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
          "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
          "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
          "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
          "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
          "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
          "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
          "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
          "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-24787",
          "url": "https://www.suse.com/security/cve/CVE-2024-24787"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1224017 for CVE-2024-24787",
          "url": "https://bugzilla.suse.com/1224017"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-09-03T13:52:11Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-24787"
    },
    {
      "cve": "CVE-2024-24789",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-24789"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The archive/zip package\u0027s handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be exploited to create an zip file with contents that vary depending on the implementation reading the file. The archive/zip package now rejects files containing these errors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
          "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
          "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
          "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
          "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
          "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
          "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
          "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
          "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
          "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
          "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
          "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
          "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-24789",
          "url": "https://www.suse.com/security/cve/CVE-2024-24789"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1225973 for CVE-2024-24789",
          "url": "https://bugzilla.suse.com/1225973"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-09-03T13:52:11Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-24789"
    },
    {
      "cve": "CVE-2024-24790",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-24790"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The various Is methods (IsPrivate, IsLoopback, etc) did not work as expected for IPv4-mapped IPv6 addresses, returning false for addresses which would return true in their traditional IPv4 forms.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
          "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
          "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
          "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
          "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
          "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
          "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
          "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
          "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
          "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
          "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
          "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
          "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-24790",
          "url": "https://www.suse.com/security/cve/CVE-2024-24790"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1225974 for CVE-2024-24790",
          "url": "https://bugzilla.suse.com/1225974"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-09-03T13:52:11Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-24790"
    },
    {
      "cve": "CVE-2024-24791",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-24791"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an \"Expect: 100-continue\" header with a non-informational (200 or higher) status. This mishandling could leave a client connection in an invalid state, where the next request sent on the connection will fail. An attacker sending a request to a net/http/httputil.ReverseProxy proxy can exploit this mishandling to cause a denial of service by sending \"Expect: 100-continue\" requests which elicit a non-informational response from the backend. Each such request leaves the proxy with an invalid connection, and causes one subsequent request using that connection to fail.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
          "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
          "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
          "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
          "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
          "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
          "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
          "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
          "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
          "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
          "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
          "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
          "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-24791",
          "url": "https://www.suse.com/security/cve/CVE-2024-24791"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1227314 for CVE-2024-24791",
          "url": "https://bugzilla.suse.com/1227314"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.aarch64",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.s390x",
            "openSUSE Leap 15.5:go1.21-openssl-1.21.13.1-150000.1.11.1.x86_64",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.aarch64",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.s390x",
            "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.1-150000.1.11.1.x86_64",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.aarch64",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.ppc64le",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.s390x",
            "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.1-150000.1.11.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-09-03T13:52:11Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-24791"
    }
  ]
}

SUSE-SU-2024:3360-1

Vulnerability from csaf_suse - Published: 2024-09-22 21:50 - Updated: 2024-09-22 21:50

Summary

Security update for container-suseconnect

Severity

Important

Notes

Title of the patch: Security update for container-suseconnect

Description of the patch: This update for container-suseconnect rebuilds it against current go1.21.13.1. Security issues fixed: CVE-2024-24789, CVE-2024-24790, CVE-2024-24791

Patchnames: SUSE-2024-3360,SUSE-SLE-Module-Containers-15-SP5-2024-3360,SUSE-SLE-Module-Containers-15-SP6-2024-3360,SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-3360,SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-3360,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3360,SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3360,SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-3360,SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3360,SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3360,SUSE-SLE-Product-SLES_SAP-15-SP2-2024-3360,SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3360,SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3360,SUSE-Storage-7.1-2024-3360

CVE-2024-24789

6.2 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Affected products

Recommended 36 products

Product	Version	Remediation
Unresolved product id: SUSE Enterprise Storage 7.1:container-suseconnect-2.5.0-150000.4.55.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:container-suseconnect-2.5.0-150000.4.55.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:container-suseconnect-2.5.0-150000.4.55.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:container-suseconnect-2.5.0-150000.4.55.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP5:container-suseconnect-2.5.0-150000.4.55.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP5:container-suseconnect-2.5.0-150000.4.55.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP5:container-suseconnect-2.5.0-150000.4.55.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP5:container-suseconnect-2.5.0-150000.4.55.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP6:container-suseconnect-2.5.0-150000.4.55.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP6:container-suseconnect-2.5.0-150000.4.55.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP6:container-suseconnect-2.5.0-150000.4.55.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP6:container-suseconnect-2.5.0-150000.4.55.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:container-suseconnect-2.5.0-150000.4.55.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:container-suseconnect-2.5.0-150000.4.55.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:container-suseconnect-2.5.0-150000.4.55.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:container-suseconnect-2.5.0-150000.4.55.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:container-suseconnect-2.5.0-150000.4.55.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:container-suseconnect-2.5.0-150000.4.55.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2024-24790

6.2 (Medium)


                        
                          CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L

Affected products

Recommended 36 products

Product	Version	Remediation
Unresolved product id: SUSE Enterprise Storage 7.1:container-suseconnect-2.5.0-150000.4.55.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:container-suseconnect-2.5.0-150000.4.55.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:container-suseconnect-2.5.0-150000.4.55.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:container-suseconnect-2.5.0-150000.4.55.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP5:container-suseconnect-2.5.0-150000.4.55.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP5:container-suseconnect-2.5.0-150000.4.55.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP5:container-suseconnect-2.5.0-150000.4.55.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP5:container-suseconnect-2.5.0-150000.4.55.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP6:container-suseconnect-2.5.0-150000.4.55.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP6:container-suseconnect-2.5.0-150000.4.55.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP6:container-suseconnect-2.5.0-150000.4.55.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP6:container-suseconnect-2.5.0-150000.4.55.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:container-suseconnect-2.5.0-150000.4.55.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:container-suseconnect-2.5.0-150000.4.55.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:container-suseconnect-2.5.0-150000.4.55.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:container-suseconnect-2.5.0-150000.4.55.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:container-suseconnect-2.5.0-150000.4.55.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:container-suseconnect-2.5.0-150000.4.55.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2024-24791

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 36 products

Product	Version	Remediation
Unresolved product id: SUSE Enterprise Storage 7.1:container-suseconnect-2.5.0-150000.4.55.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Enterprise Storage 7.1:container-suseconnect-2.5.0-150000.4.55.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:container-suseconnect-2.5.0-150000.4.55.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:container-suseconnect-2.5.0-150000.4.55.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP5:container-suseconnect-2.5.0-150000.4.55.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP5:container-suseconnect-2.5.0-150000.4.55.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP5:container-suseconnect-2.5.0-150000.4.55.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP5:container-suseconnect-2.5.0-150000.4.55.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP6:container-suseconnect-2.5.0-150000.4.55.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP6:container-suseconnect-2.5.0-150000.4.55.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP6:container-suseconnect-2.5.0-150000.4.55.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Containers 15 SP6:container-suseconnect-2.5.0-150000.4.55.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:container-suseconnect-2.5.0-150000.4.55.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP2:container-suseconnect-2.5.0-150000.4.55.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:container-suseconnect-2.5.0-150000.4.55.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP3:container-suseconnect-2.5.0-150000.4.55.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:container-suseconnect-2.5.0-150000.4.55.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 15 SP4:container-suseconnect-2.5.0-150000.4.55.1.x86_64	—	Vendor Fix

Threats

Impact moderate

References

16 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/s…	self
https://www.suse.com/support/update/announcement/…	self
https://lists.suse.com/pipermail/sle-security-upd…	self
https://bugzilla.suse.com/1225973	self
https://bugzilla.suse.com/1225974	self
https://bugzilla.suse.com/1227314	self
https://www.suse.com/security/cve/CVE-2024-24789/	self
https://www.suse.com/security/cve/CVE-2024-24790/	self
https://www.suse.com/security/cve/CVE-2024-24791/	self
https://www.suse.com/security/cve/CVE-2024-24789	external
https://bugzilla.suse.com/1225973	external
https://www.suse.com/security/cve/CVE-2024-24790	external
https://bugzilla.suse.com/1225974	external
https://www.suse.com/security/cve/CVE-2024-24791	external
https://bugzilla.suse.com/1227314	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for container-suseconnect",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "\nThis update for container-suseconnect rebuilds it against current go1.21.13.1.\n\nSecurity issues fixed: CVE-2024-24789, CVE-2024-24790, CVE-2024-24791\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2024-3360,SUSE-SLE-Module-Containers-15-SP5-2024-3360,SUSE-SLE-Module-Containers-15-SP6-2024-3360,SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-3360,SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-3360,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3360,SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3360,SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-3360,SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3360,SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3360,SUSE-SLE-Product-SLES_SAP-15-SP2-2024-3360,SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3360,SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3360,SUSE-Storage-7.1-2024-3360",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_3360-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2024:3360-1",
        "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20243360-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2024:3360-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019493.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1225973",
        "url": "https://bugzilla.suse.com/1225973"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1225974",
        "url": "https://bugzilla.suse.com/1225974"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1227314",
        "url": "https://bugzilla.suse.com/1227314"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-24789 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-24789/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-24790 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-24790/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-24791 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-24791/"
      }
    ],
    "title": "Security update for container-suseconnect",
    "tracking": {
      "current_release_date": "2024-09-22T21:50:44Z",
      "generator": {
        "date": "2024-09-22T21:50:44Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2024:3360-1",
      "initial_release_date": "2024-09-22T21:50:44Z",
      "revision_history": [
        {
          "date": "2024-09-22T21:50:44Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "container-suseconnect-2.5.0-150000.4.55.1.aarch64",
                "product": {
                  "name": "container-suseconnect-2.5.0-150000.4.55.1.aarch64",
                  "product_id": "container-suseconnect-2.5.0-150000.4.55.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "container-suseconnect-2.5.0-150000.4.55.1.i586",
                "product": {
                  "name": "container-suseconnect-2.5.0-150000.4.55.1.i586",
                  "product_id": "container-suseconnect-2.5.0-150000.4.55.1.i586"
                }
              }
            ],
            "category": "architecture",
            "name": "i586"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
                "product": {
                  "name": "container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
                  "product_id": "container-suseconnect-2.5.0-150000.4.55.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "container-suseconnect-2.5.0-150000.4.55.1.s390x",
                "product": {
                  "name": "container-suseconnect-2.5.0-150000.4.55.1.s390x",
                  "product_id": "container-suseconnect-2.5.0-150000.4.55.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "container-suseconnect-2.5.0-150000.4.55.1.x86_64",
                "product": {
                  "name": "container-suseconnect-2.5.0-150000.4.55.1.x86_64",
                  "product_id": "container-suseconnect-2.5.0-150000.4.55.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Module for Containers 15 SP5",
                "product": {
                  "name": "SUSE Linux Enterprise Module for Containers 15 SP5",
                  "product_id": "SUSE Linux Enterprise Module for Containers 15 SP5",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-containers:15:sp5"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Module for Containers 15 SP6",
                "product": {
                  "name": "SUSE Linux Enterprise Module for Containers 15 SP6",
                  "product_id": "SUSE Linux Enterprise Module for Containers 15 SP6",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-containers:15:sp6"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
                "product": {
                  "name": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
                  "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp2"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
                "product": {
                  "name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
                  "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
                "product": {
                  "name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
                  "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle_hpc-espos:15:sp4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
                "product": {
                  "name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
                  "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 15 SP2-LTSS",
                "product": {
                  "name": "SUSE Linux Enterprise Server 15 SP2-LTSS",
                  "product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles-ltss:15:sp2"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
                "product": {
                  "name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
                  "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles-ltss:15:sp3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
                "product": {
                  "name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
                  "product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles-ltss:15:sp4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
                "product": {
                  "name": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
                  "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles_sap:15:sp2"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
                "product": {
                  "name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
                  "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles_sap:15:sp3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
                "product": {
                  "name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
                  "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles_sap:15:sp4"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Enterprise Storage 7.1",
                "product": {
                  "name": "SUSE Enterprise Storage 7.1",
                  "product_id": "SUSE Enterprise Storage 7.1",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:ses:7.1"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-suseconnect-2.5.0-150000.4.55.1.aarch64 as component of SUSE Linux Enterprise Module for Containers 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Containers 15 SP5:container-suseconnect-2.5.0-150000.4.55.1.aarch64"
        },
        "product_reference": "container-suseconnect-2.5.0-150000.4.55.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-suseconnect-2.5.0-150000.4.55.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Containers 15 SP5:container-suseconnect-2.5.0-150000.4.55.1.ppc64le"
        },
        "product_reference": "container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-suseconnect-2.5.0-150000.4.55.1.s390x as component of SUSE Linux Enterprise Module for Containers 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Containers 15 SP5:container-suseconnect-2.5.0-150000.4.55.1.s390x"
        },
        "product_reference": "container-suseconnect-2.5.0-150000.4.55.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-suseconnect-2.5.0-150000.4.55.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15 SP5",
          "product_id": "SUSE Linux Enterprise Module for Containers 15 SP5:container-suseconnect-2.5.0-150000.4.55.1.x86_64"
        },
        "product_reference": "container-suseconnect-2.5.0-150000.4.55.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-suseconnect-2.5.0-150000.4.55.1.aarch64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:container-suseconnect-2.5.0-150000.4.55.1.aarch64"
        },
        "product_reference": "container-suseconnect-2.5.0-150000.4.55.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-suseconnect-2.5.0-150000.4.55.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:container-suseconnect-2.5.0-150000.4.55.1.ppc64le"
        },
        "product_reference": "container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-suseconnect-2.5.0-150000.4.55.1.s390x as component of SUSE Linux Enterprise Module for Containers 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:container-suseconnect-2.5.0-150000.4.55.1.s390x"
        },
        "product_reference": "container-suseconnect-2.5.0-150000.4.55.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-suseconnect-2.5.0-150000.4.55.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Containers 15 SP6:container-suseconnect-2.5.0-150000.4.55.1.x86_64"
        },
        "product_reference": "container-suseconnect-2.5.0-150000.4.55.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-suseconnect-2.5.0-150000.4.55.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64"
        },
        "product_reference": "container-suseconnect-2.5.0-150000.4.55.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-suseconnect-2.5.0-150000.4.55.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64"
        },
        "product_reference": "container-suseconnect-2.5.0-150000.4.55.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-suseconnect-2.5.0-150000.4.55.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64"
        },
        "product_reference": "container-suseconnect-2.5.0-150000.4.55.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-suseconnect-2.5.0-150000.4.55.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64"
        },
        "product_reference": "container-suseconnect-2.5.0-150000.4.55.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-suseconnect-2.5.0-150000.4.55.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:container-suseconnect-2.5.0-150000.4.55.1.aarch64"
        },
        "product_reference": "container-suseconnect-2.5.0-150000.4.55.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-suseconnect-2.5.0-150000.4.55.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:container-suseconnect-2.5.0-150000.4.55.1.x86_64"
        },
        "product_reference": "container-suseconnect-2.5.0-150000.4.55.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-suseconnect-2.5.0-150000.4.55.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64"
        },
        "product_reference": "container-suseconnect-2.5.0-150000.4.55.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-suseconnect-2.5.0-150000.4.55.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64"
        },
        "product_reference": "container-suseconnect-2.5.0-150000.4.55.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-suseconnect-2.5.0-150000.4.55.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64"
        },
        "product_reference": "container-suseconnect-2.5.0-150000.4.55.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-suseconnect-2.5.0-150000.4.55.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.ppc64le"
        },
        "product_reference": "container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-suseconnect-2.5.0-150000.4.55.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.s390x"
        },
        "product_reference": "container-suseconnect-2.5.0-150000.4.55.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-suseconnect-2.5.0-150000.4.55.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64"
        },
        "product_reference": "container-suseconnect-2.5.0-150000.4.55.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-suseconnect-2.5.0-150000.4.55.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64"
        },
        "product_reference": "container-suseconnect-2.5.0-150000.4.55.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-suseconnect-2.5.0-150000.4.55.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.ppc64le"
        },
        "product_reference": "container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-suseconnect-2.5.0-150000.4.55.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.s390x"
        },
        "product_reference": "container-suseconnect-2.5.0-150000.4.55.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-suseconnect-2.5.0-150000.4.55.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64"
        },
        "product_reference": "container-suseconnect-2.5.0-150000.4.55.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-suseconnect-2.5.0-150000.4.55.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64"
        },
        "product_reference": "container-suseconnect-2.5.0-150000.4.55.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-suseconnect-2.5.0-150000.4.55.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.ppc64le"
        },
        "product_reference": "container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-suseconnect-2.5.0-150000.4.55.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.s390x"
        },
        "product_reference": "container-suseconnect-2.5.0-150000.4.55.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-suseconnect-2.5.0-150000.4.55.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64"
        },
        "product_reference": "container-suseconnect-2.5.0-150000.4.55.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-suseconnect-2.5.0-150000.4.55.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:container-suseconnect-2.5.0-150000.4.55.1.ppc64le"
        },
        "product_reference": "container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-suseconnect-2.5.0-150000.4.55.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:container-suseconnect-2.5.0-150000.4.55.1.x86_64"
        },
        "product_reference": "container-suseconnect-2.5.0-150000.4.55.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-suseconnect-2.5.0-150000.4.55.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:container-suseconnect-2.5.0-150000.4.55.1.ppc64le"
        },
        "product_reference": "container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-suseconnect-2.5.0-150000.4.55.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:container-suseconnect-2.5.0-150000.4.55.1.x86_64"
        },
        "product_reference": "container-suseconnect-2.5.0-150000.4.55.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-suseconnect-2.5.0-150000.4.55.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:container-suseconnect-2.5.0-150000.4.55.1.ppc64le"
        },
        "product_reference": "container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-suseconnect-2.5.0-150000.4.55.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:container-suseconnect-2.5.0-150000.4.55.1.x86_64"
        },
        "product_reference": "container-suseconnect-2.5.0-150000.4.55.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-suseconnect-2.5.0-150000.4.55.1.aarch64 as component of SUSE Enterprise Storage 7.1",
          "product_id": "SUSE Enterprise Storage 7.1:container-suseconnect-2.5.0-150000.4.55.1.aarch64"
        },
        "product_reference": "container-suseconnect-2.5.0-150000.4.55.1.aarch64",
        "relates_to_product_reference": "SUSE Enterprise Storage 7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "container-suseconnect-2.5.0-150000.4.55.1.x86_64 as component of SUSE Enterprise Storage 7.1",
          "product_id": "SUSE Enterprise Storage 7.1:container-suseconnect-2.5.0-150000.4.55.1.x86_64"
        },
        "product_reference": "container-suseconnect-2.5.0-150000.4.55.1.x86_64",
        "relates_to_product_reference": "SUSE Enterprise Storage 7.1"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-24789",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-24789"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The archive/zip package\u0027s handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be exploited to create an zip file with contents that vary depending on the implementation reading the file. The archive/zip package now rejects files containing these errors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 7.1:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
          "SUSE Enterprise Storage 7.1:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
          "SUSE Linux Enterprise Module for Containers 15 SP5:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
          "SUSE Linux Enterprise Module for Containers 15 SP5:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
          "SUSE Linux Enterprise Module for Containers 15 SP5:container-suseconnect-2.5.0-150000.4.55.1.s390x",
          "SUSE Linux Enterprise Module for Containers 15 SP5:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
          "SUSE Linux Enterprise Module for Containers 15 SP6:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
          "SUSE Linux Enterprise Module for Containers 15 SP6:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
          "SUSE Linux Enterprise Module for Containers 15 SP6:container-suseconnect-2.5.0-150000.4.55.1.s390x",
          "SUSE Linux Enterprise Module for Containers 15 SP6:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.s390x",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:container-suseconnect-2.5.0-150000.4.55.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-24789",
          "url": "https://www.suse.com/security/cve/CVE-2024-24789"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1225973 for CVE-2024-24789",
          "url": "https://bugzilla.suse.com/1225973"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 7.1:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
            "SUSE Enterprise Storage 7.1:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise Module for Containers 15 SP5:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
            "SUSE Linux Enterprise Module for Containers 15 SP5:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
            "SUSE Linux Enterprise Module for Containers 15 SP5:container-suseconnect-2.5.0-150000.4.55.1.s390x",
            "SUSE Linux Enterprise Module for Containers 15 SP5:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise Module for Containers 15 SP6:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
            "SUSE Linux Enterprise Module for Containers 15 SP6:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
            "SUSE Linux Enterprise Module for Containers 15 SP6:container-suseconnect-2.5.0-150000.4.55.1.s390x",
            "SUSE Linux Enterprise Module for Containers 15 SP6:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:container-suseconnect-2.5.0-150000.4.55.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 7.1:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
            "SUSE Enterprise Storage 7.1:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise Module for Containers 15 SP5:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
            "SUSE Linux Enterprise Module for Containers 15 SP5:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
            "SUSE Linux Enterprise Module for Containers 15 SP5:container-suseconnect-2.5.0-150000.4.55.1.s390x",
            "SUSE Linux Enterprise Module for Containers 15 SP5:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise Module for Containers 15 SP6:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
            "SUSE Linux Enterprise Module for Containers 15 SP6:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
            "SUSE Linux Enterprise Module for Containers 15 SP6:container-suseconnect-2.5.0-150000.4.55.1.s390x",
            "SUSE Linux Enterprise Module for Containers 15 SP6:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:container-suseconnect-2.5.0-150000.4.55.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-09-22T21:50:44Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-24789"
    },
    {
      "cve": "CVE-2024-24790",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-24790"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The various Is methods (IsPrivate, IsLoopback, etc) did not work as expected for IPv4-mapped IPv6 addresses, returning false for addresses which would return true in their traditional IPv4 forms.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 7.1:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
          "SUSE Enterprise Storage 7.1:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
          "SUSE Linux Enterprise Module for Containers 15 SP5:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
          "SUSE Linux Enterprise Module for Containers 15 SP5:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
          "SUSE Linux Enterprise Module for Containers 15 SP5:container-suseconnect-2.5.0-150000.4.55.1.s390x",
          "SUSE Linux Enterprise Module for Containers 15 SP5:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
          "SUSE Linux Enterprise Module for Containers 15 SP6:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
          "SUSE Linux Enterprise Module for Containers 15 SP6:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
          "SUSE Linux Enterprise Module for Containers 15 SP6:container-suseconnect-2.5.0-150000.4.55.1.s390x",
          "SUSE Linux Enterprise Module for Containers 15 SP6:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.s390x",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:container-suseconnect-2.5.0-150000.4.55.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-24790",
          "url": "https://www.suse.com/security/cve/CVE-2024-24790"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1225974 for CVE-2024-24790",
          "url": "https://bugzilla.suse.com/1225974"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 7.1:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
            "SUSE Enterprise Storage 7.1:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise Module for Containers 15 SP5:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
            "SUSE Linux Enterprise Module for Containers 15 SP5:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
            "SUSE Linux Enterprise Module for Containers 15 SP5:container-suseconnect-2.5.0-150000.4.55.1.s390x",
            "SUSE Linux Enterprise Module for Containers 15 SP5:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise Module for Containers 15 SP6:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
            "SUSE Linux Enterprise Module for Containers 15 SP6:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
            "SUSE Linux Enterprise Module for Containers 15 SP6:container-suseconnect-2.5.0-150000.4.55.1.s390x",
            "SUSE Linux Enterprise Module for Containers 15 SP6:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:container-suseconnect-2.5.0-150000.4.55.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 7.1:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
            "SUSE Enterprise Storage 7.1:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise Module for Containers 15 SP5:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
            "SUSE Linux Enterprise Module for Containers 15 SP5:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
            "SUSE Linux Enterprise Module for Containers 15 SP5:container-suseconnect-2.5.0-150000.4.55.1.s390x",
            "SUSE Linux Enterprise Module for Containers 15 SP5:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise Module for Containers 15 SP6:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
            "SUSE Linux Enterprise Module for Containers 15 SP6:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
            "SUSE Linux Enterprise Module for Containers 15 SP6:container-suseconnect-2.5.0-150000.4.55.1.s390x",
            "SUSE Linux Enterprise Module for Containers 15 SP6:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:container-suseconnect-2.5.0-150000.4.55.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-09-22T21:50:44Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-24790"
    },
    {
      "cve": "CVE-2024-24791",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-24791"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an \"Expect: 100-continue\" header with a non-informational (200 or higher) status. This mishandling could leave a client connection in an invalid state, where the next request sent on the connection will fail. An attacker sending a request to a net/http/httputil.ReverseProxy proxy can exploit this mishandling to cause a denial of service by sending \"Expect: 100-continue\" requests which elicit a non-informational response from the backend. Each such request leaves the proxy with an invalid connection, and causes one subsequent request using that connection to fail.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 7.1:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
          "SUSE Enterprise Storage 7.1:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
          "SUSE Linux Enterprise Module for Containers 15 SP5:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
          "SUSE Linux Enterprise Module for Containers 15 SP5:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
          "SUSE Linux Enterprise Module for Containers 15 SP5:container-suseconnect-2.5.0-150000.4.55.1.s390x",
          "SUSE Linux Enterprise Module for Containers 15 SP5:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
          "SUSE Linux Enterprise Module for Containers 15 SP6:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
          "SUSE Linux Enterprise Module for Containers 15 SP6:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
          "SUSE Linux Enterprise Module for Containers 15 SP6:container-suseconnect-2.5.0-150000.4.55.1.s390x",
          "SUSE Linux Enterprise Module for Containers 15 SP6:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.s390x",
          "SUSE Linux Enterprise Server 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.s390x",
          "SUSE Linux Enterprise Server 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP2:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP4:container-suseconnect-2.5.0-150000.4.55.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-24791",
          "url": "https://www.suse.com/security/cve/CVE-2024-24791"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1227314 for CVE-2024-24791",
          "url": "https://bugzilla.suse.com/1227314"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 7.1:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
            "SUSE Enterprise Storage 7.1:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise Module for Containers 15 SP5:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
            "SUSE Linux Enterprise Module for Containers 15 SP5:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
            "SUSE Linux Enterprise Module for Containers 15 SP5:container-suseconnect-2.5.0-150000.4.55.1.s390x",
            "SUSE Linux Enterprise Module for Containers 15 SP5:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise Module for Containers 15 SP6:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
            "SUSE Linux Enterprise Module for Containers 15 SP6:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
            "SUSE Linux Enterprise Module for Containers 15 SP6:container-suseconnect-2.5.0-150000.4.55.1.s390x",
            "SUSE Linux Enterprise Module for Containers 15 SP6:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:container-suseconnect-2.5.0-150000.4.55.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 7.1:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
            "SUSE Enterprise Storage 7.1:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise Module for Containers 15 SP5:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
            "SUSE Linux Enterprise Module for Containers 15 SP5:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
            "SUSE Linux Enterprise Module for Containers 15 SP5:container-suseconnect-2.5.0-150000.4.55.1.s390x",
            "SUSE Linux Enterprise Module for Containers 15 SP5:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise Module for Containers 15 SP6:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
            "SUSE Linux Enterprise Module for Containers 15 SP6:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
            "SUSE Linux Enterprise Module for Containers 15 SP6:container-suseconnect-2.5.0-150000.4.55.1.s390x",
            "SUSE Linux Enterprise Module for Containers 15 SP6:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.s390x",
            "SUSE Linux Enterprise Server 15 SP2-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.s390x",
            "SUSE Linux Enterprise Server 15 SP4-LTSS:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP2:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:container-suseconnect-2.5.0-150000.4.55.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:container-suseconnect-2.5.0-150000.4.55.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP4:container-suseconnect-2.5.0-150000.4.55.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-09-22T21:50:44Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-24791"
    }
  ]
}

SUSE-SU-2024:3755-1

Vulnerability from csaf_suse - Published: 2024-10-24 07:54 - Updated: 2024-10-24 07:54

Summary

Security update for go1.21-openssl

Severity

Important

Notes

Title of the patch: Security update for go1.21-openssl

Patchnames: SUSE-2024-3755,SUSE-SLE-Module-Development-Tools-15-SP6-2024-3755,openSUSE-SLE-15.6-2024-3755

CVE-2023-45288

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2023-45289

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2023-45290

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2024-24783

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2024-24784

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2024-24785

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2024-24787

6.4 (Medium)


                        
                          CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2024-24789

6.2 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2024-24790

6.2 (Medium)


                        
                          CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2024-24791

6.5 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x	—	Vendor Fix
Unresolved product id: openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64	—	Vendor Fix

Threats

Impact moderate

References

46 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/s…	self
https://www.suse.com/support/update/announcement/…	self
https://lists.suse.com/pipermail/sle-security-upd…	self
https://bugzilla.suse.com/1212475	self
https://bugzilla.suse.com/1219988	self
https://bugzilla.suse.com/1220999	self
https://bugzilla.suse.com/1221000	self
https://bugzilla.suse.com/1221001	self
https://bugzilla.suse.com/1221002	self
https://bugzilla.suse.com/1221003	self
https://bugzilla.suse.com/1221400	self
https://bugzilla.suse.com/1224017	self
https://bugzilla.suse.com/1225973	self
https://bugzilla.suse.com/1225974	self
https://bugzilla.suse.com/1227314	self
https://www.suse.com/security/cve/CVE-2023-45288/	self
https://www.suse.com/security/cve/CVE-2023-45289/	self
https://www.suse.com/security/cve/CVE-2023-45290/	self
https://www.suse.com/security/cve/CVE-2024-24783/	self
https://www.suse.com/security/cve/CVE-2024-24784/	self
https://www.suse.com/security/cve/CVE-2024-24785/	self
https://www.suse.com/security/cve/CVE-2024-24787/	self
https://www.suse.com/security/cve/CVE-2024-24789/	self
https://www.suse.com/security/cve/CVE-2024-24790/	self
https://www.suse.com/security/cve/CVE-2024-24791/	self
https://www.suse.com/security/cve/CVE-2023-45288	external
https://bugzilla.suse.com/1221400	external
https://www.suse.com/security/cve/CVE-2023-45289	external
https://bugzilla.suse.com/1221000	external
https://www.suse.com/security/cve/CVE-2023-45290	external
https://bugzilla.suse.com/1221001	external
https://www.suse.com/security/cve/CVE-2024-24783	external
https://bugzilla.suse.com/1220999	external
https://www.suse.com/security/cve/CVE-2024-24784	external
https://bugzilla.suse.com/1221002	external
https://www.suse.com/security/cve/CVE-2024-24785	external
https://bugzilla.suse.com/1221003	external
https://www.suse.com/security/cve/CVE-2024-24787	external
https://bugzilla.suse.com/1224017	external
https://www.suse.com/security/cve/CVE-2024-24789	external
https://bugzilla.suse.com/1225973	external
https://www.suse.com/security/cve/CVE-2024-24790	external
https://bugzilla.suse.com/1225974	external
https://www.suse.com/security/cve/CVE-2024-24791	external
https://bugzilla.suse.com/1227314	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for go1.21-openssl",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for go1.21-openssl fixes the following issues:\n  \n- CVE-2024-24791: Fixed denial of service due to improper 100-continue handling (bsc#1227314)\n- CVE-2024-24789: Fixed mishandling of corrupt central directory record in archive/zip (bsc#1225973)\n- CVE-2024-24790: Fixed unexpected behavior from Is methods for IPv4-mapped IPv6 addresses in net/netip (bsc#1225974)\n- CVE-2024-24787: Fixed arbitrary code execution during build on darwin in cmd/go (bsc#1224017)\n- CVE-2023-45288: Fixed denial of service due to close connections when receiving too many headers in net/http and x/net/http2 (bsc#1221400)\n- CVE-2023-45289: Fixed incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http and net/http/cookiejar (bsc#1221000) \n- CVE-2023-45290: Fixed memory exhaustion in Request.ParseMultipartForm in net/http (bsc#1221001)\n- CVE-2024-24783: Fixed denial of service on certificates with an unknown public key algorithm in crypto/x509 (bsc#1220999)\n- CVE-2024-24784: Fixed comments in display names are incorrectly handled in net/mail (bsc#1221002)\n- CVE-2024-24785: Fixed errors returned from MarshalJSON methods may break template escaping in html/template (bsc#1221003)\n\nOther fixes:\n- Update to version 1.21.13.1 cut from the go1.21-fips-release (jsc#SLE-18320)\n- Update to version 1.21.13 (bsc#1212475)\n- Remove subpackage go1.x-openssl-libstd for compiled shared object libstd.so. (jsc#PED-1962)\n- Ensure VERSION file is present in GOROOT as required by go tool dist and go tool distpack (bsc#1219988)\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2024-3755,SUSE-SLE-Module-Development-Tools-15-SP6-2024-3755,openSUSE-SLE-15.6-2024-3755",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_3755-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2024:3755-1",
        "url": "https://www.suse.com/support/update/announcement/2024/suse-su-20243755-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2024:3755-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019672.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1212475",
        "url": "https://bugzilla.suse.com/1212475"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1219988",
        "url": "https://bugzilla.suse.com/1219988"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1220999",
        "url": "https://bugzilla.suse.com/1220999"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1221000",
        "url": "https://bugzilla.suse.com/1221000"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1221001",
        "url": "https://bugzilla.suse.com/1221001"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1221002",
        "url": "https://bugzilla.suse.com/1221002"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1221003",
        "url": "https://bugzilla.suse.com/1221003"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1221400",
        "url": "https://bugzilla.suse.com/1221400"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1224017",
        "url": "https://bugzilla.suse.com/1224017"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1225973",
        "url": "https://bugzilla.suse.com/1225973"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1225974",
        "url": "https://bugzilla.suse.com/1225974"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1227314",
        "url": "https://bugzilla.suse.com/1227314"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-45288 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-45288/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-45289 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-45289/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-45290 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-45290/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-24783 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-24783/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-24784 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-24784/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-24785 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-24785/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-24787 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-24787/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-24789 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-24789/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-24790 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-24790/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-24791 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-24791/"
      }
    ],
    "title": "Security update for go1.21-openssl",
    "tracking": {
      "current_release_date": "2024-10-24T07:54:03Z",
      "generator": {
        "date": "2024-10-24T07:54:03Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2024:3755-1",
      "initial_release_date": "2024-10-24T07:54:03Z",
      "revision_history": [
        {
          "date": "2024-10-24T07:54:03Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64",
                "product": {
                  "name": "go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64",
                  "product_id": "go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64",
                "product": {
                  "name": "go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64",
                  "product_id": "go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64",
                "product": {
                  "name": "go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64",
                  "product_id": "go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "go1.21-openssl-1.21.13.1-150600.16.3.1.i586",
                "product": {
                  "name": "go1.21-openssl-1.21.13.1-150600.16.3.1.i586",
                  "product_id": "go1.21-openssl-1.21.13.1-150600.16.3.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "go1.21-openssl-doc-1.21.13.1-150600.16.3.1.i586",
                "product": {
                  "name": "go1.21-openssl-doc-1.21.13.1-150600.16.3.1.i586",
                  "product_id": "go1.21-openssl-doc-1.21.13.1-150600.16.3.1.i586"
                }
              }
            ],
            "category": "architecture",
            "name": "i586"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le",
                "product": {
                  "name": "go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le",
                  "product_id": "go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le",
                "product": {
                  "name": "go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le",
                  "product_id": "go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le",
                "product": {
                  "name": "go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le",
                  "product_id": "go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "go1.21-openssl-1.21.13.1-150600.16.3.1.s390x",
                "product": {
                  "name": "go1.21-openssl-1.21.13.1-150600.16.3.1.s390x",
                  "product_id": "go1.21-openssl-1.21.13.1-150600.16.3.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x",
                "product": {
                  "name": "go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x",
                  "product_id": "go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x",
                "product": {
                  "name": "go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x",
                  "product_id": "go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64",
                "product": {
                  "name": "go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64",
                  "product_id": "go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64",
                "product": {
                  "name": "go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64",
                  "product_id": "go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64",
                "product": {
                  "name": "go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64",
                  "product_id": "go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Module for Development Tools 15 SP6",
                "product": {
                  "name": "SUSE Linux Enterprise Module for Development Tools 15 SP6",
                  "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-development-tools:15:sp6"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "openSUSE Leap 15.6",
                "product": {
                  "name": "openSUSE Leap 15.6",
                  "product_id": "openSUSE Leap 15.6",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:leap:15.6"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64"
        },
        "product_reference": "go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le"
        },
        "product_reference": "go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-1.21.13.1-150600.16.3.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x"
        },
        "product_reference": "go1.21-openssl-1.21.13.1-150600.16.3.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64"
        },
        "product_reference": "go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64"
        },
        "product_reference": "go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le"
        },
        "product_reference": "go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x"
        },
        "product_reference": "go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64"
        },
        "product_reference": "go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64"
        },
        "product_reference": "go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le"
        },
        "product_reference": "go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x"
        },
        "product_reference": "go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
          "product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64"
        },
        "product_reference": "go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64 as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64"
        },
        "product_reference": "go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le"
        },
        "product_reference": "go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-1.21.13.1-150600.16.3.1.s390x as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x"
        },
        "product_reference": "go1.21-openssl-1.21.13.1-150600.16.3.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64 as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64"
        },
        "product_reference": "go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64 as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64"
        },
        "product_reference": "go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le"
        },
        "product_reference": "go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x"
        },
        "product_reference": "go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64 as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64"
        },
        "product_reference": "go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64 as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64"
        },
        "product_reference": "go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le"
        },
        "product_reference": "go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x"
        },
        "product_reference": "go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64 as component of openSUSE Leap 15.6",
          "product_id": "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64"
        },
        "product_reference": "go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.6"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-45288",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-45288"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request\u0027s headers exceed MaxHeaderBytes, no memory is allocated to store the excess headers, but they are still parsed. This permits an attacker to cause an HTTP/2 endpoint to read arbitrary amounts of header data, all associated with a request which is going to be rejected. These headers can include Huffman-encoded data which is significantly more expensive for the receiver to decode than for an attacker to send. The fix sets a limit on the amount of excess header frames we will process before closing a connection.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64",
          "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64",
          "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le",
          "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x",
          "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64",
          "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64",
          "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le",
          "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x",
          "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64",
          "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64",
          "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le",
          "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x",
          "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-45288",
          "url": "https://www.suse.com/security/cve/CVE-2023-45288"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1221400 for CVE-2023-45288",
          "url": "https://bugzilla.suse.com/1221400"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-10-24T07:54:03Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-45288"
    },
    {
      "cve": "CVE-2023-45289",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-45289"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When following an HTTP redirect to a domain which is not a subdomain match or exact match of the initial domain, an http.Client does not forward sensitive headers such as \"Authorization\" or \"Cookie\". For example, a redirect from foo.com to www.foo.com will forward the Authorization header, but a redirect to bar.com will not. A maliciously crafted HTTP redirect could cause sensitive headers to be unexpectedly forwarded.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64",
          "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64",
          "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le",
          "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x",
          "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64",
          "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64",
          "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le",
          "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x",
          "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64",
          "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64",
          "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le",
          "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x",
          "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-45289",
          "url": "https://www.suse.com/security/cve/CVE-2023-45289"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1221000 for CVE-2023-45289",
          "url": "https://bugzilla.suse.com/1221000"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-10-24T07:54:03Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-45289"
    },
    {
      "cve": "CVE-2023-45290",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-45290"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "When parsing a multipart form (either explicitly with Request.ParseMultipartForm or implicitly with Request.FormValue, Request.PostFormValue, or Request.FormFile), limits on the total size of the parsed form were not applied to the memory consumed while reading a single form line. This permits a maliciously crafted input containing very long lines to cause allocation of arbitrarily large amounts of memory, potentially leading to memory exhaustion. With fix, the ParseMultipartForm function now correctly limits the maximum size of form lines.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64",
          "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64",
          "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le",
          "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x",
          "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64",
          "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64",
          "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le",
          "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x",
          "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64",
          "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64",
          "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le",
          "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x",
          "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-45290",
          "url": "https://www.suse.com/security/cve/CVE-2023-45290"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1221001 for CVE-2023-45290",
          "url": "https://bugzilla.suse.com/1221001"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-10-24T07:54:03Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-45290"
    },
    {
      "cve": "CVE-2024-24783",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-24783"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Verifying a certificate chain which contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This affects all crypto/tls clients, and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert. The default behavior is for TLS servers to not verify client certificates.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64",
          "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64",
          "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le",
          "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x",
          "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64",
          "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64",
          "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le",
          "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x",
          "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64",
          "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64",
          "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le",
          "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x",
          "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-24783",
          "url": "https://www.suse.com/security/cve/CVE-2024-24783"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1220999 for CVE-2024-24783",
          "url": "https://bugzilla.suse.com/1220999"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-10-24T07:54:03Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-24783"
    },
    {
      "cve": "CVE-2024-24784",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-24784"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The ParseAddressList function incorrectly handles comments (text within parentheses) within display names. Since this is a misalignment with conforming address parsers, it can result in different trust decisions being made by programs using different parsers.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64",
          "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64",
          "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le",
          "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x",
          "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64",
          "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64",
          "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le",
          "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x",
          "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64",
          "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64",
          "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le",
          "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x",
          "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-24784",
          "url": "https://www.suse.com/security/cve/CVE-2024-24784"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1221002 for CVE-2024-24784",
          "url": "https://bugzilla.suse.com/1221002"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-10-24T07:54:03Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-24784"
    },
    {
      "cve": "CVE-2024-24785",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-24785"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "If errors returned from MarshalJSON methods contain user controlled data, they may be used to break the contextual auto-escaping behavior of the html/template package, allowing for subsequent actions to inject unexpected content into templates.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64",
          "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64",
          "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le",
          "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x",
          "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64",
          "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64",
          "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le",
          "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x",
          "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64",
          "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64",
          "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le",
          "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x",
          "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-24785",
          "url": "https://www.suse.com/security/cve/CVE-2024-24785"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1221003 for CVE-2024-24785",
          "url": "https://bugzilla.suse.com/1221003"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-10-24T07:54:03Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-24785"
    },
    {
      "cve": "CVE-2024-24787",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-24787"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "On Darwin, building a Go module which contains CGO can trigger arbitrary code execution when using the Apple version of ld, due to usage of the -lto_library flag in a \"#cgo LDFLAGS\" directive.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64",
          "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64",
          "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le",
          "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x",
          "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64",
          "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64",
          "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le",
          "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x",
          "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64",
          "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64",
          "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le",
          "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x",
          "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-24787",
          "url": "https://www.suse.com/security/cve/CVE-2024-24787"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1224017 for CVE-2024-24787",
          "url": "https://bugzilla.suse.com/1224017"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-10-24T07:54:03Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-24787"
    },
    {
      "cve": "CVE-2024-24789",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-24789"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The archive/zip package\u0027s handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be exploited to create an zip file with contents that vary depending on the implementation reading the file. The archive/zip package now rejects files containing these errors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64",
          "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64",
          "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le",
          "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x",
          "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64",
          "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64",
          "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le",
          "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x",
          "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64",
          "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64",
          "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le",
          "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x",
          "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-24789",
          "url": "https://www.suse.com/security/cve/CVE-2024-24789"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1225973 for CVE-2024-24789",
          "url": "https://bugzilla.suse.com/1225973"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-10-24T07:54:03Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-24789"
    },
    {
      "cve": "CVE-2024-24790",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-24790"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The various Is methods (IsPrivate, IsLoopback, etc) did not work as expected for IPv4-mapped IPv6 addresses, returning false for addresses which would return true in their traditional IPv4 forms.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64",
          "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64",
          "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le",
          "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x",
          "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64",
          "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64",
          "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le",
          "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x",
          "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64",
          "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64",
          "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le",
          "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x",
          "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-24790",
          "url": "https://www.suse.com/security/cve/CVE-2024-24790"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1225974 for CVE-2024-24790",
          "url": "https://bugzilla.suse.com/1225974"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-10-24T07:54:03Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-24790"
    },
    {
      "cve": "CVE-2024-24791",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-24791"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an \"Expect: 100-continue\" header with a non-informational (200 or higher) status. This mishandling could leave a client connection in an invalid state, where the next request sent on the connection will fail. An attacker sending a request to a net/http/httputil.ReverseProxy proxy can exploit this mishandling to cause a denial of service by sending \"Expect: 100-continue\" requests which elicit a non-informational response from the backend. Each such request leaves the proxy with an invalid connection, and causes one subsequent request using that connection to fail.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x",
          "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64",
          "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64",
          "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le",
          "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x",
          "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64",
          "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64",
          "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le",
          "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x",
          "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64",
          "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64",
          "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le",
          "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x",
          "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-24791",
          "url": "https://www.suse.com/security/cve/CVE-2024-24791"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1227314 for CVE-2024-24791",
          "url": "https://bugzilla.suse.com/1227314"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x",
            "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.aarch64",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.s390x",
            "openSUSE Leap 15.6:go1.21-openssl-1.21.13.1-150600.16.3.1.x86_64",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.aarch64",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.s390x",
            "openSUSE Leap 15.6:go1.21-openssl-doc-1.21.13.1-150600.16.3.1.x86_64",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.aarch64",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.ppc64le",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.s390x",
            "openSUSE Leap 15.6:go1.21-openssl-race-1.21.13.1-150600.16.3.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-10-24T07:54:03Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-24791"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2024-24789 (GCVE-0-2024-24789)

Tags

Sightings

Nomenclature