Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2024-34156 (GCVE-0-2024-34156)
Vulnerability from cvelistv5 – Published: 2024-09-06 20:42 – Updated: 2024-09-26 15:03- CWE-674 - Uncontrolled Recursion
| Vendor | Product | Version | |
|---|---|---|---|
| Go standard library | encoding/gob |
Affected:
0 , < 1.22.7
(semver)
Affected: 1.23.0-0 , < 1.23.1 (semver) |
|
| go_standard_library | encoding\/gob |
Affected:
0 , < 1.22.7
(semver)
Affected: 1.23.0-0 , < 1.23.1 (semver) cpe:2.3:a:go_standard_library:encoding\/gob:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:go_standard_library:encoding\\/gob:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "encoding\\/gob",
"vendor": "go_standard_library",
"versions": [
{
"lessThan": "1.22.7",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "1.23.1",
"status": "affected",
"version": "1.23.0-0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-34156",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-09T14:04:16.338747Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-09T14:29:46.867Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-09-26T15:03:08.203Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20240926-0004/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://pkg.go.dev",
"defaultStatus": "unaffected",
"packageName": "encoding/gob",
"product": "encoding/gob",
"programRoutines": [
{
"name": "Decoder.decIgnoreOpFor"
},
{
"name": "Decoder.Decode"
},
{
"name": "Decoder.DecodeValue"
}
],
"vendor": "Go standard library",
"versions": [
{
"lessThan": "1.22.7",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "1.23.1",
"status": "affected",
"version": "1.23.0-0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Md Sakib Anwar of The Ohio State University (anwar.40@osu.edu)"
}
],
"descriptions": [
{
"lang": "en",
"value": "Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-674: Uncontrolled Recursion",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-06T20:42:42.661Z",
"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"shortName": "Go"
},
"references": [
{
"url": "https://go.dev/cl/611239"
},
{
"url": "https://go.dev/issue/69139"
},
{
"url": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk"
},
{
"url": "https://pkg.go.dev/vuln/GO-2024-3106"
}
],
"title": "Stack exhaustion in Decoder.Decode in encoding/gob"
}
},
"cveMetadata": {
"assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"assignerShortName": "Go",
"cveId": "CVE-2024-34156",
"datePublished": "2024-09-06T20:42:42.661Z",
"dateReserved": "2024-05-01T18:45:34.846Z",
"dateUpdated": "2024-09-26T15:03:08.203Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2024-34156",
"date": "2026-07-01",
"epss": "0.01127",
"percentile": "0.62348"
},
"fkie_nvd": {
"descriptions": "[{\"lang\": \"en\", \"value\": \"Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.\"}, {\"lang\": \"es\", \"value\": \"Llamar a Decoder.Decode en un mensaje que contiene estructuras profundamente anidadas puede provocar un p\\u00e1nico debido al agotamiento de la pila. Esta es una continuaci\\u00f3n de CVE-2022-30635.\"}]",
"id": "CVE-2024-34156",
"lastModified": "2024-11-21T09:18:12.853",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}]}",
"published": "2024-09-06T21:15:12.020",
"references": "[{\"url\": \"https://go.dev/cl/611239\", \"source\": \"security@golang.org\"}, {\"url\": \"https://go.dev/issue/69139\", \"source\": \"security@golang.org\"}, {\"url\": \"https://groups.google.com/g/golang-dev/c/S9POB9NCTdk\", \"source\": \"security@golang.org\"}, {\"url\": \"https://pkg.go.dev/vuln/GO-2024-3106\", \"source\": \"security@golang.org\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20240926-0004/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "security@golang.org",
"vulnStatus": "Awaiting Analysis"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-34156\",\"sourceIdentifier\":\"security@golang.org\",\"published\":\"2024-09-06T21:15:12.020\",\"lastModified\":\"2026-06-17T07:33:00.720\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.\"},{\"lang\":\"es\",\"value\":\"Llamar a Decoder.Decode en un mensaje que contiene estructuras profundamente anidadas puede provocar un p\u00e1nico debido al agotamiento de la pila. Esta es una continuaci\u00f3n de CVE-2022-30635.\"}],\"affected\":[{\"source\":\"security@golang.org\",\"affectedData\":[{\"vendor\":\"Go standard library\",\"product\":\"encoding/gob\",\"defaultStatus\":\"unaffected\",\"collectionURL\":\"https://pkg.go.dev\",\"packageName\":\"encoding/gob\",\"programRoutines\":[{\"name\":\"Decoder.decIgnoreOpFor\"},{\"name\":\"Decoder.Decode\"},{\"name\":\"Decoder.DecodeValue\"}],\"versions\":[{\"version\":\"0\",\"lessThan\":\"1.22.7\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"1.23.0-0\",\"lessThan\":\"1.23.1\",\"versionType\":\"semver\",\"status\":\"affected\"}]}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"affectedData\":[{\"vendor\":\"go_standard_library\",\"product\":\"encoding\\\\/gob\",\"defaultStatus\":\"unknown\",\"cpes\":[\"cpe:2.3:a:go_standard_library:encoding\\\\/gob:*:*:*:*:*:*:*:*\"],\"versions\":[{\"version\":\"0\",\"lessThan\":\"1.22.7\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"1.23.0-0\",\"lessThan\":\"1.23.1\",\"versionType\":\"semver\",\"status\":\"affected\"}]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2024-09-09T14:04:16.338747Z\",\"id\":\"CVE-2024-34156\",\"options\":[{\"exploitation\":\"none\"},{\"automatable\":\"yes\"},{\"technicalImpact\":\"partial\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"references\":[{\"url\":\"https://go.dev/cl/611239\",\"source\":\"security@golang.org\"},{\"url\":\"https://go.dev/issue/69139\",\"source\":\"security@golang.org\"},{\"url\":\"https://groups.google.com/g/golang-dev/c/S9POB9NCTdk\",\"source\":\"security@golang.org\"},{\"url\":\"https://pkg.go.dev/vuln/GO-2024-3106\",\"source\":\"security@golang.org\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20240926-0004/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://security.netapp.com/advisory/ntap-20240926-0004/\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-09-26T15:03:08.203Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-34156\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-09-09T14:04:16.338747Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:go_standard_library:encoding\\\\/gob:*:*:*:*:*:*:*:*\"], \"vendor\": \"go_standard_library\", \"product\": \"encoding\\\\/gob\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"1.22.7\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"1.23.0-0\", \"lessThan\": \"1.23.1\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-09-09T14:06:46.233Z\"}}], \"cna\": {\"title\": \"Stack exhaustion in Decoder.Decode in encoding/gob\", \"credits\": [{\"lang\": \"en\", \"value\": \"Md Sakib Anwar of The Ohio State University (anwar.40@osu.edu)\"}], \"affected\": [{\"vendor\": \"Go standard library\", \"product\": \"encoding/gob\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"1.22.7\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"1.23.0-0\", \"lessThan\": \"1.23.1\", \"versionType\": \"semver\"}], \"packageName\": \"encoding/gob\", \"collectionURL\": \"https://pkg.go.dev\", \"defaultStatus\": \"unaffected\", \"programRoutines\": [{\"name\": \"Decoder.decIgnoreOpFor\"}, {\"name\": \"Decoder.Decode\"}, {\"name\": \"Decoder.DecodeValue\"}]}], \"references\": [{\"url\": \"https://go.dev/cl/611239\"}, {\"url\": \"https://go.dev/issue/69139\"}, {\"url\": \"https://groups.google.com/g/golang-dev/c/S9POB9NCTdk\"}, {\"url\": \"https://pkg.go.dev/vuln/GO-2024-3106\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"CWE-674: Uncontrolled Recursion\"}]}], \"providerMetadata\": {\"orgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"shortName\": \"Go\", \"dateUpdated\": \"2024-09-06T20:42:42.661Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-34156\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-09-26T15:03:08.203Z\", \"dateReserved\": \"2024-05-01T18:45:34.846Z\", \"assignerOrgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"datePublished\": \"2024-09-06T20:42:42.661Z\", \"assignerShortName\": \"Go\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
RHSA-2024_9473
Vulnerability from csaf_redhat - Published: 2024-11-12 10:24 - Updated: 2024-12-17 18:56A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.5.0.Z.MAIN:grafana-0:10.2.6-7.el9_5.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.5.0.Z.MAIN:grafana-0:10.2.6-7.el9_5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.5.0.Z.MAIN:grafana-0:10.2.6-7.el9_5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.5.0.Z.MAIN:grafana-0:10.2.6-7.el9_5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.5.0.Z.MAIN:grafana-0:10.2.6-7.el9_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.5.0.Z.MAIN:grafana-debuginfo-0:10.2.6-7.el9_5.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.5.0.Z.MAIN:grafana-debuginfo-0:10.2.6-7.el9_5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.5.0.Z.MAIN:grafana-debuginfo-0:10.2.6-7.el9_5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.5.0.Z.MAIN:grafana-debuginfo-0:10.2.6-7.el9_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.5.0.Z.MAIN:grafana-debugsource-0:10.2.6-7.el9_5.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.5.0.Z.MAIN:grafana-debugsource-0:10.2.6-7.el9_5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.5.0.Z.MAIN:grafana-debugsource-0:10.2.6-7.el9_5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.5.0.Z.MAIN:grafana-debugsource-0:10.2.6-7.el9_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.5.0.Z.MAIN:grafana-selinux-0:10.2.6-7.el9_5.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.5.0.Z.MAIN:grafana-selinux-0:10.2.6-7.el9_5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.5.0.Z.MAIN:grafana-selinux-0:10.2.6-7.el9_5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.5.0.Z.MAIN:grafana-selinux-0:10.2.6-7.el9_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
DOMPurify is a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMpurify was vulnerable to nesting-based mXSS. This vulnerability is fixed in 2.5.0 and 3.1.3.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.5.0.Z.MAIN:grafana-0:10.2.6-7.el9_5.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.5.0.Z.MAIN:grafana-0:10.2.6-7.el9_5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.5.0.Z.MAIN:grafana-0:10.2.6-7.el9_5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.5.0.Z.MAIN:grafana-0:10.2.6-7.el9_5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.5.0.Z.MAIN:grafana-0:10.2.6-7.el9_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.5.0.Z.MAIN:grafana-debuginfo-0:10.2.6-7.el9_5.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.5.0.Z.MAIN:grafana-debuginfo-0:10.2.6-7.el9_5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.5.0.Z.MAIN:grafana-debuginfo-0:10.2.6-7.el9_5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.5.0.Z.MAIN:grafana-debuginfo-0:10.2.6-7.el9_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.5.0.Z.MAIN:grafana-debugsource-0:10.2.6-7.el9_5.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.5.0.Z.MAIN:grafana-debugsource-0:10.2.6-7.el9_5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.5.0.Z.MAIN:grafana-debugsource-0:10.2.6-7.el9_5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.5.0.Z.MAIN:grafana-debugsource-0:10.2.6-7.el9_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.5.0.Z.MAIN:grafana-selinux-0:10.2.6-7.el9_5.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.5.0.Z.MAIN:grafana-selinux-0:10.2.6-7.el9_5.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.5.0.Z.MAIN:grafana-selinux-0:10.2.6-7.el9_5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.5.0.Z.MAIN:grafana-selinux-0:10.2.6-7.el9_5.x86_64 | — |
Vendor Fix
fix
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for grafana is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB \u0026 OpenTSDB. \n\nSecurity Fix(es):\n\n* encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion (CVE-2024-34156)\n\n* dompurify: nesting-based mutation XSS vulnerability (CVE-2024-47875)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:9473",
"url": "https://access.redhat.com/errata/RHSA-2024:9473"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2310528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310528"
},
{
"category": "external",
"summary": "2318052",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318052"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_9473.json"
}
],
"title": "Red Hat Security Advisory: grafana security update",
"tracking": {
"current_release_date": "2024-12-17T18:56:54+00:00",
"generator": {
"date": "2024-12-17T18:56:54+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2024:9473",
"initial_release_date": "2024-11-12T10:24:58+00:00",
"revision_history": [
{
"date": "2024-11-12T10:24:58+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-11-12T10:24:58+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-17T18:56:54+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.5.0.Z.MAIN",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:9::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-0:10.2.6-7.el9_5.src",
"product": {
"name": "grafana-0:10.2.6-7.el9_5.src",
"product_id": "grafana-0:10.2.6-7.el9_5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana@10.2.6-7.el9_5?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-0:10.2.6-7.el9_5.aarch64",
"product": {
"name": "grafana-0:10.2.6-7.el9_5.aarch64",
"product_id": "grafana-0:10.2.6-7.el9_5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana@10.2.6-7.el9_5?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "grafana-selinux-0:10.2.6-7.el9_5.aarch64",
"product": {
"name": "grafana-selinux-0:10.2.6-7.el9_5.aarch64",
"product_id": "grafana-selinux-0:10.2.6-7.el9_5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-selinux@10.2.6-7.el9_5?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "grafana-debugsource-0:10.2.6-7.el9_5.aarch64",
"product": {
"name": "grafana-debugsource-0:10.2.6-7.el9_5.aarch64",
"product_id": "grafana-debugsource-0:10.2.6-7.el9_5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-debugsource@10.2.6-7.el9_5?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "grafana-debuginfo-0:10.2.6-7.el9_5.aarch64",
"product": {
"name": "grafana-debuginfo-0:10.2.6-7.el9_5.aarch64",
"product_id": "grafana-debuginfo-0:10.2.6-7.el9_5.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-debuginfo@10.2.6-7.el9_5?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-0:10.2.6-7.el9_5.ppc64le",
"product": {
"name": "grafana-0:10.2.6-7.el9_5.ppc64le",
"product_id": "grafana-0:10.2.6-7.el9_5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana@10.2.6-7.el9_5?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "grafana-selinux-0:10.2.6-7.el9_5.ppc64le",
"product": {
"name": "grafana-selinux-0:10.2.6-7.el9_5.ppc64le",
"product_id": "grafana-selinux-0:10.2.6-7.el9_5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-selinux@10.2.6-7.el9_5?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "grafana-debugsource-0:10.2.6-7.el9_5.ppc64le",
"product": {
"name": "grafana-debugsource-0:10.2.6-7.el9_5.ppc64le",
"product_id": "grafana-debugsource-0:10.2.6-7.el9_5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-debugsource@10.2.6-7.el9_5?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "grafana-debuginfo-0:10.2.6-7.el9_5.ppc64le",
"product": {
"name": "grafana-debuginfo-0:10.2.6-7.el9_5.ppc64le",
"product_id": "grafana-debuginfo-0:10.2.6-7.el9_5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-debuginfo@10.2.6-7.el9_5?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-0:10.2.6-7.el9_5.x86_64",
"product": {
"name": "grafana-0:10.2.6-7.el9_5.x86_64",
"product_id": "grafana-0:10.2.6-7.el9_5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana@10.2.6-7.el9_5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "grafana-selinux-0:10.2.6-7.el9_5.x86_64",
"product": {
"name": "grafana-selinux-0:10.2.6-7.el9_5.x86_64",
"product_id": "grafana-selinux-0:10.2.6-7.el9_5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-selinux@10.2.6-7.el9_5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "grafana-debugsource-0:10.2.6-7.el9_5.x86_64",
"product": {
"name": "grafana-debugsource-0:10.2.6-7.el9_5.x86_64",
"product_id": "grafana-debugsource-0:10.2.6-7.el9_5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-debugsource@10.2.6-7.el9_5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "grafana-debuginfo-0:10.2.6-7.el9_5.x86_64",
"product": {
"name": "grafana-debuginfo-0:10.2.6-7.el9_5.x86_64",
"product_id": "grafana-debuginfo-0:10.2.6-7.el9_5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-debuginfo@10.2.6-7.el9_5?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "grafana-0:10.2.6-7.el9_5.s390x",
"product": {
"name": "grafana-0:10.2.6-7.el9_5.s390x",
"product_id": "grafana-0:10.2.6-7.el9_5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana@10.2.6-7.el9_5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "grafana-selinux-0:10.2.6-7.el9_5.s390x",
"product": {
"name": "grafana-selinux-0:10.2.6-7.el9_5.s390x",
"product_id": "grafana-selinux-0:10.2.6-7.el9_5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-selinux@10.2.6-7.el9_5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "grafana-debugsource-0:10.2.6-7.el9_5.s390x",
"product": {
"name": "grafana-debugsource-0:10.2.6-7.el9_5.s390x",
"product_id": "grafana-debugsource-0:10.2.6-7.el9_5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-debugsource@10.2.6-7.el9_5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "grafana-debuginfo-0:10.2.6-7.el9_5.s390x",
"product": {
"name": "grafana-debuginfo-0:10.2.6-7.el9_5.s390x",
"product_id": "grafana-debuginfo-0:10.2.6-7.el9_5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/grafana-debuginfo@10.2.6-7.el9_5?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-0:10.2.6-7.el9_5.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.5.0.Z.MAIN:grafana-0:10.2.6-7.el9_5.aarch64"
},
"product_reference": "grafana-0:10.2.6-7.el9_5.aarch64",
"relates_to_product_reference": "AppStream-9.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-0:10.2.6-7.el9_5.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.5.0.Z.MAIN:grafana-0:10.2.6-7.el9_5.ppc64le"
},
"product_reference": "grafana-0:10.2.6-7.el9_5.ppc64le",
"relates_to_product_reference": "AppStream-9.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-0:10.2.6-7.el9_5.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.5.0.Z.MAIN:grafana-0:10.2.6-7.el9_5.s390x"
},
"product_reference": "grafana-0:10.2.6-7.el9_5.s390x",
"relates_to_product_reference": "AppStream-9.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-0:10.2.6-7.el9_5.src as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.5.0.Z.MAIN:grafana-0:10.2.6-7.el9_5.src"
},
"product_reference": "grafana-0:10.2.6-7.el9_5.src",
"relates_to_product_reference": "AppStream-9.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-0:10.2.6-7.el9_5.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.5.0.Z.MAIN:grafana-0:10.2.6-7.el9_5.x86_64"
},
"product_reference": "grafana-0:10.2.6-7.el9_5.x86_64",
"relates_to_product_reference": "AppStream-9.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-debuginfo-0:10.2.6-7.el9_5.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.5.0.Z.MAIN:grafana-debuginfo-0:10.2.6-7.el9_5.aarch64"
},
"product_reference": "grafana-debuginfo-0:10.2.6-7.el9_5.aarch64",
"relates_to_product_reference": "AppStream-9.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-debuginfo-0:10.2.6-7.el9_5.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.5.0.Z.MAIN:grafana-debuginfo-0:10.2.6-7.el9_5.ppc64le"
},
"product_reference": "grafana-debuginfo-0:10.2.6-7.el9_5.ppc64le",
"relates_to_product_reference": "AppStream-9.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-debuginfo-0:10.2.6-7.el9_5.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.5.0.Z.MAIN:grafana-debuginfo-0:10.2.6-7.el9_5.s390x"
},
"product_reference": "grafana-debuginfo-0:10.2.6-7.el9_5.s390x",
"relates_to_product_reference": "AppStream-9.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-debuginfo-0:10.2.6-7.el9_5.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.5.0.Z.MAIN:grafana-debuginfo-0:10.2.6-7.el9_5.x86_64"
},
"product_reference": "grafana-debuginfo-0:10.2.6-7.el9_5.x86_64",
"relates_to_product_reference": "AppStream-9.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-debugsource-0:10.2.6-7.el9_5.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.5.0.Z.MAIN:grafana-debugsource-0:10.2.6-7.el9_5.aarch64"
},
"product_reference": "grafana-debugsource-0:10.2.6-7.el9_5.aarch64",
"relates_to_product_reference": "AppStream-9.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-debugsource-0:10.2.6-7.el9_5.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.5.0.Z.MAIN:grafana-debugsource-0:10.2.6-7.el9_5.ppc64le"
},
"product_reference": "grafana-debugsource-0:10.2.6-7.el9_5.ppc64le",
"relates_to_product_reference": "AppStream-9.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-debugsource-0:10.2.6-7.el9_5.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.5.0.Z.MAIN:grafana-debugsource-0:10.2.6-7.el9_5.s390x"
},
"product_reference": "grafana-debugsource-0:10.2.6-7.el9_5.s390x",
"relates_to_product_reference": "AppStream-9.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-debugsource-0:10.2.6-7.el9_5.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.5.0.Z.MAIN:grafana-debugsource-0:10.2.6-7.el9_5.x86_64"
},
"product_reference": "grafana-debugsource-0:10.2.6-7.el9_5.x86_64",
"relates_to_product_reference": "AppStream-9.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-selinux-0:10.2.6-7.el9_5.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.5.0.Z.MAIN:grafana-selinux-0:10.2.6-7.el9_5.aarch64"
},
"product_reference": "grafana-selinux-0:10.2.6-7.el9_5.aarch64",
"relates_to_product_reference": "AppStream-9.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-selinux-0:10.2.6-7.el9_5.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.5.0.Z.MAIN:grafana-selinux-0:10.2.6-7.el9_5.ppc64le"
},
"product_reference": "grafana-selinux-0:10.2.6-7.el9_5.ppc64le",
"relates_to_product_reference": "AppStream-9.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-selinux-0:10.2.6-7.el9_5.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.5.0.Z.MAIN:grafana-selinux-0:10.2.6-7.el9_5.s390x"
},
"product_reference": "grafana-selinux-0:10.2.6-7.el9_5.s390x",
"relates_to_product_reference": "AppStream-9.5.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "grafana-selinux-0:10.2.6-7.el9_5.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.5.0.Z.MAIN:grafana-selinux-0:10.2.6-7.el9_5.x86_64"
},
"product_reference": "grafana-selinux-0:10.2.6-7.el9_5.x86_64",
"relates_to_product_reference": "AppStream-9.5.0.Z.MAIN"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-34156",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2024-09-06T21:20:09.377905+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310528"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in Go\u0027s `encoding/gob` package is of high severity because it exposes applications to potential Denial of Service (DoS) attacks through stack exhaustion. Since `gob` relies on recursive function calls to decode nested structures, an attacker could exploit this by sending crafted messages with excessively deep nesting, causing the application to panic due to stack overflow. This risk is particularly important in scenarios where untrusted or external input is processed, as it can lead to system unavailability or crashes, undermining the reliability and availability of services.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.5.0.Z.MAIN:grafana-0:10.2.6-7.el9_5.aarch64",
"AppStream-9.5.0.Z.MAIN:grafana-0:10.2.6-7.el9_5.ppc64le",
"AppStream-9.5.0.Z.MAIN:grafana-0:10.2.6-7.el9_5.s390x",
"AppStream-9.5.0.Z.MAIN:grafana-0:10.2.6-7.el9_5.src",
"AppStream-9.5.0.Z.MAIN:grafana-0:10.2.6-7.el9_5.x86_64",
"AppStream-9.5.0.Z.MAIN:grafana-debuginfo-0:10.2.6-7.el9_5.aarch64",
"AppStream-9.5.0.Z.MAIN:grafana-debuginfo-0:10.2.6-7.el9_5.ppc64le",
"AppStream-9.5.0.Z.MAIN:grafana-debuginfo-0:10.2.6-7.el9_5.s390x",
"AppStream-9.5.0.Z.MAIN:grafana-debuginfo-0:10.2.6-7.el9_5.x86_64",
"AppStream-9.5.0.Z.MAIN:grafana-debugsource-0:10.2.6-7.el9_5.aarch64",
"AppStream-9.5.0.Z.MAIN:grafana-debugsource-0:10.2.6-7.el9_5.ppc64le",
"AppStream-9.5.0.Z.MAIN:grafana-debugsource-0:10.2.6-7.el9_5.s390x",
"AppStream-9.5.0.Z.MAIN:grafana-debugsource-0:10.2.6-7.el9_5.x86_64",
"AppStream-9.5.0.Z.MAIN:grafana-selinux-0:10.2.6-7.el9_5.aarch64",
"AppStream-9.5.0.Z.MAIN:grafana-selinux-0:10.2.6-7.el9_5.ppc64le",
"AppStream-9.5.0.Z.MAIN:grafana-selinux-0:10.2.6-7.el9_5.s390x",
"AppStream-9.5.0.Z.MAIN:grafana-selinux-0:10.2.6-7.el9_5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-34156"
},
{
"category": "external",
"summary": "RHBZ#2310528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310528"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-34156",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34156"
},
{
"category": "external",
"summary": "https://go.dev/cl/611239",
"url": "https://go.dev/cl/611239"
},
{
"category": "external",
"summary": "https://go.dev/issue/69139",
"url": "https://go.dev/issue/69139"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk",
"url": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3106",
"url": "https://pkg.go.dev/vuln/GO-2024-3106"
}
],
"release_date": "2024-09-06T21:15:12.020000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-12T10:24:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.5.0.Z.MAIN:grafana-0:10.2.6-7.el9_5.aarch64",
"AppStream-9.5.0.Z.MAIN:grafana-0:10.2.6-7.el9_5.ppc64le",
"AppStream-9.5.0.Z.MAIN:grafana-0:10.2.6-7.el9_5.s390x",
"AppStream-9.5.0.Z.MAIN:grafana-0:10.2.6-7.el9_5.src",
"AppStream-9.5.0.Z.MAIN:grafana-0:10.2.6-7.el9_5.x86_64",
"AppStream-9.5.0.Z.MAIN:grafana-debuginfo-0:10.2.6-7.el9_5.aarch64",
"AppStream-9.5.0.Z.MAIN:grafana-debuginfo-0:10.2.6-7.el9_5.ppc64le",
"AppStream-9.5.0.Z.MAIN:grafana-debuginfo-0:10.2.6-7.el9_5.s390x",
"AppStream-9.5.0.Z.MAIN:grafana-debuginfo-0:10.2.6-7.el9_5.x86_64",
"AppStream-9.5.0.Z.MAIN:grafana-debugsource-0:10.2.6-7.el9_5.aarch64",
"AppStream-9.5.0.Z.MAIN:grafana-debugsource-0:10.2.6-7.el9_5.ppc64le",
"AppStream-9.5.0.Z.MAIN:grafana-debugsource-0:10.2.6-7.el9_5.s390x",
"AppStream-9.5.0.Z.MAIN:grafana-debugsource-0:10.2.6-7.el9_5.x86_64",
"AppStream-9.5.0.Z.MAIN:grafana-selinux-0:10.2.6-7.el9_5.aarch64",
"AppStream-9.5.0.Z.MAIN:grafana-selinux-0:10.2.6-7.el9_5.ppc64le",
"AppStream-9.5.0.Z.MAIN:grafana-selinux-0:10.2.6-7.el9_5.s390x",
"AppStream-9.5.0.Z.MAIN:grafana-selinux-0:10.2.6-7.el9_5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:9473"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.5.0.Z.MAIN:grafana-0:10.2.6-7.el9_5.aarch64",
"AppStream-9.5.0.Z.MAIN:grafana-0:10.2.6-7.el9_5.ppc64le",
"AppStream-9.5.0.Z.MAIN:grafana-0:10.2.6-7.el9_5.s390x",
"AppStream-9.5.0.Z.MAIN:grafana-0:10.2.6-7.el9_5.src",
"AppStream-9.5.0.Z.MAIN:grafana-0:10.2.6-7.el9_5.x86_64",
"AppStream-9.5.0.Z.MAIN:grafana-debuginfo-0:10.2.6-7.el9_5.aarch64",
"AppStream-9.5.0.Z.MAIN:grafana-debuginfo-0:10.2.6-7.el9_5.ppc64le",
"AppStream-9.5.0.Z.MAIN:grafana-debuginfo-0:10.2.6-7.el9_5.s390x",
"AppStream-9.5.0.Z.MAIN:grafana-debuginfo-0:10.2.6-7.el9_5.x86_64",
"AppStream-9.5.0.Z.MAIN:grafana-debugsource-0:10.2.6-7.el9_5.aarch64",
"AppStream-9.5.0.Z.MAIN:grafana-debugsource-0:10.2.6-7.el9_5.ppc64le",
"AppStream-9.5.0.Z.MAIN:grafana-debugsource-0:10.2.6-7.el9_5.s390x",
"AppStream-9.5.0.Z.MAIN:grafana-debugsource-0:10.2.6-7.el9_5.x86_64",
"AppStream-9.5.0.Z.MAIN:grafana-selinux-0:10.2.6-7.el9_5.aarch64",
"AppStream-9.5.0.Z.MAIN:grafana-selinux-0:10.2.6-7.el9_5.ppc64le",
"AppStream-9.5.0.Z.MAIN:grafana-selinux-0:10.2.6-7.el9_5.s390x",
"AppStream-9.5.0.Z.MAIN:grafana-selinux-0:10.2.6-7.el9_5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.5.0.Z.MAIN:grafana-0:10.2.6-7.el9_5.aarch64",
"AppStream-9.5.0.Z.MAIN:grafana-0:10.2.6-7.el9_5.ppc64le",
"AppStream-9.5.0.Z.MAIN:grafana-0:10.2.6-7.el9_5.s390x",
"AppStream-9.5.0.Z.MAIN:grafana-0:10.2.6-7.el9_5.src",
"AppStream-9.5.0.Z.MAIN:grafana-0:10.2.6-7.el9_5.x86_64",
"AppStream-9.5.0.Z.MAIN:grafana-debuginfo-0:10.2.6-7.el9_5.aarch64",
"AppStream-9.5.0.Z.MAIN:grafana-debuginfo-0:10.2.6-7.el9_5.ppc64le",
"AppStream-9.5.0.Z.MAIN:grafana-debuginfo-0:10.2.6-7.el9_5.s390x",
"AppStream-9.5.0.Z.MAIN:grafana-debuginfo-0:10.2.6-7.el9_5.x86_64",
"AppStream-9.5.0.Z.MAIN:grafana-debugsource-0:10.2.6-7.el9_5.aarch64",
"AppStream-9.5.0.Z.MAIN:grafana-debugsource-0:10.2.6-7.el9_5.ppc64le",
"AppStream-9.5.0.Z.MAIN:grafana-debugsource-0:10.2.6-7.el9_5.s390x",
"AppStream-9.5.0.Z.MAIN:grafana-debugsource-0:10.2.6-7.el9_5.x86_64",
"AppStream-9.5.0.Z.MAIN:grafana-selinux-0:10.2.6-7.el9_5.aarch64",
"AppStream-9.5.0.Z.MAIN:grafana-selinux-0:10.2.6-7.el9_5.ppc64le",
"AppStream-9.5.0.Z.MAIN:grafana-selinux-0:10.2.6-7.el9_5.s390x",
"AppStream-9.5.0.Z.MAIN:grafana-selinux-0:10.2.6-7.el9_5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion"
},
{
"cve": "CVE-2024-47875",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-10-11T15:20:07.304345+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2318052"
}
],
"notes": [
{
"category": "description",
"text": "DOMPurify is a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMpurify was vulnerable to nesting-based mXSS. This vulnerability is fixed in 2.5.0 and 3.1.3.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "dompurify: nesting-based mutation XSS vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.5.0.Z.MAIN:grafana-0:10.2.6-7.el9_5.aarch64",
"AppStream-9.5.0.Z.MAIN:grafana-0:10.2.6-7.el9_5.ppc64le",
"AppStream-9.5.0.Z.MAIN:grafana-0:10.2.6-7.el9_5.s390x",
"AppStream-9.5.0.Z.MAIN:grafana-0:10.2.6-7.el9_5.src",
"AppStream-9.5.0.Z.MAIN:grafana-0:10.2.6-7.el9_5.x86_64",
"AppStream-9.5.0.Z.MAIN:grafana-debuginfo-0:10.2.6-7.el9_5.aarch64",
"AppStream-9.5.0.Z.MAIN:grafana-debuginfo-0:10.2.6-7.el9_5.ppc64le",
"AppStream-9.5.0.Z.MAIN:grafana-debuginfo-0:10.2.6-7.el9_5.s390x",
"AppStream-9.5.0.Z.MAIN:grafana-debuginfo-0:10.2.6-7.el9_5.x86_64",
"AppStream-9.5.0.Z.MAIN:grafana-debugsource-0:10.2.6-7.el9_5.aarch64",
"AppStream-9.5.0.Z.MAIN:grafana-debugsource-0:10.2.6-7.el9_5.ppc64le",
"AppStream-9.5.0.Z.MAIN:grafana-debugsource-0:10.2.6-7.el9_5.s390x",
"AppStream-9.5.0.Z.MAIN:grafana-debugsource-0:10.2.6-7.el9_5.x86_64",
"AppStream-9.5.0.Z.MAIN:grafana-selinux-0:10.2.6-7.el9_5.aarch64",
"AppStream-9.5.0.Z.MAIN:grafana-selinux-0:10.2.6-7.el9_5.ppc64le",
"AppStream-9.5.0.Z.MAIN:grafana-selinux-0:10.2.6-7.el9_5.s390x",
"AppStream-9.5.0.Z.MAIN:grafana-selinux-0:10.2.6-7.el9_5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-47875"
},
{
"category": "external",
"summary": "RHBZ#2318052",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318052"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-47875",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47875"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-47875",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-47875"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/blob/0ef5e537a514f904b6aa1d7ad9e749e365d7185f/test/test-suite.js#L2098",
"url": "https://github.com/cure53/DOMPurify/blob/0ef5e537a514f904b6aa1d7ad9e749e365d7185f/test/test-suite.js#L2098"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/commit/0ef5e537a514f904b6aa1d7ad9e749e365d7185f",
"url": "https://github.com/cure53/DOMPurify/commit/0ef5e537a514f904b6aa1d7ad9e749e365d7185f"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/commit/6ea80cd8b47640c20f2f230c7920b1f4ce4fdf7a",
"url": "https://github.com/cure53/DOMPurify/commit/6ea80cd8b47640c20f2f230c7920b1f4ce4fdf7a"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/security/advisories/GHSA-gx9m-whjm-85jf",
"url": "https://github.com/cure53/DOMPurify/security/advisories/GHSA-gx9m-whjm-85jf"
}
],
"release_date": "2024-10-11T15:15:05.860000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-12T10:24:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.5.0.Z.MAIN:grafana-0:10.2.6-7.el9_5.aarch64",
"AppStream-9.5.0.Z.MAIN:grafana-0:10.2.6-7.el9_5.ppc64le",
"AppStream-9.5.0.Z.MAIN:grafana-0:10.2.6-7.el9_5.s390x",
"AppStream-9.5.0.Z.MAIN:grafana-0:10.2.6-7.el9_5.src",
"AppStream-9.5.0.Z.MAIN:grafana-0:10.2.6-7.el9_5.x86_64",
"AppStream-9.5.0.Z.MAIN:grafana-debuginfo-0:10.2.6-7.el9_5.aarch64",
"AppStream-9.5.0.Z.MAIN:grafana-debuginfo-0:10.2.6-7.el9_5.ppc64le",
"AppStream-9.5.0.Z.MAIN:grafana-debuginfo-0:10.2.6-7.el9_5.s390x",
"AppStream-9.5.0.Z.MAIN:grafana-debuginfo-0:10.2.6-7.el9_5.x86_64",
"AppStream-9.5.0.Z.MAIN:grafana-debugsource-0:10.2.6-7.el9_5.aarch64",
"AppStream-9.5.0.Z.MAIN:grafana-debugsource-0:10.2.6-7.el9_5.ppc64le",
"AppStream-9.5.0.Z.MAIN:grafana-debugsource-0:10.2.6-7.el9_5.s390x",
"AppStream-9.5.0.Z.MAIN:grafana-debugsource-0:10.2.6-7.el9_5.x86_64",
"AppStream-9.5.0.Z.MAIN:grafana-selinux-0:10.2.6-7.el9_5.aarch64",
"AppStream-9.5.0.Z.MAIN:grafana-selinux-0:10.2.6-7.el9_5.ppc64le",
"AppStream-9.5.0.Z.MAIN:grafana-selinux-0:10.2.6-7.el9_5.s390x",
"AppStream-9.5.0.Z.MAIN:grafana-selinux-0:10.2.6-7.el9_5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:9473"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"AppStream-9.5.0.Z.MAIN:grafana-0:10.2.6-7.el9_5.aarch64",
"AppStream-9.5.0.Z.MAIN:grafana-0:10.2.6-7.el9_5.ppc64le",
"AppStream-9.5.0.Z.MAIN:grafana-0:10.2.6-7.el9_5.s390x",
"AppStream-9.5.0.Z.MAIN:grafana-0:10.2.6-7.el9_5.src",
"AppStream-9.5.0.Z.MAIN:grafana-0:10.2.6-7.el9_5.x86_64",
"AppStream-9.5.0.Z.MAIN:grafana-debuginfo-0:10.2.6-7.el9_5.aarch64",
"AppStream-9.5.0.Z.MAIN:grafana-debuginfo-0:10.2.6-7.el9_5.ppc64le",
"AppStream-9.5.0.Z.MAIN:grafana-debuginfo-0:10.2.6-7.el9_5.s390x",
"AppStream-9.5.0.Z.MAIN:grafana-debuginfo-0:10.2.6-7.el9_5.x86_64",
"AppStream-9.5.0.Z.MAIN:grafana-debugsource-0:10.2.6-7.el9_5.aarch64",
"AppStream-9.5.0.Z.MAIN:grafana-debugsource-0:10.2.6-7.el9_5.ppc64le",
"AppStream-9.5.0.Z.MAIN:grafana-debugsource-0:10.2.6-7.el9_5.s390x",
"AppStream-9.5.0.Z.MAIN:grafana-debugsource-0:10.2.6-7.el9_5.x86_64",
"AppStream-9.5.0.Z.MAIN:grafana-selinux-0:10.2.6-7.el9_5.aarch64",
"AppStream-9.5.0.Z.MAIN:grafana-selinux-0:10.2.6-7.el9_5.ppc64le",
"AppStream-9.5.0.Z.MAIN:grafana-selinux-0:10.2.6-7.el9_5.s390x",
"AppStream-9.5.0.Z.MAIN:grafana-selinux-0:10.2.6-7.el9_5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.5.0.Z.MAIN:grafana-0:10.2.6-7.el9_5.aarch64",
"AppStream-9.5.0.Z.MAIN:grafana-0:10.2.6-7.el9_5.ppc64le",
"AppStream-9.5.0.Z.MAIN:grafana-0:10.2.6-7.el9_5.s390x",
"AppStream-9.5.0.Z.MAIN:grafana-0:10.2.6-7.el9_5.src",
"AppStream-9.5.0.Z.MAIN:grafana-0:10.2.6-7.el9_5.x86_64",
"AppStream-9.5.0.Z.MAIN:grafana-debuginfo-0:10.2.6-7.el9_5.aarch64",
"AppStream-9.5.0.Z.MAIN:grafana-debuginfo-0:10.2.6-7.el9_5.ppc64le",
"AppStream-9.5.0.Z.MAIN:grafana-debuginfo-0:10.2.6-7.el9_5.s390x",
"AppStream-9.5.0.Z.MAIN:grafana-debuginfo-0:10.2.6-7.el9_5.x86_64",
"AppStream-9.5.0.Z.MAIN:grafana-debugsource-0:10.2.6-7.el9_5.aarch64",
"AppStream-9.5.0.Z.MAIN:grafana-debugsource-0:10.2.6-7.el9_5.ppc64le",
"AppStream-9.5.0.Z.MAIN:grafana-debugsource-0:10.2.6-7.el9_5.s390x",
"AppStream-9.5.0.Z.MAIN:grafana-debugsource-0:10.2.6-7.el9_5.x86_64",
"AppStream-9.5.0.Z.MAIN:grafana-selinux-0:10.2.6-7.el9_5.aarch64",
"AppStream-9.5.0.Z.MAIN:grafana-selinux-0:10.2.6-7.el9_5.ppc64le",
"AppStream-9.5.0.Z.MAIN:grafana-selinux-0:10.2.6-7.el9_5.s390x",
"AppStream-9.5.0.Z.MAIN:grafana-selinux-0:10.2.6-7.el9_5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "dompurify: nesting-based mutation XSS vulnerability"
}
]
}
RHSA-2024_9485
Vulnerability from csaf_redhat - Published: 2024-11-13 13:14 - Updated: 2024-12-17 22:52A flaw was found in Go's net/http/cookiejar standard library package. When following an HTTP redirect to a domain that is not a subdomain match or an exact match of the initial domain, an http.Client does not forward sensitive headers such as "Authorization" or "Cookie". For example, a redirect from foo.com to www.foo.com will forward the Authorization header, but a redirect to bar.com will not. A maliciously crafted HTTP redirect could cause sensitive headers to be unexpectedly forwarded.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/barbican-rhel9-operator@sha256:9d4c302bf3ef3861b54fc401d1742e91b089e9172c28fcf7d450dac4c50f03ea_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/cinder-rhel9-operator@sha256:5b0a67c7eb1eeda740c1d7659eea8ab51a21427e1ba2ff1714860bc7f01a3ca6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/designate-rhel9-operator@sha256:a5646a3a3d6f7584538ecddeac5537e26ae6c0f60b36df7ebae1bd527cc982c7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/glance-rhel9-operator@sha256:a1c8bcc3bc80b8787bed607276084c23bc7891ddb91eba6f145779a8fe481834_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/heat-rhel9-operator@sha256:ea965c08c2c7d31410ed80b8eb808933cc511783f8c69b0d1bd8a17ee9abf19d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/horizon-rhel9-operator@sha256:17246bbe4f31daffc1614ac6a3d5d90a552b2cdd68d757bd48be6c57d31f6c2e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/infra-rhel9-operator@sha256:5c873e80bc6a33ac0244e75ef93582e22f211125ed50fd06b4537cc8db15e37e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ironic-rhel9-operator@sha256:030589a0e86a20a306c3e9118c3f29ee95d409fc88a1173f174c11556c6ca58c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/keystone-rhel9-operator@sha256:6d2d87f44b7c0b3b5aff6bc2ad112d4bcd3e5f2a2a157f449842cc9340789392_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/manila-rhel9-operator@sha256:15356683398fada9c162ccc37f150477f39a1c53f55033d07c712ad6aa317e36_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/mariadb-rhel9-operator@sha256:98bcc0d3c4b05d160a615165426c13bb2318597fa126c2fe9a38688d81fd4ea1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/neutron-rhel9-operator@sha256:850c2f1377fa0a5a0143ed226abccbec78ed03d86adcdc1e9daaa2dd45614d49_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/nova-rhel9-operator@sha256:641657e9340a21d5e82e81407b2b3719df6eed8cd8334171aaa338dde86d6d52_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/octavia-rhel9-operator@sha256:605b6c299ab3bd243638a7896c2f5105fcfddbe92d1d6975ad3819f449c00709_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-agent-rhel9@sha256:f08212d197b81bbcd1e44ffb5e20d2b7327b3b438b103e37065783f9027c020c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-rhel9-operator@sha256:0960068ccad1929734b174c67a64e06d7afc1851123c117dc942d2873046f808_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-must-gather-rhel9@sha256:586ab3bab72c0dd76418c6e4fbf49577c289430212567aab495cd7231d52e4fc_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-rhel9-operator@sha256:7d7de1bbcd1154bb6aa9c1d0e94c1413aad4714b3cbe8d6d2512bca238af3292_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ovn-rhel9-operator@sha256:cca32c23677bf4ad3405d7151ced32b4963860edd50981b236b8ef636567e982_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/placement-rhel9-operator@sha256:44c1ef6eacfa049e4846dabd182648ccad01df7f5019ac7ea9d98bc8b0e2d95f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/rabbitmq-cluster-rhel9-operator@sha256:e9f6e20f5e7a11cea3533cebc6834ce36d20007ad3fc866c373e410c66c8195d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/sg-core-rhel9@sha256:e40fac6ed64076c41c6056df02153011ea9ac575ca018aa1c9c3b8093426f6d4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/swift-rhel9-operator@sha256:59483bd45a23f40462c37064ec6dc334b8366f6266aa959825d2a8ed7075ff40_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/telemetry-rhel9-operator@sha256:66fefdca3acda5f33d8eefe32abd3a2c1e3665e5ae9456683dca604524001695_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/test-rhel9-operator@sha256:e248484aaea76516e4c504439608f3ccfd5236756521156780ada8a14bf25b98_amd64 | — |
Vendor Fix
fix
Workaround
|
A flaw was discovered in Go's net/http standard library package. When parsing a multipart form (either explicitly with Request.ParseMultipartForm or implicitly with Request.FormValue, Request.PostFormValue, or Request.FormFile), limits on the total size of the parsed form were not applied to the memory consumed while reading a single form line. This permits a maliciously crafted input containing very long lines to cause allocation of arbitrarily large amounts of memory, potentially leading to memory exhaustion. With fix, the ParseMultipartForm function now correctly limits the maximum size of form lines.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/barbican-rhel9-operator@sha256:9d4c302bf3ef3861b54fc401d1742e91b089e9172c28fcf7d450dac4c50f03ea_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/cinder-rhel9-operator@sha256:5b0a67c7eb1eeda740c1d7659eea8ab51a21427e1ba2ff1714860bc7f01a3ca6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/designate-rhel9-operator@sha256:a5646a3a3d6f7584538ecddeac5537e26ae6c0f60b36df7ebae1bd527cc982c7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/glance-rhel9-operator@sha256:a1c8bcc3bc80b8787bed607276084c23bc7891ddb91eba6f145779a8fe481834_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/heat-rhel9-operator@sha256:ea965c08c2c7d31410ed80b8eb808933cc511783f8c69b0d1bd8a17ee9abf19d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/horizon-rhel9-operator@sha256:17246bbe4f31daffc1614ac6a3d5d90a552b2cdd68d757bd48be6c57d31f6c2e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/infra-rhel9-operator@sha256:5c873e80bc6a33ac0244e75ef93582e22f211125ed50fd06b4537cc8db15e37e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ironic-rhel9-operator@sha256:030589a0e86a20a306c3e9118c3f29ee95d409fc88a1173f174c11556c6ca58c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/keystone-rhel9-operator@sha256:6d2d87f44b7c0b3b5aff6bc2ad112d4bcd3e5f2a2a157f449842cc9340789392_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/manila-rhel9-operator@sha256:15356683398fada9c162ccc37f150477f39a1c53f55033d07c712ad6aa317e36_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/mariadb-rhel9-operator@sha256:98bcc0d3c4b05d160a615165426c13bb2318597fa126c2fe9a38688d81fd4ea1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/neutron-rhel9-operator@sha256:850c2f1377fa0a5a0143ed226abccbec78ed03d86adcdc1e9daaa2dd45614d49_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/nova-rhel9-operator@sha256:641657e9340a21d5e82e81407b2b3719df6eed8cd8334171aaa338dde86d6d52_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/octavia-rhel9-operator@sha256:605b6c299ab3bd243638a7896c2f5105fcfddbe92d1d6975ad3819f449c00709_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-agent-rhel9@sha256:f08212d197b81bbcd1e44ffb5e20d2b7327b3b438b103e37065783f9027c020c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-rhel9-operator@sha256:0960068ccad1929734b174c67a64e06d7afc1851123c117dc942d2873046f808_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-must-gather-rhel9@sha256:586ab3bab72c0dd76418c6e4fbf49577c289430212567aab495cd7231d52e4fc_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-rhel9-operator@sha256:7d7de1bbcd1154bb6aa9c1d0e94c1413aad4714b3cbe8d6d2512bca238af3292_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ovn-rhel9-operator@sha256:cca32c23677bf4ad3405d7151ced32b4963860edd50981b236b8ef636567e982_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/placement-rhel9-operator@sha256:44c1ef6eacfa049e4846dabd182648ccad01df7f5019ac7ea9d98bc8b0e2d95f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/rabbitmq-cluster-rhel9-operator@sha256:e9f6e20f5e7a11cea3533cebc6834ce36d20007ad3fc866c373e410c66c8195d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/sg-core-rhel9@sha256:e40fac6ed64076c41c6056df02153011ea9ac575ca018aa1c9c3b8093426f6d4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/swift-rhel9-operator@sha256:59483bd45a23f40462c37064ec6dc334b8366f6266aa959825d2a8ed7075ff40_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/telemetry-rhel9-operator@sha256:66fefdca3acda5f33d8eefe32abd3a2c1e3665e5ae9456683dca604524001695_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/test-rhel9-operator@sha256:e248484aaea76516e4c504439608f3ccfd5236756521156780ada8a14bf25b98_amd64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in Go's crypto/x509 standard library package. Verifying a certificate chain that contains a certificate with an unknown public key algorithm will cause a Certificate.Verify to panic. This issue affects all crypto/tls clients and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/barbican-rhel9-operator@sha256:9d4c302bf3ef3861b54fc401d1742e91b089e9172c28fcf7d450dac4c50f03ea_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/cinder-rhel9-operator@sha256:5b0a67c7eb1eeda740c1d7659eea8ab51a21427e1ba2ff1714860bc7f01a3ca6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/designate-rhel9-operator@sha256:a5646a3a3d6f7584538ecddeac5537e26ae6c0f60b36df7ebae1bd527cc982c7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/glance-rhel9-operator@sha256:a1c8bcc3bc80b8787bed607276084c23bc7891ddb91eba6f145779a8fe481834_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/heat-rhel9-operator@sha256:ea965c08c2c7d31410ed80b8eb808933cc511783f8c69b0d1bd8a17ee9abf19d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/horizon-rhel9-operator@sha256:17246bbe4f31daffc1614ac6a3d5d90a552b2cdd68d757bd48be6c57d31f6c2e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/infra-rhel9-operator@sha256:5c873e80bc6a33ac0244e75ef93582e22f211125ed50fd06b4537cc8db15e37e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ironic-rhel9-operator@sha256:030589a0e86a20a306c3e9118c3f29ee95d409fc88a1173f174c11556c6ca58c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/keystone-rhel9-operator@sha256:6d2d87f44b7c0b3b5aff6bc2ad112d4bcd3e5f2a2a157f449842cc9340789392_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/manila-rhel9-operator@sha256:15356683398fada9c162ccc37f150477f39a1c53f55033d07c712ad6aa317e36_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/mariadb-rhel9-operator@sha256:98bcc0d3c4b05d160a615165426c13bb2318597fa126c2fe9a38688d81fd4ea1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/neutron-rhel9-operator@sha256:850c2f1377fa0a5a0143ed226abccbec78ed03d86adcdc1e9daaa2dd45614d49_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/nova-rhel9-operator@sha256:641657e9340a21d5e82e81407b2b3719df6eed8cd8334171aaa338dde86d6d52_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/octavia-rhel9-operator@sha256:605b6c299ab3bd243638a7896c2f5105fcfddbe92d1d6975ad3819f449c00709_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-agent-rhel9@sha256:f08212d197b81bbcd1e44ffb5e20d2b7327b3b438b103e37065783f9027c020c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-rhel9-operator@sha256:0960068ccad1929734b174c67a64e06d7afc1851123c117dc942d2873046f808_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-must-gather-rhel9@sha256:586ab3bab72c0dd76418c6e4fbf49577c289430212567aab495cd7231d52e4fc_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-rhel9-operator@sha256:7d7de1bbcd1154bb6aa9c1d0e94c1413aad4714b3cbe8d6d2512bca238af3292_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ovn-rhel9-operator@sha256:cca32c23677bf4ad3405d7151ced32b4963860edd50981b236b8ef636567e982_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/placement-rhel9-operator@sha256:44c1ef6eacfa049e4846dabd182648ccad01df7f5019ac7ea9d98bc8b0e2d95f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/rabbitmq-cluster-rhel9-operator@sha256:e9f6e20f5e7a11cea3533cebc6834ce36d20007ad3fc866c373e410c66c8195d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/sg-core-rhel9@sha256:e40fac6ed64076c41c6056df02153011ea9ac575ca018aa1c9c3b8093426f6d4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/swift-rhel9-operator@sha256:59483bd45a23f40462c37064ec6dc334b8366f6266aa959825d2a8ed7075ff40_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/telemetry-rhel9-operator@sha256:66fefdca3acda5f33d8eefe32abd3a2c1e3665e5ae9456683dca604524001695_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/test-rhel9-operator@sha256:e248484aaea76516e4c504439608f3ccfd5236756521156780ada8a14bf25b98_amd64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in Go's net/mail standard library package. The ParseAddressList function incorrectly handles comments (text within parentheses) within display names. Since this is a misalignment with conforming address parsers, it can result in different trust decisions made by programs using different parsers.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/barbican-rhel9-operator@sha256:9d4c302bf3ef3861b54fc401d1742e91b089e9172c28fcf7d450dac4c50f03ea_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/cinder-rhel9-operator@sha256:5b0a67c7eb1eeda740c1d7659eea8ab51a21427e1ba2ff1714860bc7f01a3ca6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/designate-rhel9-operator@sha256:a5646a3a3d6f7584538ecddeac5537e26ae6c0f60b36df7ebae1bd527cc982c7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/glance-rhel9-operator@sha256:a1c8bcc3bc80b8787bed607276084c23bc7891ddb91eba6f145779a8fe481834_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/heat-rhel9-operator@sha256:ea965c08c2c7d31410ed80b8eb808933cc511783f8c69b0d1bd8a17ee9abf19d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/horizon-rhel9-operator@sha256:17246bbe4f31daffc1614ac6a3d5d90a552b2cdd68d757bd48be6c57d31f6c2e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/infra-rhel9-operator@sha256:5c873e80bc6a33ac0244e75ef93582e22f211125ed50fd06b4537cc8db15e37e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ironic-rhel9-operator@sha256:030589a0e86a20a306c3e9118c3f29ee95d409fc88a1173f174c11556c6ca58c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/keystone-rhel9-operator@sha256:6d2d87f44b7c0b3b5aff6bc2ad112d4bcd3e5f2a2a157f449842cc9340789392_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/manila-rhel9-operator@sha256:15356683398fada9c162ccc37f150477f39a1c53f55033d07c712ad6aa317e36_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/mariadb-rhel9-operator@sha256:98bcc0d3c4b05d160a615165426c13bb2318597fa126c2fe9a38688d81fd4ea1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/neutron-rhel9-operator@sha256:850c2f1377fa0a5a0143ed226abccbec78ed03d86adcdc1e9daaa2dd45614d49_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/nova-rhel9-operator@sha256:641657e9340a21d5e82e81407b2b3719df6eed8cd8334171aaa338dde86d6d52_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/octavia-rhel9-operator@sha256:605b6c299ab3bd243638a7896c2f5105fcfddbe92d1d6975ad3819f449c00709_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-agent-rhel9@sha256:f08212d197b81bbcd1e44ffb5e20d2b7327b3b438b103e37065783f9027c020c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-rhel9-operator@sha256:0960068ccad1929734b174c67a64e06d7afc1851123c117dc942d2873046f808_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-must-gather-rhel9@sha256:586ab3bab72c0dd76418c6e4fbf49577c289430212567aab495cd7231d52e4fc_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-rhel9-operator@sha256:7d7de1bbcd1154bb6aa9c1d0e94c1413aad4714b3cbe8d6d2512bca238af3292_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ovn-rhel9-operator@sha256:cca32c23677bf4ad3405d7151ced32b4963860edd50981b236b8ef636567e982_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/placement-rhel9-operator@sha256:44c1ef6eacfa049e4846dabd182648ccad01df7f5019ac7ea9d98bc8b0e2d95f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/rabbitmq-cluster-rhel9-operator@sha256:e9f6e20f5e7a11cea3533cebc6834ce36d20007ad3fc866c373e410c66c8195d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/sg-core-rhel9@sha256:e40fac6ed64076c41c6056df02153011ea9ac575ca018aa1c9c3b8093426f6d4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/swift-rhel9-operator@sha256:59483bd45a23f40462c37064ec6dc334b8366f6266aa959825d2a8ed7075ff40_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/telemetry-rhel9-operator@sha256:66fefdca3acda5f33d8eefe32abd3a2c1e3665e5ae9456683dca604524001695_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/test-rhel9-operator@sha256:e248484aaea76516e4c504439608f3ccfd5236756521156780ada8a14bf25b98_amd64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in Go's html/template standard library package. If errors returned from MarshalJSON methods contain user-controlled data, they may be used to break the contextual auto-escaping behavior of the html/template package, allowing subsequent actions to inject unexpected content into templates.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/barbican-rhel9-operator@sha256:9d4c302bf3ef3861b54fc401d1742e91b089e9172c28fcf7d450dac4c50f03ea_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/cinder-rhel9-operator@sha256:5b0a67c7eb1eeda740c1d7659eea8ab51a21427e1ba2ff1714860bc7f01a3ca6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/designate-rhel9-operator@sha256:a5646a3a3d6f7584538ecddeac5537e26ae6c0f60b36df7ebae1bd527cc982c7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/glance-rhel9-operator@sha256:a1c8bcc3bc80b8787bed607276084c23bc7891ddb91eba6f145779a8fe481834_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/heat-rhel9-operator@sha256:ea965c08c2c7d31410ed80b8eb808933cc511783f8c69b0d1bd8a17ee9abf19d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/horizon-rhel9-operator@sha256:17246bbe4f31daffc1614ac6a3d5d90a552b2cdd68d757bd48be6c57d31f6c2e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/infra-rhel9-operator@sha256:5c873e80bc6a33ac0244e75ef93582e22f211125ed50fd06b4537cc8db15e37e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ironic-rhel9-operator@sha256:030589a0e86a20a306c3e9118c3f29ee95d409fc88a1173f174c11556c6ca58c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/keystone-rhel9-operator@sha256:6d2d87f44b7c0b3b5aff6bc2ad112d4bcd3e5f2a2a157f449842cc9340789392_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/manila-rhel9-operator@sha256:15356683398fada9c162ccc37f150477f39a1c53f55033d07c712ad6aa317e36_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/mariadb-rhel9-operator@sha256:98bcc0d3c4b05d160a615165426c13bb2318597fa126c2fe9a38688d81fd4ea1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/neutron-rhel9-operator@sha256:850c2f1377fa0a5a0143ed226abccbec78ed03d86adcdc1e9daaa2dd45614d49_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/nova-rhel9-operator@sha256:641657e9340a21d5e82e81407b2b3719df6eed8cd8334171aaa338dde86d6d52_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/octavia-rhel9-operator@sha256:605b6c299ab3bd243638a7896c2f5105fcfddbe92d1d6975ad3819f449c00709_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-agent-rhel9@sha256:f08212d197b81bbcd1e44ffb5e20d2b7327b3b438b103e37065783f9027c020c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-rhel9-operator@sha256:0960068ccad1929734b174c67a64e06d7afc1851123c117dc942d2873046f808_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-must-gather-rhel9@sha256:586ab3bab72c0dd76418c6e4fbf49577c289430212567aab495cd7231d52e4fc_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-rhel9-operator@sha256:7d7de1bbcd1154bb6aa9c1d0e94c1413aad4714b3cbe8d6d2512bca238af3292_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ovn-rhel9-operator@sha256:cca32c23677bf4ad3405d7151ced32b4963860edd50981b236b8ef636567e982_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/placement-rhel9-operator@sha256:44c1ef6eacfa049e4846dabd182648ccad01df7f5019ac7ea9d98bc8b0e2d95f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/rabbitmq-cluster-rhel9-operator@sha256:e9f6e20f5e7a11cea3533cebc6834ce36d20007ad3fc866c373e410c66c8195d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/sg-core-rhel9@sha256:e40fac6ed64076c41c6056df02153011ea9ac575ca018aa1c9c3b8093426f6d4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/swift-rhel9-operator@sha256:59483bd45a23f40462c37064ec6dc334b8366f6266aa959825d2a8ed7075ff40_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/telemetry-rhel9-operator@sha256:66fefdca3acda5f33d8eefe32abd3a2c1e3665e5ae9456683dca604524001695_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/test-rhel9-operator@sha256:e248484aaea76516e4c504439608f3ccfd5236756521156780ada8a14bf25b98_amd64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the net package of the Go stdlib. When a malformed DNS message is received as a response to a query, the Lookup functions within the net package can get stuck in an infinite loop. This issue can lead to resource exhaustion and denial of service (DoS) conditions.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/barbican-rhel9-operator@sha256:9d4c302bf3ef3861b54fc401d1742e91b089e9172c28fcf7d450dac4c50f03ea_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/cinder-rhel9-operator@sha256:5b0a67c7eb1eeda740c1d7659eea8ab51a21427e1ba2ff1714860bc7f01a3ca6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/designate-rhel9-operator@sha256:a5646a3a3d6f7584538ecddeac5537e26ae6c0f60b36df7ebae1bd527cc982c7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/glance-rhel9-operator@sha256:a1c8bcc3bc80b8787bed607276084c23bc7891ddb91eba6f145779a8fe481834_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/heat-rhel9-operator@sha256:ea965c08c2c7d31410ed80b8eb808933cc511783f8c69b0d1bd8a17ee9abf19d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/horizon-rhel9-operator@sha256:17246bbe4f31daffc1614ac6a3d5d90a552b2cdd68d757bd48be6c57d31f6c2e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/infra-rhel9-operator@sha256:5c873e80bc6a33ac0244e75ef93582e22f211125ed50fd06b4537cc8db15e37e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ironic-rhel9-operator@sha256:030589a0e86a20a306c3e9118c3f29ee95d409fc88a1173f174c11556c6ca58c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/keystone-rhel9-operator@sha256:6d2d87f44b7c0b3b5aff6bc2ad112d4bcd3e5f2a2a157f449842cc9340789392_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/manila-rhel9-operator@sha256:15356683398fada9c162ccc37f150477f39a1c53f55033d07c712ad6aa317e36_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/mariadb-rhel9-operator@sha256:98bcc0d3c4b05d160a615165426c13bb2318597fa126c2fe9a38688d81fd4ea1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/neutron-rhel9-operator@sha256:850c2f1377fa0a5a0143ed226abccbec78ed03d86adcdc1e9daaa2dd45614d49_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/nova-rhel9-operator@sha256:641657e9340a21d5e82e81407b2b3719df6eed8cd8334171aaa338dde86d6d52_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/octavia-rhel9-operator@sha256:605b6c299ab3bd243638a7896c2f5105fcfddbe92d1d6975ad3819f449c00709_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-agent-rhel9@sha256:f08212d197b81bbcd1e44ffb5e20d2b7327b3b438b103e37065783f9027c020c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-rhel9-operator@sha256:0960068ccad1929734b174c67a64e06d7afc1851123c117dc942d2873046f808_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-must-gather-rhel9@sha256:586ab3bab72c0dd76418c6e4fbf49577c289430212567aab495cd7231d52e4fc_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-rhel9-operator@sha256:7d7de1bbcd1154bb6aa9c1d0e94c1413aad4714b3cbe8d6d2512bca238af3292_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ovn-rhel9-operator@sha256:cca32c23677bf4ad3405d7151ced32b4963860edd50981b236b8ef636567e982_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/placement-rhel9-operator@sha256:44c1ef6eacfa049e4846dabd182648ccad01df7f5019ac7ea9d98bc8b0e2d95f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/rabbitmq-cluster-rhel9-operator@sha256:e9f6e20f5e7a11cea3533cebc6834ce36d20007ad3fc866c373e410c66c8195d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/sg-core-rhel9@sha256:e40fac6ed64076c41c6056df02153011ea9ac575ca018aa1c9c3b8093426f6d4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/swift-rhel9-operator@sha256:59483bd45a23f40462c37064ec6dc334b8366f6266aa959825d2a8ed7075ff40_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/telemetry-rhel9-operator@sha256:66fefdca3acda5f33d8eefe32abd3a2c1e3665e5ae9456683dca604524001695_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/test-rhel9-operator@sha256:e248484aaea76516e4c504439608f3ccfd5236756521156780ada8a14bf25b98_amd64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the go/parser package of the Golang standard library. Calling any Parse functions on Go source code containing deeply nested literals can cause a panic due to stack exhaustion.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/barbican-rhel9-operator@sha256:9d4c302bf3ef3861b54fc401d1742e91b089e9172c28fcf7d450dac4c50f03ea_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/cinder-rhel9-operator@sha256:5b0a67c7eb1eeda740c1d7659eea8ab51a21427e1ba2ff1714860bc7f01a3ca6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/designate-rhel9-operator@sha256:a5646a3a3d6f7584538ecddeac5537e26ae6c0f60b36df7ebae1bd527cc982c7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/glance-rhel9-operator@sha256:a1c8bcc3bc80b8787bed607276084c23bc7891ddb91eba6f145779a8fe481834_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/heat-rhel9-operator@sha256:ea965c08c2c7d31410ed80b8eb808933cc511783f8c69b0d1bd8a17ee9abf19d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/horizon-rhel9-operator@sha256:17246bbe4f31daffc1614ac6a3d5d90a552b2cdd68d757bd48be6c57d31f6c2e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/infra-rhel9-operator@sha256:5c873e80bc6a33ac0244e75ef93582e22f211125ed50fd06b4537cc8db15e37e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ironic-rhel9-operator@sha256:030589a0e86a20a306c3e9118c3f29ee95d409fc88a1173f174c11556c6ca58c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/keystone-rhel9-operator@sha256:6d2d87f44b7c0b3b5aff6bc2ad112d4bcd3e5f2a2a157f449842cc9340789392_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/manila-rhel9-operator@sha256:15356683398fada9c162ccc37f150477f39a1c53f55033d07c712ad6aa317e36_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/mariadb-rhel9-operator@sha256:98bcc0d3c4b05d160a615165426c13bb2318597fa126c2fe9a38688d81fd4ea1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/neutron-rhel9-operator@sha256:850c2f1377fa0a5a0143ed226abccbec78ed03d86adcdc1e9daaa2dd45614d49_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/nova-rhel9-operator@sha256:641657e9340a21d5e82e81407b2b3719df6eed8cd8334171aaa338dde86d6d52_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/octavia-rhel9-operator@sha256:605b6c299ab3bd243638a7896c2f5105fcfddbe92d1d6975ad3819f449c00709_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-agent-rhel9@sha256:f08212d197b81bbcd1e44ffb5e20d2b7327b3b438b103e37065783f9027c020c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-rhel9-operator@sha256:0960068ccad1929734b174c67a64e06d7afc1851123c117dc942d2873046f808_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-must-gather-rhel9@sha256:586ab3bab72c0dd76418c6e4fbf49577c289430212567aab495cd7231d52e4fc_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-rhel9-operator@sha256:7d7de1bbcd1154bb6aa9c1d0e94c1413aad4714b3cbe8d6d2512bca238af3292_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ovn-rhel9-operator@sha256:cca32c23677bf4ad3405d7151ced32b4963860edd50981b236b8ef636567e982_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/placement-rhel9-operator@sha256:44c1ef6eacfa049e4846dabd182648ccad01df7f5019ac7ea9d98bc8b0e2d95f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/rabbitmq-cluster-rhel9-operator@sha256:e9f6e20f5e7a11cea3533cebc6834ce36d20007ad3fc866c373e410c66c8195d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/sg-core-rhel9@sha256:e40fac6ed64076c41c6056df02153011ea9ac575ca018aa1c9c3b8093426f6d4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/swift-rhel9-operator@sha256:59483bd45a23f40462c37064ec6dc334b8366f6266aa959825d2a8ed7075ff40_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/telemetry-rhel9-operator@sha256:66fefdca3acda5f33d8eefe32abd3a2c1e3665e5ae9456683dca604524001695_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/test-rhel9-operator@sha256:e248484aaea76516e4c504439608f3ccfd5236756521156780ada8a14bf25b98_amd64 | — |
Vendor Fix
fix
Workaround
|
A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/barbican-rhel9-operator@sha256:9d4c302bf3ef3861b54fc401d1742e91b089e9172c28fcf7d450dac4c50f03ea_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/cinder-rhel9-operator@sha256:5b0a67c7eb1eeda740c1d7659eea8ab51a21427e1ba2ff1714860bc7f01a3ca6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/designate-rhel9-operator@sha256:a5646a3a3d6f7584538ecddeac5537e26ae6c0f60b36df7ebae1bd527cc982c7_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/glance-rhel9-operator@sha256:a1c8bcc3bc80b8787bed607276084c23bc7891ddb91eba6f145779a8fe481834_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/heat-rhel9-operator@sha256:ea965c08c2c7d31410ed80b8eb808933cc511783f8c69b0d1bd8a17ee9abf19d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/horizon-rhel9-operator@sha256:17246bbe4f31daffc1614ac6a3d5d90a552b2cdd68d757bd48be6c57d31f6c2e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/infra-rhel9-operator@sha256:5c873e80bc6a33ac0244e75ef93582e22f211125ed50fd06b4537cc8db15e37e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ironic-rhel9-operator@sha256:030589a0e86a20a306c3e9118c3f29ee95d409fc88a1173f174c11556c6ca58c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/keystone-rhel9-operator@sha256:6d2d87f44b7c0b3b5aff6bc2ad112d4bcd3e5f2a2a157f449842cc9340789392_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/manila-rhel9-operator@sha256:15356683398fada9c162ccc37f150477f39a1c53f55033d07c712ad6aa317e36_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/mariadb-rhel9-operator@sha256:98bcc0d3c4b05d160a615165426c13bb2318597fa126c2fe9a38688d81fd4ea1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/neutron-rhel9-operator@sha256:850c2f1377fa0a5a0143ed226abccbec78ed03d86adcdc1e9daaa2dd45614d49_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/nova-rhel9-operator@sha256:641657e9340a21d5e82e81407b2b3719df6eed8cd8334171aaa338dde86d6d52_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/octavia-rhel9-operator@sha256:605b6c299ab3bd243638a7896c2f5105fcfddbe92d1d6975ad3819f449c00709_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-agent-rhel9@sha256:f08212d197b81bbcd1e44ffb5e20d2b7327b3b438b103e37065783f9027c020c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-rhel9-operator@sha256:0960068ccad1929734b174c67a64e06d7afc1851123c117dc942d2873046f808_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-must-gather-rhel9@sha256:586ab3bab72c0dd76418c6e4fbf49577c289430212567aab495cd7231d52e4fc_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-rhel9-operator@sha256:7d7de1bbcd1154bb6aa9c1d0e94c1413aad4714b3cbe8d6d2512bca238af3292_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ovn-rhel9-operator@sha256:cca32c23677bf4ad3405d7151ced32b4963860edd50981b236b8ef636567e982_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/placement-rhel9-operator@sha256:44c1ef6eacfa049e4846dabd182648ccad01df7f5019ac7ea9d98bc8b0e2d95f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/rabbitmq-cluster-rhel9-operator@sha256:e9f6e20f5e7a11cea3533cebc6834ce36d20007ad3fc866c373e410c66c8195d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/sg-core-rhel9@sha256:e40fac6ed64076c41c6056df02153011ea9ac575ca018aa1c9c3b8093426f6d4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/swift-rhel9-operator@sha256:59483bd45a23f40462c37064ec6dc334b8366f6266aa959825d2a8ed7075ff40_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/telemetry-rhel9-operator@sha256:66fefdca3acda5f33d8eefe32abd3a2c1e3665e5ae9456683dca604524001695_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSO-1.0-PODIFIED:rhoso-operators/test-rhel9-operator@sha256:e248484aaea76516e4c504439608f3ccfd5236756521156780ada8a14bf25b98_amd64 | — |
Vendor Fix
fix
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Control plane Operators for RHOSO 18.0.3 (Feature Release 1).\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Security fix(es):\n\n* Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. (CVE-2024-34156)\n\n* When following an HTTP redirect to a domain which is not a subdomain match or exact match of the initial domain, an http.Client does not forward sensitive headers such as \"Authorization\" or \"Cookie\". For example, a redirect from foo.com to www.foo.com will forward the Authorization header, but a redirect to bar.com will not. A maliciously crafted HTTP redirect could cause sensitive headers to be unexpectedly forwarded. (CVE-2023-45289)\n\n* When parsing a multipart form (either explicitly with Request.ParseMultipartForm or implicitly with Request.FormValue, Request.PostFormValue, or Request.FormFile), limits on the total size of the parsed form were not applied to the memory consumed while reading a single form line. This permitted a maliciously crafted input containing very long lines to cause allocation of arbitrarily large amounts of memory, potentially leading to memory exhaustion. (CVE-2023-45290)\n\n* Verifying a certificate chain which contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This affects all crypto/tls clients, and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert. The default behavior is for TLS servers to not verify client certificates. (CVE-2024-24783)\n\n* The ParseAddressList function incorrectly handles comments (text within parentheses) within display names. Since this is a misalignment with conforming address parsers, it can result in different trust decisions being made by programs using different parsers. (CVE-2024-24784)\n\n* If errors returned from MarshalJSON methods contain user controlled data, they may be used to break the contextual auto-escaping behavior of the\nhtml/template package, allowing for subsequent actions to inject unexpected content into templates. (CVE-2024-24785)\n\n* A malformed DNS message in response to a query can cause the Lookup functions to get stuck in an infinite loop. (CVE-2024-24788)\n\n* Calling any of the Parse functions on Go source code which contains deeply nested literals can cause a panic due to stack exhaustion. (CVE-2024-34155)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:9485",
"url": "https://access.redhat.com/errata/RHSA-2024:9485"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2268017",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268017"
},
{
"category": "external",
"summary": "2268018",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268018"
},
{
"category": "external",
"summary": "2268019",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268019"
},
{
"category": "external",
"summary": "2268021",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268021"
},
{
"category": "external",
"summary": "2268022",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268022"
},
{
"category": "external",
"summary": "2279814",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2279814"
},
{
"category": "external",
"summary": "2310527",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310527"
},
{
"category": "external",
"summary": "2310528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310528"
},
{
"category": "external",
"summary": "OSPRH-10035",
"url": "https://issues.redhat.com/browse/OSPRH-10035"
},
{
"category": "external",
"summary": "OSPRH-10040",
"url": "https://issues.redhat.com/browse/OSPRH-10040"
},
{
"category": "external",
"summary": "OSPRH-10090",
"url": "https://issues.redhat.com/browse/OSPRH-10090"
},
{
"category": "external",
"summary": "OSPRH-10141",
"url": "https://issues.redhat.com/browse/OSPRH-10141"
},
{
"category": "external",
"summary": "OSPRH-10195",
"url": "https://issues.redhat.com/browse/OSPRH-10195"
},
{
"category": "external",
"summary": "OSPRH-10282",
"url": "https://issues.redhat.com/browse/OSPRH-10282"
},
{
"category": "external",
"summary": "OSPRH-10288",
"url": "https://issues.redhat.com/browse/OSPRH-10288"
},
{
"category": "external",
"summary": "OSPRH-10411",
"url": "https://issues.redhat.com/browse/OSPRH-10411"
},
{
"category": "external",
"summary": "OSPRH-105",
"url": "https://issues.redhat.com/browse/OSPRH-105"
},
{
"category": "external",
"summary": "OSPRH-10612",
"url": "https://issues.redhat.com/browse/OSPRH-10612"
},
{
"category": "external",
"summary": "OSPRH-10639",
"url": "https://issues.redhat.com/browse/OSPRH-10639"
},
{
"category": "external",
"summary": "OSPRH-10725",
"url": "https://issues.redhat.com/browse/OSPRH-10725"
},
{
"category": "external",
"summary": "OSPRH-1099",
"url": "https://issues.redhat.com/browse/OSPRH-1099"
},
{
"category": "external",
"summary": "OSPRH-11068",
"url": "https://issues.redhat.com/browse/OSPRH-11068"
},
{
"category": "external",
"summary": "OSPRH-1478",
"url": "https://issues.redhat.com/browse/OSPRH-1478"
},
{
"category": "external",
"summary": "OSPRH-2428",
"url": "https://issues.redhat.com/browse/OSPRH-2428"
},
{
"category": "external",
"summary": "OSPRH-3466",
"url": "https://issues.redhat.com/browse/OSPRH-3466"
},
{
"category": "external",
"summary": "OSPRH-3467",
"url": "https://issues.redhat.com/browse/OSPRH-3467"
},
{
"category": "external",
"summary": "OSPRH-4128",
"url": "https://issues.redhat.com/browse/OSPRH-4128"
},
{
"category": "external",
"summary": "OSPRH-6501",
"url": "https://issues.redhat.com/browse/OSPRH-6501"
},
{
"category": "external",
"summary": "OSPRH-6624",
"url": "https://issues.redhat.com/browse/OSPRH-6624"
},
{
"category": "external",
"summary": "OSPRH-6720",
"url": "https://issues.redhat.com/browse/OSPRH-6720"
},
{
"category": "external",
"summary": "OSPRH-6951",
"url": "https://issues.redhat.com/browse/OSPRH-6951"
},
{
"category": "external",
"summary": "OSPRH-7324",
"url": "https://issues.redhat.com/browse/OSPRH-7324"
},
{
"category": "external",
"summary": "OSPRH-7610",
"url": "https://issues.redhat.com/browse/OSPRH-7610"
},
{
"category": "external",
"summary": "OSPRH-7817",
"url": "https://issues.redhat.com/browse/OSPRH-7817"
},
{
"category": "external",
"summary": "OSPRH-7821",
"url": "https://issues.redhat.com/browse/OSPRH-7821"
},
{
"category": "external",
"summary": "OSPRH-8038",
"url": "https://issues.redhat.com/browse/OSPRH-8038"
},
{
"category": "external",
"summary": "OSPRH-8058",
"url": "https://issues.redhat.com/browse/OSPRH-8058"
},
{
"category": "external",
"summary": "OSPRH-8065",
"url": "https://issues.redhat.com/browse/OSPRH-8065"
},
{
"category": "external",
"summary": "OSPRH-8069",
"url": "https://issues.redhat.com/browse/OSPRH-8069"
},
{
"category": "external",
"summary": "OSPRH-8072",
"url": "https://issues.redhat.com/browse/OSPRH-8072"
},
{
"category": "external",
"summary": "OSPRH-8074",
"url": "https://issues.redhat.com/browse/OSPRH-8074"
},
{
"category": "external",
"summary": "OSPRH-8078",
"url": "https://issues.redhat.com/browse/OSPRH-8078"
},
{
"category": "external",
"summary": "OSPRH-8118",
"url": "https://issues.redhat.com/browse/OSPRH-8118"
},
{
"category": "external",
"summary": "OSPRH-8192",
"url": "https://issues.redhat.com/browse/OSPRH-8192"
},
{
"category": "external",
"summary": "OSPRH-8193",
"url": "https://issues.redhat.com/browse/OSPRH-8193"
},
{
"category": "external",
"summary": "OSPRH-8195",
"url": "https://issues.redhat.com/browse/OSPRH-8195"
},
{
"category": "external",
"summary": "OSPRH-8212",
"url": "https://issues.redhat.com/browse/OSPRH-8212"
},
{
"category": "external",
"summary": "OSPRH-8290",
"url": "https://issues.redhat.com/browse/OSPRH-8290"
},
{
"category": "external",
"summary": "OSPRH-8508",
"url": "https://issues.redhat.com/browse/OSPRH-8508"
},
{
"category": "external",
"summary": "OSPRH-8535",
"url": "https://issues.redhat.com/browse/OSPRH-8535"
},
{
"category": "external",
"summary": "OSPRH-8582",
"url": "https://issues.redhat.com/browse/OSPRH-8582"
},
{
"category": "external",
"summary": "OSPRH-9285",
"url": "https://issues.redhat.com/browse/OSPRH-9285"
},
{
"category": "external",
"summary": "OSPRH-9371",
"url": "https://issues.redhat.com/browse/OSPRH-9371"
},
{
"category": "external",
"summary": "OSPRH-9411",
"url": "https://issues.redhat.com/browse/OSPRH-9411"
},
{
"category": "external",
"summary": "OSPRH-9455",
"url": "https://issues.redhat.com/browse/OSPRH-9455"
},
{
"category": "external",
"summary": "OSPRH-9908",
"url": "https://issues.redhat.com/browse/OSPRH-9908"
},
{
"category": "external",
"summary": "OSPRH-9910",
"url": "https://issues.redhat.com/browse/OSPRH-9910"
},
{
"category": "external",
"summary": "OSPRH-9991",
"url": "https://issues.redhat.com/browse/OSPRH-9991"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_9485.json"
}
],
"title": "Red Hat Security Advisory: Control plane Operators for RHOSO 18.0.3 (Feature Release 1) security update",
"tracking": {
"current_release_date": "2024-12-17T22:52:33+00:00",
"generator": {
"date": "2024-12-17T22:52:33+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2024:9485",
"initial_release_date": "2024-11-13T13:14:57+00:00",
"revision_history": [
{
"date": "2024-11-13T13:14:57+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-11-13T13:14:57+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-17T22:52:33+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "9Base-RHOSO-1.0-PODIFIED",
"product": {
"name": "9Base-RHOSO-1.0-PODIFIED",
"product_id": "9Base-RHOSO-1.0-PODIFIED",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openstack_podified:1.0::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenStack Services on OpenShift"
},
{
"branches": [
{
"category": "product_version",
"name": "rhoso-operators/barbican-rhel9-operator@sha256:9d4c302bf3ef3861b54fc401d1742e91b089e9172c28fcf7d450dac4c50f03ea_amd64",
"product": {
"name": "rhoso-operators/barbican-rhel9-operator@sha256:9d4c302bf3ef3861b54fc401d1742e91b089e9172c28fcf7d450dac4c50f03ea_amd64",
"product_id": "rhoso-operators/barbican-rhel9-operator@sha256:9d4c302bf3ef3861b54fc401d1742e91b089e9172c28fcf7d450dac4c50f03ea_amd64",
"product_identification_helper": {
"purl": "pkg:oci/barbican-rhel9-operator@sha256:9d4c302bf3ef3861b54fc401d1742e91b089e9172c28fcf7d450dac4c50f03ea?arch=amd64\u0026repository_url=registry.redhat.io/rhoso-operators/barbican-rhel9-operator\u0026tag=1.0.4-4"
}
}
},
{
"category": "product_version",
"name": "rhoso-operators/cinder-rhel9-operator@sha256:5b0a67c7eb1eeda740c1d7659eea8ab51a21427e1ba2ff1714860bc7f01a3ca6_amd64",
"product": {
"name": "rhoso-operators/cinder-rhel9-operator@sha256:5b0a67c7eb1eeda740c1d7659eea8ab51a21427e1ba2ff1714860bc7f01a3ca6_amd64",
"product_id": "rhoso-operators/cinder-rhel9-operator@sha256:5b0a67c7eb1eeda740c1d7659eea8ab51a21427e1ba2ff1714860bc7f01a3ca6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cinder-rhel9-operator@sha256:5b0a67c7eb1eeda740c1d7659eea8ab51a21427e1ba2ff1714860bc7f01a3ca6?arch=amd64\u0026repository_url=registry.redhat.io/rhoso-operators/cinder-rhel9-operator\u0026tag=1.0.4-4"
}
}
},
{
"category": "product_version",
"name": "rhoso-operators/designate-rhel9-operator@sha256:a5646a3a3d6f7584538ecddeac5537e26ae6c0f60b36df7ebae1bd527cc982c7_amd64",
"product": {
"name": "rhoso-operators/designate-rhel9-operator@sha256:a5646a3a3d6f7584538ecddeac5537e26ae6c0f60b36df7ebae1bd527cc982c7_amd64",
"product_id": "rhoso-operators/designate-rhel9-operator@sha256:a5646a3a3d6f7584538ecddeac5537e26ae6c0f60b36df7ebae1bd527cc982c7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/designate-rhel9-operator@sha256:a5646a3a3d6f7584538ecddeac5537e26ae6c0f60b36df7ebae1bd527cc982c7?arch=amd64\u0026repository_url=registry.redhat.io/rhoso-operators/designate-rhel9-operator\u0026tag=1.0.4-4"
}
}
},
{
"category": "product_version",
"name": "rhoso-operators/glance-rhel9-operator@sha256:a1c8bcc3bc80b8787bed607276084c23bc7891ddb91eba6f145779a8fe481834_amd64",
"product": {
"name": "rhoso-operators/glance-rhel9-operator@sha256:a1c8bcc3bc80b8787bed607276084c23bc7891ddb91eba6f145779a8fe481834_amd64",
"product_id": "rhoso-operators/glance-rhel9-operator@sha256:a1c8bcc3bc80b8787bed607276084c23bc7891ddb91eba6f145779a8fe481834_amd64",
"product_identification_helper": {
"purl": "pkg:oci/glance-rhel9-operator@sha256:a1c8bcc3bc80b8787bed607276084c23bc7891ddb91eba6f145779a8fe481834?arch=amd64\u0026repository_url=registry.redhat.io/rhoso-operators/glance-rhel9-operator\u0026tag=1.0.4-4"
}
}
},
{
"category": "product_version",
"name": "rhoso-operators/heat-rhel9-operator@sha256:ea965c08c2c7d31410ed80b8eb808933cc511783f8c69b0d1bd8a17ee9abf19d_amd64",
"product": {
"name": "rhoso-operators/heat-rhel9-operator@sha256:ea965c08c2c7d31410ed80b8eb808933cc511783f8c69b0d1bd8a17ee9abf19d_amd64",
"product_id": "rhoso-operators/heat-rhel9-operator@sha256:ea965c08c2c7d31410ed80b8eb808933cc511783f8c69b0d1bd8a17ee9abf19d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/heat-rhel9-operator@sha256:ea965c08c2c7d31410ed80b8eb808933cc511783f8c69b0d1bd8a17ee9abf19d?arch=amd64\u0026repository_url=registry.redhat.io/rhoso-operators/heat-rhel9-operator\u0026tag=1.0.4-4"
}
}
},
{
"category": "product_version",
"name": "rhoso-operators/horizon-rhel9-operator@sha256:17246bbe4f31daffc1614ac6a3d5d90a552b2cdd68d757bd48be6c57d31f6c2e_amd64",
"product": {
"name": "rhoso-operators/horizon-rhel9-operator@sha256:17246bbe4f31daffc1614ac6a3d5d90a552b2cdd68d757bd48be6c57d31f6c2e_amd64",
"product_id": "rhoso-operators/horizon-rhel9-operator@sha256:17246bbe4f31daffc1614ac6a3d5d90a552b2cdd68d757bd48be6c57d31f6c2e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/horizon-rhel9-operator@sha256:17246bbe4f31daffc1614ac6a3d5d90a552b2cdd68d757bd48be6c57d31f6c2e?arch=amd64\u0026repository_url=registry.redhat.io/rhoso-operators/horizon-rhel9-operator\u0026tag=1.0.4-4"
}
}
},
{
"category": "product_version",
"name": "rhoso-operators/infra-rhel9-operator@sha256:5c873e80bc6a33ac0244e75ef93582e22f211125ed50fd06b4537cc8db15e37e_amd64",
"product": {
"name": "rhoso-operators/infra-rhel9-operator@sha256:5c873e80bc6a33ac0244e75ef93582e22f211125ed50fd06b4537cc8db15e37e_amd64",
"product_id": "rhoso-operators/infra-rhel9-operator@sha256:5c873e80bc6a33ac0244e75ef93582e22f211125ed50fd06b4537cc8db15e37e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/infra-rhel9-operator@sha256:5c873e80bc6a33ac0244e75ef93582e22f211125ed50fd06b4537cc8db15e37e?arch=amd64\u0026repository_url=registry.redhat.io/rhoso-operators/infra-rhel9-operator\u0026tag=1.0.4-4"
}
}
},
{
"category": "product_version",
"name": "rhoso-operators/ironic-rhel9-operator@sha256:030589a0e86a20a306c3e9118c3f29ee95d409fc88a1173f174c11556c6ca58c_amd64",
"product": {
"name": "rhoso-operators/ironic-rhel9-operator@sha256:030589a0e86a20a306c3e9118c3f29ee95d409fc88a1173f174c11556c6ca58c_amd64",
"product_id": "rhoso-operators/ironic-rhel9-operator@sha256:030589a0e86a20a306c3e9118c3f29ee95d409fc88a1173f174c11556c6ca58c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ironic-rhel9-operator@sha256:030589a0e86a20a306c3e9118c3f29ee95d409fc88a1173f174c11556c6ca58c?arch=amd64\u0026repository_url=registry.redhat.io/rhoso-operators/ironic-rhel9-operator\u0026tag=1.0.4-4"
}
}
},
{
"category": "product_version",
"name": "rhoso-operators/keystone-rhel9-operator@sha256:6d2d87f44b7c0b3b5aff6bc2ad112d4bcd3e5f2a2a157f449842cc9340789392_amd64",
"product": {
"name": "rhoso-operators/keystone-rhel9-operator@sha256:6d2d87f44b7c0b3b5aff6bc2ad112d4bcd3e5f2a2a157f449842cc9340789392_amd64",
"product_id": "rhoso-operators/keystone-rhel9-operator@sha256:6d2d87f44b7c0b3b5aff6bc2ad112d4bcd3e5f2a2a157f449842cc9340789392_amd64",
"product_identification_helper": {
"purl": "pkg:oci/keystone-rhel9-operator@sha256:6d2d87f44b7c0b3b5aff6bc2ad112d4bcd3e5f2a2a157f449842cc9340789392?arch=amd64\u0026repository_url=registry.redhat.io/rhoso-operators/keystone-rhel9-operator\u0026tag=1.0.4-4"
}
}
},
{
"category": "product_version",
"name": "rhoso-operators/manila-rhel9-operator@sha256:15356683398fada9c162ccc37f150477f39a1c53f55033d07c712ad6aa317e36_amd64",
"product": {
"name": "rhoso-operators/manila-rhel9-operator@sha256:15356683398fada9c162ccc37f150477f39a1c53f55033d07c712ad6aa317e36_amd64",
"product_id": "rhoso-operators/manila-rhel9-operator@sha256:15356683398fada9c162ccc37f150477f39a1c53f55033d07c712ad6aa317e36_amd64",
"product_identification_helper": {
"purl": "pkg:oci/manila-rhel9-operator@sha256:15356683398fada9c162ccc37f150477f39a1c53f55033d07c712ad6aa317e36?arch=amd64\u0026repository_url=registry.redhat.io/rhoso-operators/manila-rhel9-operator\u0026tag=1.0.4-4"
}
}
},
{
"category": "product_version",
"name": "rhoso-operators/mariadb-rhel9-operator@sha256:98bcc0d3c4b05d160a615165426c13bb2318597fa126c2fe9a38688d81fd4ea1_amd64",
"product": {
"name": "rhoso-operators/mariadb-rhel9-operator@sha256:98bcc0d3c4b05d160a615165426c13bb2318597fa126c2fe9a38688d81fd4ea1_amd64",
"product_id": "rhoso-operators/mariadb-rhel9-operator@sha256:98bcc0d3c4b05d160a615165426c13bb2318597fa126c2fe9a38688d81fd4ea1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/mariadb-rhel9-operator@sha256:98bcc0d3c4b05d160a615165426c13bb2318597fa126c2fe9a38688d81fd4ea1?arch=amd64\u0026repository_url=registry.redhat.io/rhoso-operators/mariadb-rhel9-operator\u0026tag=1.0.4-4"
}
}
},
{
"category": "product_version",
"name": "rhoso-operators/neutron-rhel9-operator@sha256:850c2f1377fa0a5a0143ed226abccbec78ed03d86adcdc1e9daaa2dd45614d49_amd64",
"product": {
"name": "rhoso-operators/neutron-rhel9-operator@sha256:850c2f1377fa0a5a0143ed226abccbec78ed03d86adcdc1e9daaa2dd45614d49_amd64",
"product_id": "rhoso-operators/neutron-rhel9-operator@sha256:850c2f1377fa0a5a0143ed226abccbec78ed03d86adcdc1e9daaa2dd45614d49_amd64",
"product_identification_helper": {
"purl": "pkg:oci/neutron-rhel9-operator@sha256:850c2f1377fa0a5a0143ed226abccbec78ed03d86adcdc1e9daaa2dd45614d49?arch=amd64\u0026repository_url=registry.redhat.io/rhoso-operators/neutron-rhel9-operator\u0026tag=1.0.4-4"
}
}
},
{
"category": "product_version",
"name": "rhoso-operators/nova-rhel9-operator@sha256:641657e9340a21d5e82e81407b2b3719df6eed8cd8334171aaa338dde86d6d52_amd64",
"product": {
"name": "rhoso-operators/nova-rhel9-operator@sha256:641657e9340a21d5e82e81407b2b3719df6eed8cd8334171aaa338dde86d6d52_amd64",
"product_id": "rhoso-operators/nova-rhel9-operator@sha256:641657e9340a21d5e82e81407b2b3719df6eed8cd8334171aaa338dde86d6d52_amd64",
"product_identification_helper": {
"purl": "pkg:oci/nova-rhel9-operator@sha256:641657e9340a21d5e82e81407b2b3719df6eed8cd8334171aaa338dde86d6d52?arch=amd64\u0026repository_url=registry.redhat.io/rhoso-operators/nova-rhel9-operator\u0026tag=1.0.4-4"
}
}
},
{
"category": "product_version",
"name": "rhoso-operators/octavia-rhel9-operator@sha256:605b6c299ab3bd243638a7896c2f5105fcfddbe92d1d6975ad3819f449c00709_amd64",
"product": {
"name": "rhoso-operators/octavia-rhel9-operator@sha256:605b6c299ab3bd243638a7896c2f5105fcfddbe92d1d6975ad3819f449c00709_amd64",
"product_id": "rhoso-operators/octavia-rhel9-operator@sha256:605b6c299ab3bd243638a7896c2f5105fcfddbe92d1d6975ad3819f449c00709_amd64",
"product_identification_helper": {
"purl": "pkg:oci/octavia-rhel9-operator@sha256:605b6c299ab3bd243638a7896c2f5105fcfddbe92d1d6975ad3819f449c00709?arch=amd64\u0026repository_url=registry.redhat.io/rhoso-operators/octavia-rhel9-operator\u0026tag=1.0.4-4"
}
}
},
{
"category": "product_version",
"name": "rhoso-operators/openstack-baremetal-agent-rhel9@sha256:f08212d197b81bbcd1e44ffb5e20d2b7327b3b438b103e37065783f9027c020c_amd64",
"product": {
"name": "rhoso-operators/openstack-baremetal-agent-rhel9@sha256:f08212d197b81bbcd1e44ffb5e20d2b7327b3b438b103e37065783f9027c020c_amd64",
"product_id": "rhoso-operators/openstack-baremetal-agent-rhel9@sha256:f08212d197b81bbcd1e44ffb5e20d2b7327b3b438b103e37065783f9027c020c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openstack-baremetal-agent-rhel9@sha256:f08212d197b81bbcd1e44ffb5e20d2b7327b3b438b103e37065783f9027c020c?arch=amd64\u0026repository_url=registry.redhat.io/rhoso-operators/openstack-baremetal-agent-rhel9\u0026tag=1.0.4-4"
}
}
},
{
"category": "product_version",
"name": "rhoso-operators/openstack-baremetal-rhel9-operator@sha256:0960068ccad1929734b174c67a64e06d7afc1851123c117dc942d2873046f808_amd64",
"product": {
"name": "rhoso-operators/openstack-baremetal-rhel9-operator@sha256:0960068ccad1929734b174c67a64e06d7afc1851123c117dc942d2873046f808_amd64",
"product_id": "rhoso-operators/openstack-baremetal-rhel9-operator@sha256:0960068ccad1929734b174c67a64e06d7afc1851123c117dc942d2873046f808_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openstack-baremetal-rhel9-operator@sha256:0960068ccad1929734b174c67a64e06d7afc1851123c117dc942d2873046f808?arch=amd64\u0026repository_url=registry.redhat.io/rhoso-operators/openstack-baremetal-rhel9-operator\u0026tag=1.0.4-4"
}
}
},
{
"category": "product_version",
"name": "rhoso-operators/openstack-must-gather-rhel9@sha256:586ab3bab72c0dd76418c6e4fbf49577c289430212567aab495cd7231d52e4fc_amd64",
"product": {
"name": "rhoso-operators/openstack-must-gather-rhel9@sha256:586ab3bab72c0dd76418c6e4fbf49577c289430212567aab495cd7231d52e4fc_amd64",
"product_id": "rhoso-operators/openstack-must-gather-rhel9@sha256:586ab3bab72c0dd76418c6e4fbf49577c289430212567aab495cd7231d52e4fc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openstack-must-gather-rhel9@sha256:586ab3bab72c0dd76418c6e4fbf49577c289430212567aab495cd7231d52e4fc?arch=amd64\u0026repository_url=registry.redhat.io/rhoso-operators/openstack-must-gather-rhel9\u0026tag=1.0.4-4"
}
}
},
{
"category": "product_version",
"name": "rhoso-operators/openstack-rhel9-operator@sha256:7d7de1bbcd1154bb6aa9c1d0e94c1413aad4714b3cbe8d6d2512bca238af3292_amd64",
"product": {
"name": "rhoso-operators/openstack-rhel9-operator@sha256:7d7de1bbcd1154bb6aa9c1d0e94c1413aad4714b3cbe8d6d2512bca238af3292_amd64",
"product_id": "rhoso-operators/openstack-rhel9-operator@sha256:7d7de1bbcd1154bb6aa9c1d0e94c1413aad4714b3cbe8d6d2512bca238af3292_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openstack-rhel9-operator@sha256:7d7de1bbcd1154bb6aa9c1d0e94c1413aad4714b3cbe8d6d2512bca238af3292?arch=amd64\u0026repository_url=registry.redhat.io/rhoso-operators/openstack-rhel9-operator\u0026tag=1.0.4-6"
}
}
},
{
"category": "product_version",
"name": "rhoso-operators/ovn-rhel9-operator@sha256:cca32c23677bf4ad3405d7151ced32b4963860edd50981b236b8ef636567e982_amd64",
"product": {
"name": "rhoso-operators/ovn-rhel9-operator@sha256:cca32c23677bf4ad3405d7151ced32b4963860edd50981b236b8ef636567e982_amd64",
"product_id": "rhoso-operators/ovn-rhel9-operator@sha256:cca32c23677bf4ad3405d7151ced32b4963860edd50981b236b8ef636567e982_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ovn-rhel9-operator@sha256:cca32c23677bf4ad3405d7151ced32b4963860edd50981b236b8ef636567e982?arch=amd64\u0026repository_url=registry.redhat.io/rhoso-operators/ovn-rhel9-operator\u0026tag=1.0.4-4"
}
}
},
{
"category": "product_version",
"name": "rhoso-operators/placement-rhel9-operator@sha256:44c1ef6eacfa049e4846dabd182648ccad01df7f5019ac7ea9d98bc8b0e2d95f_amd64",
"product": {
"name": "rhoso-operators/placement-rhel9-operator@sha256:44c1ef6eacfa049e4846dabd182648ccad01df7f5019ac7ea9d98bc8b0e2d95f_amd64",
"product_id": "rhoso-operators/placement-rhel9-operator@sha256:44c1ef6eacfa049e4846dabd182648ccad01df7f5019ac7ea9d98bc8b0e2d95f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/placement-rhel9-operator@sha256:44c1ef6eacfa049e4846dabd182648ccad01df7f5019ac7ea9d98bc8b0e2d95f?arch=amd64\u0026repository_url=registry.redhat.io/rhoso-operators/placement-rhel9-operator\u0026tag=1.0.4-4"
}
}
},
{
"category": "product_version",
"name": "rhoso-operators/rabbitmq-cluster-rhel9-operator@sha256:e9f6e20f5e7a11cea3533cebc6834ce36d20007ad3fc866c373e410c66c8195d_amd64",
"product": {
"name": "rhoso-operators/rabbitmq-cluster-rhel9-operator@sha256:e9f6e20f5e7a11cea3533cebc6834ce36d20007ad3fc866c373e410c66c8195d_amd64",
"product_id": "rhoso-operators/rabbitmq-cluster-rhel9-operator@sha256:e9f6e20f5e7a11cea3533cebc6834ce36d20007ad3fc866c373e410c66c8195d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rabbitmq-cluster-rhel9-operator@sha256:e9f6e20f5e7a11cea3533cebc6834ce36d20007ad3fc866c373e410c66c8195d?arch=amd64\u0026repository_url=registry.redhat.io/rhoso-operators/rabbitmq-cluster-rhel9-operator\u0026tag=1.0.4-4"
}
}
},
{
"category": "product_version",
"name": "rhoso-operators/sg-core-rhel9@sha256:e40fac6ed64076c41c6056df02153011ea9ac575ca018aa1c9c3b8093426f6d4_amd64",
"product": {
"name": "rhoso-operators/sg-core-rhel9@sha256:e40fac6ed64076c41c6056df02153011ea9ac575ca018aa1c9c3b8093426f6d4_amd64",
"product_id": "rhoso-operators/sg-core-rhel9@sha256:e40fac6ed64076c41c6056df02153011ea9ac575ca018aa1c9c3b8093426f6d4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/sg-core-rhel9@sha256:e40fac6ed64076c41c6056df02153011ea9ac575ca018aa1c9c3b8093426f6d4?arch=amd64\u0026repository_url=registry.redhat.io/rhoso-operators/sg-core-rhel9\u0026tag=1.0.4-4"
}
}
},
{
"category": "product_version",
"name": "rhoso-operators/swift-rhel9-operator@sha256:59483bd45a23f40462c37064ec6dc334b8366f6266aa959825d2a8ed7075ff40_amd64",
"product": {
"name": "rhoso-operators/swift-rhel9-operator@sha256:59483bd45a23f40462c37064ec6dc334b8366f6266aa959825d2a8ed7075ff40_amd64",
"product_id": "rhoso-operators/swift-rhel9-operator@sha256:59483bd45a23f40462c37064ec6dc334b8366f6266aa959825d2a8ed7075ff40_amd64",
"product_identification_helper": {
"purl": "pkg:oci/swift-rhel9-operator@sha256:59483bd45a23f40462c37064ec6dc334b8366f6266aa959825d2a8ed7075ff40?arch=amd64\u0026repository_url=registry.redhat.io/rhoso-operators/swift-rhel9-operator\u0026tag=1.0.4-4"
}
}
},
{
"category": "product_version",
"name": "rhoso-operators/telemetry-rhel9-operator@sha256:66fefdca3acda5f33d8eefe32abd3a2c1e3665e5ae9456683dca604524001695_amd64",
"product": {
"name": "rhoso-operators/telemetry-rhel9-operator@sha256:66fefdca3acda5f33d8eefe32abd3a2c1e3665e5ae9456683dca604524001695_amd64",
"product_id": "rhoso-operators/telemetry-rhel9-operator@sha256:66fefdca3acda5f33d8eefe32abd3a2c1e3665e5ae9456683dca604524001695_amd64",
"product_identification_helper": {
"purl": "pkg:oci/telemetry-rhel9-operator@sha256:66fefdca3acda5f33d8eefe32abd3a2c1e3665e5ae9456683dca604524001695?arch=amd64\u0026repository_url=registry.redhat.io/rhoso-operators/telemetry-rhel9-operator\u0026tag=1.0.4-4"
}
}
},
{
"category": "product_version",
"name": "rhoso-operators/test-rhel9-operator@sha256:e248484aaea76516e4c504439608f3ccfd5236756521156780ada8a14bf25b98_amd64",
"product": {
"name": "rhoso-operators/test-rhel9-operator@sha256:e248484aaea76516e4c504439608f3ccfd5236756521156780ada8a14bf25b98_amd64",
"product_id": "rhoso-operators/test-rhel9-operator@sha256:e248484aaea76516e4c504439608f3ccfd5236756521156780ada8a14bf25b98_amd64",
"product_identification_helper": {
"purl": "pkg:oci/test-rhel9-operator@sha256:e248484aaea76516e4c504439608f3ccfd5236756521156780ada8a14bf25b98?arch=amd64\u0026repository_url=registry.redhat.io/rhoso-operators/test-rhel9-operator\u0026tag=1.0.4-4"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rhoso-operators/barbican-rhel9-operator@sha256:9d4c302bf3ef3861b54fc401d1742e91b089e9172c28fcf7d450dac4c50f03ea_amd64 as a component of 9Base-RHOSO-1.0-PODIFIED",
"product_id": "9Base-RHOSO-1.0-PODIFIED:rhoso-operators/barbican-rhel9-operator@sha256:9d4c302bf3ef3861b54fc401d1742e91b089e9172c28fcf7d450dac4c50f03ea_amd64"
},
"product_reference": "rhoso-operators/barbican-rhel9-operator@sha256:9d4c302bf3ef3861b54fc401d1742e91b089e9172c28fcf7d450dac4c50f03ea_amd64",
"relates_to_product_reference": "9Base-RHOSO-1.0-PODIFIED"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhoso-operators/cinder-rhel9-operator@sha256:5b0a67c7eb1eeda740c1d7659eea8ab51a21427e1ba2ff1714860bc7f01a3ca6_amd64 as a component of 9Base-RHOSO-1.0-PODIFIED",
"product_id": "9Base-RHOSO-1.0-PODIFIED:rhoso-operators/cinder-rhel9-operator@sha256:5b0a67c7eb1eeda740c1d7659eea8ab51a21427e1ba2ff1714860bc7f01a3ca6_amd64"
},
"product_reference": "rhoso-operators/cinder-rhel9-operator@sha256:5b0a67c7eb1eeda740c1d7659eea8ab51a21427e1ba2ff1714860bc7f01a3ca6_amd64",
"relates_to_product_reference": "9Base-RHOSO-1.0-PODIFIED"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhoso-operators/designate-rhel9-operator@sha256:a5646a3a3d6f7584538ecddeac5537e26ae6c0f60b36df7ebae1bd527cc982c7_amd64 as a component of 9Base-RHOSO-1.0-PODIFIED",
"product_id": "9Base-RHOSO-1.0-PODIFIED:rhoso-operators/designate-rhel9-operator@sha256:a5646a3a3d6f7584538ecddeac5537e26ae6c0f60b36df7ebae1bd527cc982c7_amd64"
},
"product_reference": "rhoso-operators/designate-rhel9-operator@sha256:a5646a3a3d6f7584538ecddeac5537e26ae6c0f60b36df7ebae1bd527cc982c7_amd64",
"relates_to_product_reference": "9Base-RHOSO-1.0-PODIFIED"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhoso-operators/glance-rhel9-operator@sha256:a1c8bcc3bc80b8787bed607276084c23bc7891ddb91eba6f145779a8fe481834_amd64 as a component of 9Base-RHOSO-1.0-PODIFIED",
"product_id": "9Base-RHOSO-1.0-PODIFIED:rhoso-operators/glance-rhel9-operator@sha256:a1c8bcc3bc80b8787bed607276084c23bc7891ddb91eba6f145779a8fe481834_amd64"
},
"product_reference": "rhoso-operators/glance-rhel9-operator@sha256:a1c8bcc3bc80b8787bed607276084c23bc7891ddb91eba6f145779a8fe481834_amd64",
"relates_to_product_reference": "9Base-RHOSO-1.0-PODIFIED"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhoso-operators/heat-rhel9-operator@sha256:ea965c08c2c7d31410ed80b8eb808933cc511783f8c69b0d1bd8a17ee9abf19d_amd64 as a component of 9Base-RHOSO-1.0-PODIFIED",
"product_id": "9Base-RHOSO-1.0-PODIFIED:rhoso-operators/heat-rhel9-operator@sha256:ea965c08c2c7d31410ed80b8eb808933cc511783f8c69b0d1bd8a17ee9abf19d_amd64"
},
"product_reference": "rhoso-operators/heat-rhel9-operator@sha256:ea965c08c2c7d31410ed80b8eb808933cc511783f8c69b0d1bd8a17ee9abf19d_amd64",
"relates_to_product_reference": "9Base-RHOSO-1.0-PODIFIED"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhoso-operators/horizon-rhel9-operator@sha256:17246bbe4f31daffc1614ac6a3d5d90a552b2cdd68d757bd48be6c57d31f6c2e_amd64 as a component of 9Base-RHOSO-1.0-PODIFIED",
"product_id": "9Base-RHOSO-1.0-PODIFIED:rhoso-operators/horizon-rhel9-operator@sha256:17246bbe4f31daffc1614ac6a3d5d90a552b2cdd68d757bd48be6c57d31f6c2e_amd64"
},
"product_reference": "rhoso-operators/horizon-rhel9-operator@sha256:17246bbe4f31daffc1614ac6a3d5d90a552b2cdd68d757bd48be6c57d31f6c2e_amd64",
"relates_to_product_reference": "9Base-RHOSO-1.0-PODIFIED"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhoso-operators/infra-rhel9-operator@sha256:5c873e80bc6a33ac0244e75ef93582e22f211125ed50fd06b4537cc8db15e37e_amd64 as a component of 9Base-RHOSO-1.0-PODIFIED",
"product_id": "9Base-RHOSO-1.0-PODIFIED:rhoso-operators/infra-rhel9-operator@sha256:5c873e80bc6a33ac0244e75ef93582e22f211125ed50fd06b4537cc8db15e37e_amd64"
},
"product_reference": "rhoso-operators/infra-rhel9-operator@sha256:5c873e80bc6a33ac0244e75ef93582e22f211125ed50fd06b4537cc8db15e37e_amd64",
"relates_to_product_reference": "9Base-RHOSO-1.0-PODIFIED"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhoso-operators/ironic-rhel9-operator@sha256:030589a0e86a20a306c3e9118c3f29ee95d409fc88a1173f174c11556c6ca58c_amd64 as a component of 9Base-RHOSO-1.0-PODIFIED",
"product_id": "9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ironic-rhel9-operator@sha256:030589a0e86a20a306c3e9118c3f29ee95d409fc88a1173f174c11556c6ca58c_amd64"
},
"product_reference": "rhoso-operators/ironic-rhel9-operator@sha256:030589a0e86a20a306c3e9118c3f29ee95d409fc88a1173f174c11556c6ca58c_amd64",
"relates_to_product_reference": "9Base-RHOSO-1.0-PODIFIED"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhoso-operators/keystone-rhel9-operator@sha256:6d2d87f44b7c0b3b5aff6bc2ad112d4bcd3e5f2a2a157f449842cc9340789392_amd64 as a component of 9Base-RHOSO-1.0-PODIFIED",
"product_id": "9Base-RHOSO-1.0-PODIFIED:rhoso-operators/keystone-rhel9-operator@sha256:6d2d87f44b7c0b3b5aff6bc2ad112d4bcd3e5f2a2a157f449842cc9340789392_amd64"
},
"product_reference": "rhoso-operators/keystone-rhel9-operator@sha256:6d2d87f44b7c0b3b5aff6bc2ad112d4bcd3e5f2a2a157f449842cc9340789392_amd64",
"relates_to_product_reference": "9Base-RHOSO-1.0-PODIFIED"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhoso-operators/manila-rhel9-operator@sha256:15356683398fada9c162ccc37f150477f39a1c53f55033d07c712ad6aa317e36_amd64 as a component of 9Base-RHOSO-1.0-PODIFIED",
"product_id": "9Base-RHOSO-1.0-PODIFIED:rhoso-operators/manila-rhel9-operator@sha256:15356683398fada9c162ccc37f150477f39a1c53f55033d07c712ad6aa317e36_amd64"
},
"product_reference": "rhoso-operators/manila-rhel9-operator@sha256:15356683398fada9c162ccc37f150477f39a1c53f55033d07c712ad6aa317e36_amd64",
"relates_to_product_reference": "9Base-RHOSO-1.0-PODIFIED"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhoso-operators/mariadb-rhel9-operator@sha256:98bcc0d3c4b05d160a615165426c13bb2318597fa126c2fe9a38688d81fd4ea1_amd64 as a component of 9Base-RHOSO-1.0-PODIFIED",
"product_id": "9Base-RHOSO-1.0-PODIFIED:rhoso-operators/mariadb-rhel9-operator@sha256:98bcc0d3c4b05d160a615165426c13bb2318597fa126c2fe9a38688d81fd4ea1_amd64"
},
"product_reference": "rhoso-operators/mariadb-rhel9-operator@sha256:98bcc0d3c4b05d160a615165426c13bb2318597fa126c2fe9a38688d81fd4ea1_amd64",
"relates_to_product_reference": "9Base-RHOSO-1.0-PODIFIED"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhoso-operators/neutron-rhel9-operator@sha256:850c2f1377fa0a5a0143ed226abccbec78ed03d86adcdc1e9daaa2dd45614d49_amd64 as a component of 9Base-RHOSO-1.0-PODIFIED",
"product_id": "9Base-RHOSO-1.0-PODIFIED:rhoso-operators/neutron-rhel9-operator@sha256:850c2f1377fa0a5a0143ed226abccbec78ed03d86adcdc1e9daaa2dd45614d49_amd64"
},
"product_reference": "rhoso-operators/neutron-rhel9-operator@sha256:850c2f1377fa0a5a0143ed226abccbec78ed03d86adcdc1e9daaa2dd45614d49_amd64",
"relates_to_product_reference": "9Base-RHOSO-1.0-PODIFIED"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhoso-operators/nova-rhel9-operator@sha256:641657e9340a21d5e82e81407b2b3719df6eed8cd8334171aaa338dde86d6d52_amd64 as a component of 9Base-RHOSO-1.0-PODIFIED",
"product_id": "9Base-RHOSO-1.0-PODIFIED:rhoso-operators/nova-rhel9-operator@sha256:641657e9340a21d5e82e81407b2b3719df6eed8cd8334171aaa338dde86d6d52_amd64"
},
"product_reference": "rhoso-operators/nova-rhel9-operator@sha256:641657e9340a21d5e82e81407b2b3719df6eed8cd8334171aaa338dde86d6d52_amd64",
"relates_to_product_reference": "9Base-RHOSO-1.0-PODIFIED"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhoso-operators/octavia-rhel9-operator@sha256:605b6c299ab3bd243638a7896c2f5105fcfddbe92d1d6975ad3819f449c00709_amd64 as a component of 9Base-RHOSO-1.0-PODIFIED",
"product_id": "9Base-RHOSO-1.0-PODIFIED:rhoso-operators/octavia-rhel9-operator@sha256:605b6c299ab3bd243638a7896c2f5105fcfddbe92d1d6975ad3819f449c00709_amd64"
},
"product_reference": "rhoso-operators/octavia-rhel9-operator@sha256:605b6c299ab3bd243638a7896c2f5105fcfddbe92d1d6975ad3819f449c00709_amd64",
"relates_to_product_reference": "9Base-RHOSO-1.0-PODIFIED"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhoso-operators/openstack-baremetal-agent-rhel9@sha256:f08212d197b81bbcd1e44ffb5e20d2b7327b3b438b103e37065783f9027c020c_amd64 as a component of 9Base-RHOSO-1.0-PODIFIED",
"product_id": "9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-agent-rhel9@sha256:f08212d197b81bbcd1e44ffb5e20d2b7327b3b438b103e37065783f9027c020c_amd64"
},
"product_reference": "rhoso-operators/openstack-baremetal-agent-rhel9@sha256:f08212d197b81bbcd1e44ffb5e20d2b7327b3b438b103e37065783f9027c020c_amd64",
"relates_to_product_reference": "9Base-RHOSO-1.0-PODIFIED"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhoso-operators/openstack-baremetal-rhel9-operator@sha256:0960068ccad1929734b174c67a64e06d7afc1851123c117dc942d2873046f808_amd64 as a component of 9Base-RHOSO-1.0-PODIFIED",
"product_id": "9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-rhel9-operator@sha256:0960068ccad1929734b174c67a64e06d7afc1851123c117dc942d2873046f808_amd64"
},
"product_reference": "rhoso-operators/openstack-baremetal-rhel9-operator@sha256:0960068ccad1929734b174c67a64e06d7afc1851123c117dc942d2873046f808_amd64",
"relates_to_product_reference": "9Base-RHOSO-1.0-PODIFIED"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhoso-operators/openstack-must-gather-rhel9@sha256:586ab3bab72c0dd76418c6e4fbf49577c289430212567aab495cd7231d52e4fc_amd64 as a component of 9Base-RHOSO-1.0-PODIFIED",
"product_id": "9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-must-gather-rhel9@sha256:586ab3bab72c0dd76418c6e4fbf49577c289430212567aab495cd7231d52e4fc_amd64"
},
"product_reference": "rhoso-operators/openstack-must-gather-rhel9@sha256:586ab3bab72c0dd76418c6e4fbf49577c289430212567aab495cd7231d52e4fc_amd64",
"relates_to_product_reference": "9Base-RHOSO-1.0-PODIFIED"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhoso-operators/openstack-rhel9-operator@sha256:7d7de1bbcd1154bb6aa9c1d0e94c1413aad4714b3cbe8d6d2512bca238af3292_amd64 as a component of 9Base-RHOSO-1.0-PODIFIED",
"product_id": "9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-rhel9-operator@sha256:7d7de1bbcd1154bb6aa9c1d0e94c1413aad4714b3cbe8d6d2512bca238af3292_amd64"
},
"product_reference": "rhoso-operators/openstack-rhel9-operator@sha256:7d7de1bbcd1154bb6aa9c1d0e94c1413aad4714b3cbe8d6d2512bca238af3292_amd64",
"relates_to_product_reference": "9Base-RHOSO-1.0-PODIFIED"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhoso-operators/ovn-rhel9-operator@sha256:cca32c23677bf4ad3405d7151ced32b4963860edd50981b236b8ef636567e982_amd64 as a component of 9Base-RHOSO-1.0-PODIFIED",
"product_id": "9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ovn-rhel9-operator@sha256:cca32c23677bf4ad3405d7151ced32b4963860edd50981b236b8ef636567e982_amd64"
},
"product_reference": "rhoso-operators/ovn-rhel9-operator@sha256:cca32c23677bf4ad3405d7151ced32b4963860edd50981b236b8ef636567e982_amd64",
"relates_to_product_reference": "9Base-RHOSO-1.0-PODIFIED"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhoso-operators/placement-rhel9-operator@sha256:44c1ef6eacfa049e4846dabd182648ccad01df7f5019ac7ea9d98bc8b0e2d95f_amd64 as a component of 9Base-RHOSO-1.0-PODIFIED",
"product_id": "9Base-RHOSO-1.0-PODIFIED:rhoso-operators/placement-rhel9-operator@sha256:44c1ef6eacfa049e4846dabd182648ccad01df7f5019ac7ea9d98bc8b0e2d95f_amd64"
},
"product_reference": "rhoso-operators/placement-rhel9-operator@sha256:44c1ef6eacfa049e4846dabd182648ccad01df7f5019ac7ea9d98bc8b0e2d95f_amd64",
"relates_to_product_reference": "9Base-RHOSO-1.0-PODIFIED"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhoso-operators/rabbitmq-cluster-rhel9-operator@sha256:e9f6e20f5e7a11cea3533cebc6834ce36d20007ad3fc866c373e410c66c8195d_amd64 as a component of 9Base-RHOSO-1.0-PODIFIED",
"product_id": "9Base-RHOSO-1.0-PODIFIED:rhoso-operators/rabbitmq-cluster-rhel9-operator@sha256:e9f6e20f5e7a11cea3533cebc6834ce36d20007ad3fc866c373e410c66c8195d_amd64"
},
"product_reference": "rhoso-operators/rabbitmq-cluster-rhel9-operator@sha256:e9f6e20f5e7a11cea3533cebc6834ce36d20007ad3fc866c373e410c66c8195d_amd64",
"relates_to_product_reference": "9Base-RHOSO-1.0-PODIFIED"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhoso-operators/sg-core-rhel9@sha256:e40fac6ed64076c41c6056df02153011ea9ac575ca018aa1c9c3b8093426f6d4_amd64 as a component of 9Base-RHOSO-1.0-PODIFIED",
"product_id": "9Base-RHOSO-1.0-PODIFIED:rhoso-operators/sg-core-rhel9@sha256:e40fac6ed64076c41c6056df02153011ea9ac575ca018aa1c9c3b8093426f6d4_amd64"
},
"product_reference": "rhoso-operators/sg-core-rhel9@sha256:e40fac6ed64076c41c6056df02153011ea9ac575ca018aa1c9c3b8093426f6d4_amd64",
"relates_to_product_reference": "9Base-RHOSO-1.0-PODIFIED"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhoso-operators/swift-rhel9-operator@sha256:59483bd45a23f40462c37064ec6dc334b8366f6266aa959825d2a8ed7075ff40_amd64 as a component of 9Base-RHOSO-1.0-PODIFIED",
"product_id": "9Base-RHOSO-1.0-PODIFIED:rhoso-operators/swift-rhel9-operator@sha256:59483bd45a23f40462c37064ec6dc334b8366f6266aa959825d2a8ed7075ff40_amd64"
},
"product_reference": "rhoso-operators/swift-rhel9-operator@sha256:59483bd45a23f40462c37064ec6dc334b8366f6266aa959825d2a8ed7075ff40_amd64",
"relates_to_product_reference": "9Base-RHOSO-1.0-PODIFIED"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhoso-operators/telemetry-rhel9-operator@sha256:66fefdca3acda5f33d8eefe32abd3a2c1e3665e5ae9456683dca604524001695_amd64 as a component of 9Base-RHOSO-1.0-PODIFIED",
"product_id": "9Base-RHOSO-1.0-PODIFIED:rhoso-operators/telemetry-rhel9-operator@sha256:66fefdca3acda5f33d8eefe32abd3a2c1e3665e5ae9456683dca604524001695_amd64"
},
"product_reference": "rhoso-operators/telemetry-rhel9-operator@sha256:66fefdca3acda5f33d8eefe32abd3a2c1e3665e5ae9456683dca604524001695_amd64",
"relates_to_product_reference": "9Base-RHOSO-1.0-PODIFIED"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhoso-operators/test-rhel9-operator@sha256:e248484aaea76516e4c504439608f3ccfd5236756521156780ada8a14bf25b98_amd64 as a component of 9Base-RHOSO-1.0-PODIFIED",
"product_id": "9Base-RHOSO-1.0-PODIFIED:rhoso-operators/test-rhel9-operator@sha256:e248484aaea76516e4c504439608f3ccfd5236756521156780ada8a14bf25b98_amd64"
},
"product_reference": "rhoso-operators/test-rhel9-operator@sha256:e248484aaea76516e4c504439608f3ccfd5236756521156780ada8a14bf25b98_amd64",
"relates_to_product_reference": "9Base-RHOSO-1.0-PODIFIED"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-45289",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2024-03-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268018"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s net/http/cookiejar standard library package. When following an HTTP redirect to a domain that is not a subdomain match or an exact match of the initial domain, an http.Client does not forward sensitive headers such as \"Authorization\" or \"Cookie\". For example, a redirect from foo.com to www.foo.com will forward the Authorization header, but a redirect to bar.com will not. A maliciously crafted HTTP redirect could cause sensitive headers to be unexpectedly forwarded.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/barbican-rhel9-operator@sha256:9d4c302bf3ef3861b54fc401d1742e91b089e9172c28fcf7d450dac4c50f03ea_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/cinder-rhel9-operator@sha256:5b0a67c7eb1eeda740c1d7659eea8ab51a21427e1ba2ff1714860bc7f01a3ca6_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/designate-rhel9-operator@sha256:a5646a3a3d6f7584538ecddeac5537e26ae6c0f60b36df7ebae1bd527cc982c7_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/glance-rhel9-operator@sha256:a1c8bcc3bc80b8787bed607276084c23bc7891ddb91eba6f145779a8fe481834_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/heat-rhel9-operator@sha256:ea965c08c2c7d31410ed80b8eb808933cc511783f8c69b0d1bd8a17ee9abf19d_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/horizon-rhel9-operator@sha256:17246bbe4f31daffc1614ac6a3d5d90a552b2cdd68d757bd48be6c57d31f6c2e_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/infra-rhel9-operator@sha256:5c873e80bc6a33ac0244e75ef93582e22f211125ed50fd06b4537cc8db15e37e_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ironic-rhel9-operator@sha256:030589a0e86a20a306c3e9118c3f29ee95d409fc88a1173f174c11556c6ca58c_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/keystone-rhel9-operator@sha256:6d2d87f44b7c0b3b5aff6bc2ad112d4bcd3e5f2a2a157f449842cc9340789392_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/manila-rhel9-operator@sha256:15356683398fada9c162ccc37f150477f39a1c53f55033d07c712ad6aa317e36_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/mariadb-rhel9-operator@sha256:98bcc0d3c4b05d160a615165426c13bb2318597fa126c2fe9a38688d81fd4ea1_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/neutron-rhel9-operator@sha256:850c2f1377fa0a5a0143ed226abccbec78ed03d86adcdc1e9daaa2dd45614d49_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/nova-rhel9-operator@sha256:641657e9340a21d5e82e81407b2b3719df6eed8cd8334171aaa338dde86d6d52_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/octavia-rhel9-operator@sha256:605b6c299ab3bd243638a7896c2f5105fcfddbe92d1d6975ad3819f449c00709_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-agent-rhel9@sha256:f08212d197b81bbcd1e44ffb5e20d2b7327b3b438b103e37065783f9027c020c_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-rhel9-operator@sha256:0960068ccad1929734b174c67a64e06d7afc1851123c117dc942d2873046f808_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-must-gather-rhel9@sha256:586ab3bab72c0dd76418c6e4fbf49577c289430212567aab495cd7231d52e4fc_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-rhel9-operator@sha256:7d7de1bbcd1154bb6aa9c1d0e94c1413aad4714b3cbe8d6d2512bca238af3292_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ovn-rhel9-operator@sha256:cca32c23677bf4ad3405d7151ced32b4963860edd50981b236b8ef636567e982_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/placement-rhel9-operator@sha256:44c1ef6eacfa049e4846dabd182648ccad01df7f5019ac7ea9d98bc8b0e2d95f_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/rabbitmq-cluster-rhel9-operator@sha256:e9f6e20f5e7a11cea3533cebc6834ce36d20007ad3fc866c373e410c66c8195d_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/sg-core-rhel9@sha256:e40fac6ed64076c41c6056df02153011ea9ac575ca018aa1c9c3b8093426f6d4_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/swift-rhel9-operator@sha256:59483bd45a23f40462c37064ec6dc334b8366f6266aa959825d2a8ed7075ff40_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/telemetry-rhel9-operator@sha256:66fefdca3acda5f33d8eefe32abd3a2c1e3665e5ae9456683dca604524001695_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/test-rhel9-operator@sha256:e248484aaea76516e4c504439608f3ccfd5236756521156780ada8a14bf25b98_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-45289"
},
{
"category": "external",
"summary": "RHBZ#2268018",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268018"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-45289",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45289"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-45289",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45289"
}
],
"release_date": "2024-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-13T13:14:57+00:00",
"details": "RHOSO OpenStack Podified Control Plane Operators",
"product_ids": [
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/barbican-rhel9-operator@sha256:9d4c302bf3ef3861b54fc401d1742e91b089e9172c28fcf7d450dac4c50f03ea_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/cinder-rhel9-operator@sha256:5b0a67c7eb1eeda740c1d7659eea8ab51a21427e1ba2ff1714860bc7f01a3ca6_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/designate-rhel9-operator@sha256:a5646a3a3d6f7584538ecddeac5537e26ae6c0f60b36df7ebae1bd527cc982c7_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/glance-rhel9-operator@sha256:a1c8bcc3bc80b8787bed607276084c23bc7891ddb91eba6f145779a8fe481834_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/heat-rhel9-operator@sha256:ea965c08c2c7d31410ed80b8eb808933cc511783f8c69b0d1bd8a17ee9abf19d_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/horizon-rhel9-operator@sha256:17246bbe4f31daffc1614ac6a3d5d90a552b2cdd68d757bd48be6c57d31f6c2e_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/infra-rhel9-operator@sha256:5c873e80bc6a33ac0244e75ef93582e22f211125ed50fd06b4537cc8db15e37e_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ironic-rhel9-operator@sha256:030589a0e86a20a306c3e9118c3f29ee95d409fc88a1173f174c11556c6ca58c_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/keystone-rhel9-operator@sha256:6d2d87f44b7c0b3b5aff6bc2ad112d4bcd3e5f2a2a157f449842cc9340789392_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/manila-rhel9-operator@sha256:15356683398fada9c162ccc37f150477f39a1c53f55033d07c712ad6aa317e36_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/mariadb-rhel9-operator@sha256:98bcc0d3c4b05d160a615165426c13bb2318597fa126c2fe9a38688d81fd4ea1_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/neutron-rhel9-operator@sha256:850c2f1377fa0a5a0143ed226abccbec78ed03d86adcdc1e9daaa2dd45614d49_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/nova-rhel9-operator@sha256:641657e9340a21d5e82e81407b2b3719df6eed8cd8334171aaa338dde86d6d52_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/octavia-rhel9-operator@sha256:605b6c299ab3bd243638a7896c2f5105fcfddbe92d1d6975ad3819f449c00709_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-agent-rhel9@sha256:f08212d197b81bbcd1e44ffb5e20d2b7327b3b438b103e37065783f9027c020c_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-rhel9-operator@sha256:0960068ccad1929734b174c67a64e06d7afc1851123c117dc942d2873046f808_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-must-gather-rhel9@sha256:586ab3bab72c0dd76418c6e4fbf49577c289430212567aab495cd7231d52e4fc_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-rhel9-operator@sha256:7d7de1bbcd1154bb6aa9c1d0e94c1413aad4714b3cbe8d6d2512bca238af3292_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ovn-rhel9-operator@sha256:cca32c23677bf4ad3405d7151ced32b4963860edd50981b236b8ef636567e982_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/placement-rhel9-operator@sha256:44c1ef6eacfa049e4846dabd182648ccad01df7f5019ac7ea9d98bc8b0e2d95f_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/rabbitmq-cluster-rhel9-operator@sha256:e9f6e20f5e7a11cea3533cebc6834ce36d20007ad3fc866c373e410c66c8195d_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/sg-core-rhel9@sha256:e40fac6ed64076c41c6056df02153011ea9ac575ca018aa1c9c3b8093426f6d4_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/swift-rhel9-operator@sha256:59483bd45a23f40462c37064ec6dc334b8366f6266aa959825d2a8ed7075ff40_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/telemetry-rhel9-operator@sha256:66fefdca3acda5f33d8eefe32abd3a2c1e3665e5ae9456683dca604524001695_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/test-rhel9-operator@sha256:e248484aaea76516e4c504439608f3ccfd5236756521156780ada8a14bf25b98_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:9485"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/barbican-rhel9-operator@sha256:9d4c302bf3ef3861b54fc401d1742e91b089e9172c28fcf7d450dac4c50f03ea_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/cinder-rhel9-operator@sha256:5b0a67c7eb1eeda740c1d7659eea8ab51a21427e1ba2ff1714860bc7f01a3ca6_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/designate-rhel9-operator@sha256:a5646a3a3d6f7584538ecddeac5537e26ae6c0f60b36df7ebae1bd527cc982c7_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/glance-rhel9-operator@sha256:a1c8bcc3bc80b8787bed607276084c23bc7891ddb91eba6f145779a8fe481834_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/heat-rhel9-operator@sha256:ea965c08c2c7d31410ed80b8eb808933cc511783f8c69b0d1bd8a17ee9abf19d_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/horizon-rhel9-operator@sha256:17246bbe4f31daffc1614ac6a3d5d90a552b2cdd68d757bd48be6c57d31f6c2e_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/infra-rhel9-operator@sha256:5c873e80bc6a33ac0244e75ef93582e22f211125ed50fd06b4537cc8db15e37e_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ironic-rhel9-operator@sha256:030589a0e86a20a306c3e9118c3f29ee95d409fc88a1173f174c11556c6ca58c_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/keystone-rhel9-operator@sha256:6d2d87f44b7c0b3b5aff6bc2ad112d4bcd3e5f2a2a157f449842cc9340789392_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/manila-rhel9-operator@sha256:15356683398fada9c162ccc37f150477f39a1c53f55033d07c712ad6aa317e36_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/mariadb-rhel9-operator@sha256:98bcc0d3c4b05d160a615165426c13bb2318597fa126c2fe9a38688d81fd4ea1_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/neutron-rhel9-operator@sha256:850c2f1377fa0a5a0143ed226abccbec78ed03d86adcdc1e9daaa2dd45614d49_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/nova-rhel9-operator@sha256:641657e9340a21d5e82e81407b2b3719df6eed8cd8334171aaa338dde86d6d52_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/octavia-rhel9-operator@sha256:605b6c299ab3bd243638a7896c2f5105fcfddbe92d1d6975ad3819f449c00709_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-agent-rhel9@sha256:f08212d197b81bbcd1e44ffb5e20d2b7327b3b438b103e37065783f9027c020c_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-rhel9-operator@sha256:0960068ccad1929734b174c67a64e06d7afc1851123c117dc942d2873046f808_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-must-gather-rhel9@sha256:586ab3bab72c0dd76418c6e4fbf49577c289430212567aab495cd7231d52e4fc_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-rhel9-operator@sha256:7d7de1bbcd1154bb6aa9c1d0e94c1413aad4714b3cbe8d6d2512bca238af3292_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ovn-rhel9-operator@sha256:cca32c23677bf4ad3405d7151ced32b4963860edd50981b236b8ef636567e982_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/placement-rhel9-operator@sha256:44c1ef6eacfa049e4846dabd182648ccad01df7f5019ac7ea9d98bc8b0e2d95f_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/rabbitmq-cluster-rhel9-operator@sha256:e9f6e20f5e7a11cea3533cebc6834ce36d20007ad3fc866c373e410c66c8195d_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/sg-core-rhel9@sha256:e40fac6ed64076c41c6056df02153011ea9ac575ca018aa1c9c3b8093426f6d4_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/swift-rhel9-operator@sha256:59483bd45a23f40462c37064ec6dc334b8366f6266aa959825d2a8ed7075ff40_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/telemetry-rhel9-operator@sha256:66fefdca3acda5f33d8eefe32abd3a2c1e3665e5ae9456683dca604524001695_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/test-rhel9-operator@sha256:e248484aaea76516e4c504439608f3ccfd5236756521156780ada8a14bf25b98_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/barbican-rhel9-operator@sha256:9d4c302bf3ef3861b54fc401d1742e91b089e9172c28fcf7d450dac4c50f03ea_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/cinder-rhel9-operator@sha256:5b0a67c7eb1eeda740c1d7659eea8ab51a21427e1ba2ff1714860bc7f01a3ca6_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/designate-rhel9-operator@sha256:a5646a3a3d6f7584538ecddeac5537e26ae6c0f60b36df7ebae1bd527cc982c7_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/glance-rhel9-operator@sha256:a1c8bcc3bc80b8787bed607276084c23bc7891ddb91eba6f145779a8fe481834_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/heat-rhel9-operator@sha256:ea965c08c2c7d31410ed80b8eb808933cc511783f8c69b0d1bd8a17ee9abf19d_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/horizon-rhel9-operator@sha256:17246bbe4f31daffc1614ac6a3d5d90a552b2cdd68d757bd48be6c57d31f6c2e_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/infra-rhel9-operator@sha256:5c873e80bc6a33ac0244e75ef93582e22f211125ed50fd06b4537cc8db15e37e_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ironic-rhel9-operator@sha256:030589a0e86a20a306c3e9118c3f29ee95d409fc88a1173f174c11556c6ca58c_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/keystone-rhel9-operator@sha256:6d2d87f44b7c0b3b5aff6bc2ad112d4bcd3e5f2a2a157f449842cc9340789392_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/manila-rhel9-operator@sha256:15356683398fada9c162ccc37f150477f39a1c53f55033d07c712ad6aa317e36_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/mariadb-rhel9-operator@sha256:98bcc0d3c4b05d160a615165426c13bb2318597fa126c2fe9a38688d81fd4ea1_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/neutron-rhel9-operator@sha256:850c2f1377fa0a5a0143ed226abccbec78ed03d86adcdc1e9daaa2dd45614d49_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/nova-rhel9-operator@sha256:641657e9340a21d5e82e81407b2b3719df6eed8cd8334171aaa338dde86d6d52_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/octavia-rhel9-operator@sha256:605b6c299ab3bd243638a7896c2f5105fcfddbe92d1d6975ad3819f449c00709_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-agent-rhel9@sha256:f08212d197b81bbcd1e44ffb5e20d2b7327b3b438b103e37065783f9027c020c_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-rhel9-operator@sha256:0960068ccad1929734b174c67a64e06d7afc1851123c117dc942d2873046f808_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-must-gather-rhel9@sha256:586ab3bab72c0dd76418c6e4fbf49577c289430212567aab495cd7231d52e4fc_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-rhel9-operator@sha256:7d7de1bbcd1154bb6aa9c1d0e94c1413aad4714b3cbe8d6d2512bca238af3292_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ovn-rhel9-operator@sha256:cca32c23677bf4ad3405d7151ced32b4963860edd50981b236b8ef636567e982_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/placement-rhel9-operator@sha256:44c1ef6eacfa049e4846dabd182648ccad01df7f5019ac7ea9d98bc8b0e2d95f_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/rabbitmq-cluster-rhel9-operator@sha256:e9f6e20f5e7a11cea3533cebc6834ce36d20007ad3fc866c373e410c66c8195d_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/sg-core-rhel9@sha256:e40fac6ed64076c41c6056df02153011ea9ac575ca018aa1c9c3b8093426f6d4_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/swift-rhel9-operator@sha256:59483bd45a23f40462c37064ec6dc334b8366f6266aa959825d2a8ed7075ff40_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/telemetry-rhel9-operator@sha256:66fefdca3acda5f33d8eefe32abd3a2c1e3665e5ae9456683dca604524001695_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/test-rhel9-operator@sha256:e248484aaea76516e4c504439608f3ccfd5236756521156780ada8a14bf25b98_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect"
},
{
"cve": "CVE-2023-45290",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2024-03-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268017"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in Go\u0027s net/http standard library package. When parsing a multipart form (either explicitly with Request.ParseMultipartForm or implicitly with Request.FormValue, Request.PostFormValue, or Request.FormFile), limits on the total size of the parsed form were not applied to the memory consumed while reading a single form line. This permits a maliciously crafted input containing very long lines to cause allocation of arbitrarily large amounts of memory, potentially leading to memory exhaustion. With fix, the ParseMultipartForm function now correctly limits the maximum size of form lines.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http: golang: mime/multipart: golang: net/textproto: memory exhaustion in Request.ParseMultipartForm",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/barbican-rhel9-operator@sha256:9d4c302bf3ef3861b54fc401d1742e91b089e9172c28fcf7d450dac4c50f03ea_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/cinder-rhel9-operator@sha256:5b0a67c7eb1eeda740c1d7659eea8ab51a21427e1ba2ff1714860bc7f01a3ca6_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/designate-rhel9-operator@sha256:a5646a3a3d6f7584538ecddeac5537e26ae6c0f60b36df7ebae1bd527cc982c7_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/glance-rhel9-operator@sha256:a1c8bcc3bc80b8787bed607276084c23bc7891ddb91eba6f145779a8fe481834_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/heat-rhel9-operator@sha256:ea965c08c2c7d31410ed80b8eb808933cc511783f8c69b0d1bd8a17ee9abf19d_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/horizon-rhel9-operator@sha256:17246bbe4f31daffc1614ac6a3d5d90a552b2cdd68d757bd48be6c57d31f6c2e_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/infra-rhel9-operator@sha256:5c873e80bc6a33ac0244e75ef93582e22f211125ed50fd06b4537cc8db15e37e_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ironic-rhel9-operator@sha256:030589a0e86a20a306c3e9118c3f29ee95d409fc88a1173f174c11556c6ca58c_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/keystone-rhel9-operator@sha256:6d2d87f44b7c0b3b5aff6bc2ad112d4bcd3e5f2a2a157f449842cc9340789392_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/manila-rhel9-operator@sha256:15356683398fada9c162ccc37f150477f39a1c53f55033d07c712ad6aa317e36_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/mariadb-rhel9-operator@sha256:98bcc0d3c4b05d160a615165426c13bb2318597fa126c2fe9a38688d81fd4ea1_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/neutron-rhel9-operator@sha256:850c2f1377fa0a5a0143ed226abccbec78ed03d86adcdc1e9daaa2dd45614d49_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/nova-rhel9-operator@sha256:641657e9340a21d5e82e81407b2b3719df6eed8cd8334171aaa338dde86d6d52_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/octavia-rhel9-operator@sha256:605b6c299ab3bd243638a7896c2f5105fcfddbe92d1d6975ad3819f449c00709_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-agent-rhel9@sha256:f08212d197b81bbcd1e44ffb5e20d2b7327b3b438b103e37065783f9027c020c_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-rhel9-operator@sha256:0960068ccad1929734b174c67a64e06d7afc1851123c117dc942d2873046f808_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-must-gather-rhel9@sha256:586ab3bab72c0dd76418c6e4fbf49577c289430212567aab495cd7231d52e4fc_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-rhel9-operator@sha256:7d7de1bbcd1154bb6aa9c1d0e94c1413aad4714b3cbe8d6d2512bca238af3292_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ovn-rhel9-operator@sha256:cca32c23677bf4ad3405d7151ced32b4963860edd50981b236b8ef636567e982_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/placement-rhel9-operator@sha256:44c1ef6eacfa049e4846dabd182648ccad01df7f5019ac7ea9d98bc8b0e2d95f_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/rabbitmq-cluster-rhel9-operator@sha256:e9f6e20f5e7a11cea3533cebc6834ce36d20007ad3fc866c373e410c66c8195d_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/sg-core-rhel9@sha256:e40fac6ed64076c41c6056df02153011ea9ac575ca018aa1c9c3b8093426f6d4_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/swift-rhel9-operator@sha256:59483bd45a23f40462c37064ec6dc334b8366f6266aa959825d2a8ed7075ff40_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/telemetry-rhel9-operator@sha256:66fefdca3acda5f33d8eefe32abd3a2c1e3665e5ae9456683dca604524001695_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/test-rhel9-operator@sha256:e248484aaea76516e4c504439608f3ccfd5236756521156780ada8a14bf25b98_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-45290"
},
{
"category": "external",
"summary": "RHBZ#2268017",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268017"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-45290",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45290"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-45290",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45290"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2024/03/08/4",
"url": "http://www.openwall.com/lists/oss-security/2024/03/08/4"
},
{
"category": "external",
"summary": "https://go.dev/cl/569341",
"url": "https://go.dev/cl/569341"
},
{
"category": "external",
"summary": "https://go.dev/issue/65383",
"url": "https://go.dev/issue/65383"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg",
"url": "https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-2599",
"url": "https://pkg.go.dev/vuln/GO-2024-2599"
},
{
"category": "external",
"summary": "https://security.netapp.com/advisory/ntap-20240329-0004",
"url": "https://security.netapp.com/advisory/ntap-20240329-0004"
}
],
"release_date": "2024-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-13T13:14:57+00:00",
"details": "RHOSO OpenStack Podified Control Plane Operators",
"product_ids": [
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/barbican-rhel9-operator@sha256:9d4c302bf3ef3861b54fc401d1742e91b089e9172c28fcf7d450dac4c50f03ea_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/cinder-rhel9-operator@sha256:5b0a67c7eb1eeda740c1d7659eea8ab51a21427e1ba2ff1714860bc7f01a3ca6_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/designate-rhel9-operator@sha256:a5646a3a3d6f7584538ecddeac5537e26ae6c0f60b36df7ebae1bd527cc982c7_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/glance-rhel9-operator@sha256:a1c8bcc3bc80b8787bed607276084c23bc7891ddb91eba6f145779a8fe481834_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/heat-rhel9-operator@sha256:ea965c08c2c7d31410ed80b8eb808933cc511783f8c69b0d1bd8a17ee9abf19d_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/horizon-rhel9-operator@sha256:17246bbe4f31daffc1614ac6a3d5d90a552b2cdd68d757bd48be6c57d31f6c2e_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/infra-rhel9-operator@sha256:5c873e80bc6a33ac0244e75ef93582e22f211125ed50fd06b4537cc8db15e37e_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ironic-rhel9-operator@sha256:030589a0e86a20a306c3e9118c3f29ee95d409fc88a1173f174c11556c6ca58c_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/keystone-rhel9-operator@sha256:6d2d87f44b7c0b3b5aff6bc2ad112d4bcd3e5f2a2a157f449842cc9340789392_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/manila-rhel9-operator@sha256:15356683398fada9c162ccc37f150477f39a1c53f55033d07c712ad6aa317e36_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/mariadb-rhel9-operator@sha256:98bcc0d3c4b05d160a615165426c13bb2318597fa126c2fe9a38688d81fd4ea1_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/neutron-rhel9-operator@sha256:850c2f1377fa0a5a0143ed226abccbec78ed03d86adcdc1e9daaa2dd45614d49_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/nova-rhel9-operator@sha256:641657e9340a21d5e82e81407b2b3719df6eed8cd8334171aaa338dde86d6d52_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/octavia-rhel9-operator@sha256:605b6c299ab3bd243638a7896c2f5105fcfddbe92d1d6975ad3819f449c00709_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-agent-rhel9@sha256:f08212d197b81bbcd1e44ffb5e20d2b7327b3b438b103e37065783f9027c020c_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-rhel9-operator@sha256:0960068ccad1929734b174c67a64e06d7afc1851123c117dc942d2873046f808_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-must-gather-rhel9@sha256:586ab3bab72c0dd76418c6e4fbf49577c289430212567aab495cd7231d52e4fc_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-rhel9-operator@sha256:7d7de1bbcd1154bb6aa9c1d0e94c1413aad4714b3cbe8d6d2512bca238af3292_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ovn-rhel9-operator@sha256:cca32c23677bf4ad3405d7151ced32b4963860edd50981b236b8ef636567e982_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/placement-rhel9-operator@sha256:44c1ef6eacfa049e4846dabd182648ccad01df7f5019ac7ea9d98bc8b0e2d95f_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/rabbitmq-cluster-rhel9-operator@sha256:e9f6e20f5e7a11cea3533cebc6834ce36d20007ad3fc866c373e410c66c8195d_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/sg-core-rhel9@sha256:e40fac6ed64076c41c6056df02153011ea9ac575ca018aa1c9c3b8093426f6d4_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/swift-rhel9-operator@sha256:59483bd45a23f40462c37064ec6dc334b8366f6266aa959825d2a8ed7075ff40_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/telemetry-rhel9-operator@sha256:66fefdca3acda5f33d8eefe32abd3a2c1e3665e5ae9456683dca604524001695_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/test-rhel9-operator@sha256:e248484aaea76516e4c504439608f3ccfd5236756521156780ada8a14bf25b98_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:9485"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/barbican-rhel9-operator@sha256:9d4c302bf3ef3861b54fc401d1742e91b089e9172c28fcf7d450dac4c50f03ea_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/cinder-rhel9-operator@sha256:5b0a67c7eb1eeda740c1d7659eea8ab51a21427e1ba2ff1714860bc7f01a3ca6_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/designate-rhel9-operator@sha256:a5646a3a3d6f7584538ecddeac5537e26ae6c0f60b36df7ebae1bd527cc982c7_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/glance-rhel9-operator@sha256:a1c8bcc3bc80b8787bed607276084c23bc7891ddb91eba6f145779a8fe481834_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/heat-rhel9-operator@sha256:ea965c08c2c7d31410ed80b8eb808933cc511783f8c69b0d1bd8a17ee9abf19d_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/horizon-rhel9-operator@sha256:17246bbe4f31daffc1614ac6a3d5d90a552b2cdd68d757bd48be6c57d31f6c2e_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/infra-rhel9-operator@sha256:5c873e80bc6a33ac0244e75ef93582e22f211125ed50fd06b4537cc8db15e37e_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ironic-rhel9-operator@sha256:030589a0e86a20a306c3e9118c3f29ee95d409fc88a1173f174c11556c6ca58c_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/keystone-rhel9-operator@sha256:6d2d87f44b7c0b3b5aff6bc2ad112d4bcd3e5f2a2a157f449842cc9340789392_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/manila-rhel9-operator@sha256:15356683398fada9c162ccc37f150477f39a1c53f55033d07c712ad6aa317e36_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/mariadb-rhel9-operator@sha256:98bcc0d3c4b05d160a615165426c13bb2318597fa126c2fe9a38688d81fd4ea1_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/neutron-rhel9-operator@sha256:850c2f1377fa0a5a0143ed226abccbec78ed03d86adcdc1e9daaa2dd45614d49_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/nova-rhel9-operator@sha256:641657e9340a21d5e82e81407b2b3719df6eed8cd8334171aaa338dde86d6d52_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/octavia-rhel9-operator@sha256:605b6c299ab3bd243638a7896c2f5105fcfddbe92d1d6975ad3819f449c00709_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-agent-rhel9@sha256:f08212d197b81bbcd1e44ffb5e20d2b7327b3b438b103e37065783f9027c020c_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-rhel9-operator@sha256:0960068ccad1929734b174c67a64e06d7afc1851123c117dc942d2873046f808_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-must-gather-rhel9@sha256:586ab3bab72c0dd76418c6e4fbf49577c289430212567aab495cd7231d52e4fc_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-rhel9-operator@sha256:7d7de1bbcd1154bb6aa9c1d0e94c1413aad4714b3cbe8d6d2512bca238af3292_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ovn-rhel9-operator@sha256:cca32c23677bf4ad3405d7151ced32b4963860edd50981b236b8ef636567e982_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/placement-rhel9-operator@sha256:44c1ef6eacfa049e4846dabd182648ccad01df7f5019ac7ea9d98bc8b0e2d95f_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/rabbitmq-cluster-rhel9-operator@sha256:e9f6e20f5e7a11cea3533cebc6834ce36d20007ad3fc866c373e410c66c8195d_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/sg-core-rhel9@sha256:e40fac6ed64076c41c6056df02153011ea9ac575ca018aa1c9c3b8093426f6d4_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/swift-rhel9-operator@sha256:59483bd45a23f40462c37064ec6dc334b8366f6266aa959825d2a8ed7075ff40_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/telemetry-rhel9-operator@sha256:66fefdca3acda5f33d8eefe32abd3a2c1e3665e5ae9456683dca604524001695_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/test-rhel9-operator@sha256:e248484aaea76516e4c504439608f3ccfd5236756521156780ada8a14bf25b98_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/barbican-rhel9-operator@sha256:9d4c302bf3ef3861b54fc401d1742e91b089e9172c28fcf7d450dac4c50f03ea_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/cinder-rhel9-operator@sha256:5b0a67c7eb1eeda740c1d7659eea8ab51a21427e1ba2ff1714860bc7f01a3ca6_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/designate-rhel9-operator@sha256:a5646a3a3d6f7584538ecddeac5537e26ae6c0f60b36df7ebae1bd527cc982c7_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/glance-rhel9-operator@sha256:a1c8bcc3bc80b8787bed607276084c23bc7891ddb91eba6f145779a8fe481834_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/heat-rhel9-operator@sha256:ea965c08c2c7d31410ed80b8eb808933cc511783f8c69b0d1bd8a17ee9abf19d_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/horizon-rhel9-operator@sha256:17246bbe4f31daffc1614ac6a3d5d90a552b2cdd68d757bd48be6c57d31f6c2e_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/infra-rhel9-operator@sha256:5c873e80bc6a33ac0244e75ef93582e22f211125ed50fd06b4537cc8db15e37e_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ironic-rhel9-operator@sha256:030589a0e86a20a306c3e9118c3f29ee95d409fc88a1173f174c11556c6ca58c_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/keystone-rhel9-operator@sha256:6d2d87f44b7c0b3b5aff6bc2ad112d4bcd3e5f2a2a157f449842cc9340789392_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/manila-rhel9-operator@sha256:15356683398fada9c162ccc37f150477f39a1c53f55033d07c712ad6aa317e36_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/mariadb-rhel9-operator@sha256:98bcc0d3c4b05d160a615165426c13bb2318597fa126c2fe9a38688d81fd4ea1_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/neutron-rhel9-operator@sha256:850c2f1377fa0a5a0143ed226abccbec78ed03d86adcdc1e9daaa2dd45614d49_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/nova-rhel9-operator@sha256:641657e9340a21d5e82e81407b2b3719df6eed8cd8334171aaa338dde86d6d52_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/octavia-rhel9-operator@sha256:605b6c299ab3bd243638a7896c2f5105fcfddbe92d1d6975ad3819f449c00709_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-agent-rhel9@sha256:f08212d197b81bbcd1e44ffb5e20d2b7327b3b438b103e37065783f9027c020c_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-rhel9-operator@sha256:0960068ccad1929734b174c67a64e06d7afc1851123c117dc942d2873046f808_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-must-gather-rhel9@sha256:586ab3bab72c0dd76418c6e4fbf49577c289430212567aab495cd7231d52e4fc_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-rhel9-operator@sha256:7d7de1bbcd1154bb6aa9c1d0e94c1413aad4714b3cbe8d6d2512bca238af3292_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ovn-rhel9-operator@sha256:cca32c23677bf4ad3405d7151ced32b4963860edd50981b236b8ef636567e982_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/placement-rhel9-operator@sha256:44c1ef6eacfa049e4846dabd182648ccad01df7f5019ac7ea9d98bc8b0e2d95f_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/rabbitmq-cluster-rhel9-operator@sha256:e9f6e20f5e7a11cea3533cebc6834ce36d20007ad3fc866c373e410c66c8195d_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/sg-core-rhel9@sha256:e40fac6ed64076c41c6056df02153011ea9ac575ca018aa1c9c3b8093426f6d4_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/swift-rhel9-operator@sha256:59483bd45a23f40462c37064ec6dc334b8366f6266aa959825d2a8ed7075ff40_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/telemetry-rhel9-operator@sha256:66fefdca3acda5f33d8eefe32abd3a2c1e3665e5ae9456683dca604524001695_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/test-rhel9-operator@sha256:e248484aaea76516e4c504439608f3ccfd5236756521156780ada8a14bf25b98_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http: golang: mime/multipart: golang: net/textproto: memory exhaustion in Request.ParseMultipartForm"
},
{
"cve": "CVE-2024-24783",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-03-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268019"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s crypto/x509 standard library package. Verifying a certificate chain that contains a certificate with an unknown public key algorithm will cause a Certificate.Verify to panic. This issue affects all crypto/tls clients and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/barbican-rhel9-operator@sha256:9d4c302bf3ef3861b54fc401d1742e91b089e9172c28fcf7d450dac4c50f03ea_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/cinder-rhel9-operator@sha256:5b0a67c7eb1eeda740c1d7659eea8ab51a21427e1ba2ff1714860bc7f01a3ca6_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/designate-rhel9-operator@sha256:a5646a3a3d6f7584538ecddeac5537e26ae6c0f60b36df7ebae1bd527cc982c7_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/glance-rhel9-operator@sha256:a1c8bcc3bc80b8787bed607276084c23bc7891ddb91eba6f145779a8fe481834_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/heat-rhel9-operator@sha256:ea965c08c2c7d31410ed80b8eb808933cc511783f8c69b0d1bd8a17ee9abf19d_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/horizon-rhel9-operator@sha256:17246bbe4f31daffc1614ac6a3d5d90a552b2cdd68d757bd48be6c57d31f6c2e_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/infra-rhel9-operator@sha256:5c873e80bc6a33ac0244e75ef93582e22f211125ed50fd06b4537cc8db15e37e_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ironic-rhel9-operator@sha256:030589a0e86a20a306c3e9118c3f29ee95d409fc88a1173f174c11556c6ca58c_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/keystone-rhel9-operator@sha256:6d2d87f44b7c0b3b5aff6bc2ad112d4bcd3e5f2a2a157f449842cc9340789392_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/manila-rhel9-operator@sha256:15356683398fada9c162ccc37f150477f39a1c53f55033d07c712ad6aa317e36_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/mariadb-rhel9-operator@sha256:98bcc0d3c4b05d160a615165426c13bb2318597fa126c2fe9a38688d81fd4ea1_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/neutron-rhel9-operator@sha256:850c2f1377fa0a5a0143ed226abccbec78ed03d86adcdc1e9daaa2dd45614d49_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/nova-rhel9-operator@sha256:641657e9340a21d5e82e81407b2b3719df6eed8cd8334171aaa338dde86d6d52_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/octavia-rhel9-operator@sha256:605b6c299ab3bd243638a7896c2f5105fcfddbe92d1d6975ad3819f449c00709_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-agent-rhel9@sha256:f08212d197b81bbcd1e44ffb5e20d2b7327b3b438b103e37065783f9027c020c_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-rhel9-operator@sha256:0960068ccad1929734b174c67a64e06d7afc1851123c117dc942d2873046f808_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-must-gather-rhel9@sha256:586ab3bab72c0dd76418c6e4fbf49577c289430212567aab495cd7231d52e4fc_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-rhel9-operator@sha256:7d7de1bbcd1154bb6aa9c1d0e94c1413aad4714b3cbe8d6d2512bca238af3292_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ovn-rhel9-operator@sha256:cca32c23677bf4ad3405d7151ced32b4963860edd50981b236b8ef636567e982_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/placement-rhel9-operator@sha256:44c1ef6eacfa049e4846dabd182648ccad01df7f5019ac7ea9d98bc8b0e2d95f_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/rabbitmq-cluster-rhel9-operator@sha256:e9f6e20f5e7a11cea3533cebc6834ce36d20007ad3fc866c373e410c66c8195d_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/sg-core-rhel9@sha256:e40fac6ed64076c41c6056df02153011ea9ac575ca018aa1c9c3b8093426f6d4_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/swift-rhel9-operator@sha256:59483bd45a23f40462c37064ec6dc334b8366f6266aa959825d2a8ed7075ff40_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/telemetry-rhel9-operator@sha256:66fefdca3acda5f33d8eefe32abd3a2c1e3665e5ae9456683dca604524001695_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/test-rhel9-operator@sha256:e248484aaea76516e4c504439608f3ccfd5236756521156780ada8a14bf25b98_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-24783"
},
{
"category": "external",
"summary": "RHBZ#2268019",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268019"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-24783",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24783"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24783",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24783"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2024/03/08/4",
"url": "http://www.openwall.com/lists/oss-security/2024/03/08/4"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-3q2c-pvp5-3cqp",
"url": "https://github.com/advisories/GHSA-3q2c-pvp5-3cqp"
},
{
"category": "external",
"summary": "https://go.dev/cl/569339",
"url": "https://go.dev/cl/569339"
},
{
"category": "external",
"summary": "https://go.dev/issue/65390",
"url": "https://go.dev/issue/65390"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg",
"url": "https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-2598",
"url": "https://pkg.go.dev/vuln/GO-2024-2598"
},
{
"category": "external",
"summary": "https://security.netapp.com/advisory/ntap-20240329-0005",
"url": "https://security.netapp.com/advisory/ntap-20240329-0005"
}
],
"release_date": "2024-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-13T13:14:57+00:00",
"details": "RHOSO OpenStack Podified Control Plane Operators",
"product_ids": [
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/barbican-rhel9-operator@sha256:9d4c302bf3ef3861b54fc401d1742e91b089e9172c28fcf7d450dac4c50f03ea_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/cinder-rhel9-operator@sha256:5b0a67c7eb1eeda740c1d7659eea8ab51a21427e1ba2ff1714860bc7f01a3ca6_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/designate-rhel9-operator@sha256:a5646a3a3d6f7584538ecddeac5537e26ae6c0f60b36df7ebae1bd527cc982c7_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/glance-rhel9-operator@sha256:a1c8bcc3bc80b8787bed607276084c23bc7891ddb91eba6f145779a8fe481834_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/heat-rhel9-operator@sha256:ea965c08c2c7d31410ed80b8eb808933cc511783f8c69b0d1bd8a17ee9abf19d_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/horizon-rhel9-operator@sha256:17246bbe4f31daffc1614ac6a3d5d90a552b2cdd68d757bd48be6c57d31f6c2e_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/infra-rhel9-operator@sha256:5c873e80bc6a33ac0244e75ef93582e22f211125ed50fd06b4537cc8db15e37e_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ironic-rhel9-operator@sha256:030589a0e86a20a306c3e9118c3f29ee95d409fc88a1173f174c11556c6ca58c_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/keystone-rhel9-operator@sha256:6d2d87f44b7c0b3b5aff6bc2ad112d4bcd3e5f2a2a157f449842cc9340789392_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/manila-rhel9-operator@sha256:15356683398fada9c162ccc37f150477f39a1c53f55033d07c712ad6aa317e36_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/mariadb-rhel9-operator@sha256:98bcc0d3c4b05d160a615165426c13bb2318597fa126c2fe9a38688d81fd4ea1_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/neutron-rhel9-operator@sha256:850c2f1377fa0a5a0143ed226abccbec78ed03d86adcdc1e9daaa2dd45614d49_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/nova-rhel9-operator@sha256:641657e9340a21d5e82e81407b2b3719df6eed8cd8334171aaa338dde86d6d52_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/octavia-rhel9-operator@sha256:605b6c299ab3bd243638a7896c2f5105fcfddbe92d1d6975ad3819f449c00709_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-agent-rhel9@sha256:f08212d197b81bbcd1e44ffb5e20d2b7327b3b438b103e37065783f9027c020c_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-rhel9-operator@sha256:0960068ccad1929734b174c67a64e06d7afc1851123c117dc942d2873046f808_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-must-gather-rhel9@sha256:586ab3bab72c0dd76418c6e4fbf49577c289430212567aab495cd7231d52e4fc_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-rhel9-operator@sha256:7d7de1bbcd1154bb6aa9c1d0e94c1413aad4714b3cbe8d6d2512bca238af3292_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ovn-rhel9-operator@sha256:cca32c23677bf4ad3405d7151ced32b4963860edd50981b236b8ef636567e982_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/placement-rhel9-operator@sha256:44c1ef6eacfa049e4846dabd182648ccad01df7f5019ac7ea9d98bc8b0e2d95f_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/rabbitmq-cluster-rhel9-operator@sha256:e9f6e20f5e7a11cea3533cebc6834ce36d20007ad3fc866c373e410c66c8195d_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/sg-core-rhel9@sha256:e40fac6ed64076c41c6056df02153011ea9ac575ca018aa1c9c3b8093426f6d4_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/swift-rhel9-operator@sha256:59483bd45a23f40462c37064ec6dc334b8366f6266aa959825d2a8ed7075ff40_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/telemetry-rhel9-operator@sha256:66fefdca3acda5f33d8eefe32abd3a2c1e3665e5ae9456683dca604524001695_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/test-rhel9-operator@sha256:e248484aaea76516e4c504439608f3ccfd5236756521156780ada8a14bf25b98_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:9485"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/barbican-rhel9-operator@sha256:9d4c302bf3ef3861b54fc401d1742e91b089e9172c28fcf7d450dac4c50f03ea_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/cinder-rhel9-operator@sha256:5b0a67c7eb1eeda740c1d7659eea8ab51a21427e1ba2ff1714860bc7f01a3ca6_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/designate-rhel9-operator@sha256:a5646a3a3d6f7584538ecddeac5537e26ae6c0f60b36df7ebae1bd527cc982c7_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/glance-rhel9-operator@sha256:a1c8bcc3bc80b8787bed607276084c23bc7891ddb91eba6f145779a8fe481834_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/heat-rhel9-operator@sha256:ea965c08c2c7d31410ed80b8eb808933cc511783f8c69b0d1bd8a17ee9abf19d_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/horizon-rhel9-operator@sha256:17246bbe4f31daffc1614ac6a3d5d90a552b2cdd68d757bd48be6c57d31f6c2e_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/infra-rhel9-operator@sha256:5c873e80bc6a33ac0244e75ef93582e22f211125ed50fd06b4537cc8db15e37e_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ironic-rhel9-operator@sha256:030589a0e86a20a306c3e9118c3f29ee95d409fc88a1173f174c11556c6ca58c_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/keystone-rhel9-operator@sha256:6d2d87f44b7c0b3b5aff6bc2ad112d4bcd3e5f2a2a157f449842cc9340789392_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/manila-rhel9-operator@sha256:15356683398fada9c162ccc37f150477f39a1c53f55033d07c712ad6aa317e36_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/mariadb-rhel9-operator@sha256:98bcc0d3c4b05d160a615165426c13bb2318597fa126c2fe9a38688d81fd4ea1_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/neutron-rhel9-operator@sha256:850c2f1377fa0a5a0143ed226abccbec78ed03d86adcdc1e9daaa2dd45614d49_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/nova-rhel9-operator@sha256:641657e9340a21d5e82e81407b2b3719df6eed8cd8334171aaa338dde86d6d52_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/octavia-rhel9-operator@sha256:605b6c299ab3bd243638a7896c2f5105fcfddbe92d1d6975ad3819f449c00709_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-agent-rhel9@sha256:f08212d197b81bbcd1e44ffb5e20d2b7327b3b438b103e37065783f9027c020c_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-rhel9-operator@sha256:0960068ccad1929734b174c67a64e06d7afc1851123c117dc942d2873046f808_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-must-gather-rhel9@sha256:586ab3bab72c0dd76418c6e4fbf49577c289430212567aab495cd7231d52e4fc_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-rhel9-operator@sha256:7d7de1bbcd1154bb6aa9c1d0e94c1413aad4714b3cbe8d6d2512bca238af3292_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ovn-rhel9-operator@sha256:cca32c23677bf4ad3405d7151ced32b4963860edd50981b236b8ef636567e982_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/placement-rhel9-operator@sha256:44c1ef6eacfa049e4846dabd182648ccad01df7f5019ac7ea9d98bc8b0e2d95f_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/rabbitmq-cluster-rhel9-operator@sha256:e9f6e20f5e7a11cea3533cebc6834ce36d20007ad3fc866c373e410c66c8195d_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/sg-core-rhel9@sha256:e40fac6ed64076c41c6056df02153011ea9ac575ca018aa1c9c3b8093426f6d4_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/swift-rhel9-operator@sha256:59483bd45a23f40462c37064ec6dc334b8366f6266aa959825d2a8ed7075ff40_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/telemetry-rhel9-operator@sha256:66fefdca3acda5f33d8eefe32abd3a2c1e3665e5ae9456683dca604524001695_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/test-rhel9-operator@sha256:e248484aaea76516e4c504439608f3ccfd5236756521156780ada8a14bf25b98_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/barbican-rhel9-operator@sha256:9d4c302bf3ef3861b54fc401d1742e91b089e9172c28fcf7d450dac4c50f03ea_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/cinder-rhel9-operator@sha256:5b0a67c7eb1eeda740c1d7659eea8ab51a21427e1ba2ff1714860bc7f01a3ca6_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/designate-rhel9-operator@sha256:a5646a3a3d6f7584538ecddeac5537e26ae6c0f60b36df7ebae1bd527cc982c7_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/glance-rhel9-operator@sha256:a1c8bcc3bc80b8787bed607276084c23bc7891ddb91eba6f145779a8fe481834_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/heat-rhel9-operator@sha256:ea965c08c2c7d31410ed80b8eb808933cc511783f8c69b0d1bd8a17ee9abf19d_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/horizon-rhel9-operator@sha256:17246bbe4f31daffc1614ac6a3d5d90a552b2cdd68d757bd48be6c57d31f6c2e_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/infra-rhel9-operator@sha256:5c873e80bc6a33ac0244e75ef93582e22f211125ed50fd06b4537cc8db15e37e_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ironic-rhel9-operator@sha256:030589a0e86a20a306c3e9118c3f29ee95d409fc88a1173f174c11556c6ca58c_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/keystone-rhel9-operator@sha256:6d2d87f44b7c0b3b5aff6bc2ad112d4bcd3e5f2a2a157f449842cc9340789392_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/manila-rhel9-operator@sha256:15356683398fada9c162ccc37f150477f39a1c53f55033d07c712ad6aa317e36_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/mariadb-rhel9-operator@sha256:98bcc0d3c4b05d160a615165426c13bb2318597fa126c2fe9a38688d81fd4ea1_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/neutron-rhel9-operator@sha256:850c2f1377fa0a5a0143ed226abccbec78ed03d86adcdc1e9daaa2dd45614d49_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/nova-rhel9-operator@sha256:641657e9340a21d5e82e81407b2b3719df6eed8cd8334171aaa338dde86d6d52_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/octavia-rhel9-operator@sha256:605b6c299ab3bd243638a7896c2f5105fcfddbe92d1d6975ad3819f449c00709_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-agent-rhel9@sha256:f08212d197b81bbcd1e44ffb5e20d2b7327b3b438b103e37065783f9027c020c_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-rhel9-operator@sha256:0960068ccad1929734b174c67a64e06d7afc1851123c117dc942d2873046f808_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-must-gather-rhel9@sha256:586ab3bab72c0dd76418c6e4fbf49577c289430212567aab495cd7231d52e4fc_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-rhel9-operator@sha256:7d7de1bbcd1154bb6aa9c1d0e94c1413aad4714b3cbe8d6d2512bca238af3292_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ovn-rhel9-operator@sha256:cca32c23677bf4ad3405d7151ced32b4963860edd50981b236b8ef636567e982_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/placement-rhel9-operator@sha256:44c1ef6eacfa049e4846dabd182648ccad01df7f5019ac7ea9d98bc8b0e2d95f_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/rabbitmq-cluster-rhel9-operator@sha256:e9f6e20f5e7a11cea3533cebc6834ce36d20007ad3fc866c373e410c66c8195d_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/sg-core-rhel9@sha256:e40fac6ed64076c41c6056df02153011ea9ac575ca018aa1c9c3b8093426f6d4_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/swift-rhel9-operator@sha256:59483bd45a23f40462c37064ec6dc334b8366f6266aa959825d2a8ed7075ff40_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/telemetry-rhel9-operator@sha256:66fefdca3acda5f33d8eefe32abd3a2c1e3665e5ae9456683dca604524001695_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/test-rhel9-operator@sha256:e248484aaea76516e4c504439608f3ccfd5236756521156780ada8a14bf25b98_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm"
},
{
"cve": "CVE-2024-24784",
"cwe": {
"id": "CWE-115",
"name": "Misinterpretation of Input"
},
"discovery_date": "2024-03-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268021"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s net/mail standard library package. The ParseAddressList function incorrectly handles comments (text within parentheses) within display names. Since this is a misalignment with conforming address parsers, it can result in different trust decisions made by programs using different parsers.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/mail: comments in display names are incorrectly handled",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/barbican-rhel9-operator@sha256:9d4c302bf3ef3861b54fc401d1742e91b089e9172c28fcf7d450dac4c50f03ea_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/cinder-rhel9-operator@sha256:5b0a67c7eb1eeda740c1d7659eea8ab51a21427e1ba2ff1714860bc7f01a3ca6_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/designate-rhel9-operator@sha256:a5646a3a3d6f7584538ecddeac5537e26ae6c0f60b36df7ebae1bd527cc982c7_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/glance-rhel9-operator@sha256:a1c8bcc3bc80b8787bed607276084c23bc7891ddb91eba6f145779a8fe481834_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/heat-rhel9-operator@sha256:ea965c08c2c7d31410ed80b8eb808933cc511783f8c69b0d1bd8a17ee9abf19d_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/horizon-rhel9-operator@sha256:17246bbe4f31daffc1614ac6a3d5d90a552b2cdd68d757bd48be6c57d31f6c2e_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/infra-rhel9-operator@sha256:5c873e80bc6a33ac0244e75ef93582e22f211125ed50fd06b4537cc8db15e37e_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ironic-rhel9-operator@sha256:030589a0e86a20a306c3e9118c3f29ee95d409fc88a1173f174c11556c6ca58c_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/keystone-rhel9-operator@sha256:6d2d87f44b7c0b3b5aff6bc2ad112d4bcd3e5f2a2a157f449842cc9340789392_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/manila-rhel9-operator@sha256:15356683398fada9c162ccc37f150477f39a1c53f55033d07c712ad6aa317e36_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/mariadb-rhel9-operator@sha256:98bcc0d3c4b05d160a615165426c13bb2318597fa126c2fe9a38688d81fd4ea1_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/neutron-rhel9-operator@sha256:850c2f1377fa0a5a0143ed226abccbec78ed03d86adcdc1e9daaa2dd45614d49_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/nova-rhel9-operator@sha256:641657e9340a21d5e82e81407b2b3719df6eed8cd8334171aaa338dde86d6d52_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/octavia-rhel9-operator@sha256:605b6c299ab3bd243638a7896c2f5105fcfddbe92d1d6975ad3819f449c00709_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-agent-rhel9@sha256:f08212d197b81bbcd1e44ffb5e20d2b7327b3b438b103e37065783f9027c020c_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-rhel9-operator@sha256:0960068ccad1929734b174c67a64e06d7afc1851123c117dc942d2873046f808_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-must-gather-rhel9@sha256:586ab3bab72c0dd76418c6e4fbf49577c289430212567aab495cd7231d52e4fc_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-rhel9-operator@sha256:7d7de1bbcd1154bb6aa9c1d0e94c1413aad4714b3cbe8d6d2512bca238af3292_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ovn-rhel9-operator@sha256:cca32c23677bf4ad3405d7151ced32b4963860edd50981b236b8ef636567e982_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/placement-rhel9-operator@sha256:44c1ef6eacfa049e4846dabd182648ccad01df7f5019ac7ea9d98bc8b0e2d95f_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/rabbitmq-cluster-rhel9-operator@sha256:e9f6e20f5e7a11cea3533cebc6834ce36d20007ad3fc866c373e410c66c8195d_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/sg-core-rhel9@sha256:e40fac6ed64076c41c6056df02153011ea9ac575ca018aa1c9c3b8093426f6d4_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/swift-rhel9-operator@sha256:59483bd45a23f40462c37064ec6dc334b8366f6266aa959825d2a8ed7075ff40_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/telemetry-rhel9-operator@sha256:66fefdca3acda5f33d8eefe32abd3a2c1e3665e5ae9456683dca604524001695_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/test-rhel9-operator@sha256:e248484aaea76516e4c504439608f3ccfd5236756521156780ada8a14bf25b98_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-24784"
},
{
"category": "external",
"summary": "RHBZ#2268021",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268021"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-24784",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24784"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24784",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24784"
}
],
"release_date": "2024-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-13T13:14:57+00:00",
"details": "RHOSO OpenStack Podified Control Plane Operators",
"product_ids": [
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/barbican-rhel9-operator@sha256:9d4c302bf3ef3861b54fc401d1742e91b089e9172c28fcf7d450dac4c50f03ea_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/cinder-rhel9-operator@sha256:5b0a67c7eb1eeda740c1d7659eea8ab51a21427e1ba2ff1714860bc7f01a3ca6_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/designate-rhel9-operator@sha256:a5646a3a3d6f7584538ecddeac5537e26ae6c0f60b36df7ebae1bd527cc982c7_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/glance-rhel9-operator@sha256:a1c8bcc3bc80b8787bed607276084c23bc7891ddb91eba6f145779a8fe481834_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/heat-rhel9-operator@sha256:ea965c08c2c7d31410ed80b8eb808933cc511783f8c69b0d1bd8a17ee9abf19d_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/horizon-rhel9-operator@sha256:17246bbe4f31daffc1614ac6a3d5d90a552b2cdd68d757bd48be6c57d31f6c2e_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/infra-rhel9-operator@sha256:5c873e80bc6a33ac0244e75ef93582e22f211125ed50fd06b4537cc8db15e37e_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ironic-rhel9-operator@sha256:030589a0e86a20a306c3e9118c3f29ee95d409fc88a1173f174c11556c6ca58c_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/keystone-rhel9-operator@sha256:6d2d87f44b7c0b3b5aff6bc2ad112d4bcd3e5f2a2a157f449842cc9340789392_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/manila-rhel9-operator@sha256:15356683398fada9c162ccc37f150477f39a1c53f55033d07c712ad6aa317e36_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/mariadb-rhel9-operator@sha256:98bcc0d3c4b05d160a615165426c13bb2318597fa126c2fe9a38688d81fd4ea1_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/neutron-rhel9-operator@sha256:850c2f1377fa0a5a0143ed226abccbec78ed03d86adcdc1e9daaa2dd45614d49_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/nova-rhel9-operator@sha256:641657e9340a21d5e82e81407b2b3719df6eed8cd8334171aaa338dde86d6d52_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/octavia-rhel9-operator@sha256:605b6c299ab3bd243638a7896c2f5105fcfddbe92d1d6975ad3819f449c00709_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-agent-rhel9@sha256:f08212d197b81bbcd1e44ffb5e20d2b7327b3b438b103e37065783f9027c020c_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-rhel9-operator@sha256:0960068ccad1929734b174c67a64e06d7afc1851123c117dc942d2873046f808_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-must-gather-rhel9@sha256:586ab3bab72c0dd76418c6e4fbf49577c289430212567aab495cd7231d52e4fc_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-rhel9-operator@sha256:7d7de1bbcd1154bb6aa9c1d0e94c1413aad4714b3cbe8d6d2512bca238af3292_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ovn-rhel9-operator@sha256:cca32c23677bf4ad3405d7151ced32b4963860edd50981b236b8ef636567e982_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/placement-rhel9-operator@sha256:44c1ef6eacfa049e4846dabd182648ccad01df7f5019ac7ea9d98bc8b0e2d95f_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/rabbitmq-cluster-rhel9-operator@sha256:e9f6e20f5e7a11cea3533cebc6834ce36d20007ad3fc866c373e410c66c8195d_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/sg-core-rhel9@sha256:e40fac6ed64076c41c6056df02153011ea9ac575ca018aa1c9c3b8093426f6d4_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/swift-rhel9-operator@sha256:59483bd45a23f40462c37064ec6dc334b8366f6266aa959825d2a8ed7075ff40_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/telemetry-rhel9-operator@sha256:66fefdca3acda5f33d8eefe32abd3a2c1e3665e5ae9456683dca604524001695_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/test-rhel9-operator@sha256:e248484aaea76516e4c504439608f3ccfd5236756521156780ada8a14bf25b98_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:9485"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/barbican-rhel9-operator@sha256:9d4c302bf3ef3861b54fc401d1742e91b089e9172c28fcf7d450dac4c50f03ea_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/cinder-rhel9-operator@sha256:5b0a67c7eb1eeda740c1d7659eea8ab51a21427e1ba2ff1714860bc7f01a3ca6_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/designate-rhel9-operator@sha256:a5646a3a3d6f7584538ecddeac5537e26ae6c0f60b36df7ebae1bd527cc982c7_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/glance-rhel9-operator@sha256:a1c8bcc3bc80b8787bed607276084c23bc7891ddb91eba6f145779a8fe481834_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/heat-rhel9-operator@sha256:ea965c08c2c7d31410ed80b8eb808933cc511783f8c69b0d1bd8a17ee9abf19d_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/horizon-rhel9-operator@sha256:17246bbe4f31daffc1614ac6a3d5d90a552b2cdd68d757bd48be6c57d31f6c2e_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/infra-rhel9-operator@sha256:5c873e80bc6a33ac0244e75ef93582e22f211125ed50fd06b4537cc8db15e37e_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ironic-rhel9-operator@sha256:030589a0e86a20a306c3e9118c3f29ee95d409fc88a1173f174c11556c6ca58c_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/keystone-rhel9-operator@sha256:6d2d87f44b7c0b3b5aff6bc2ad112d4bcd3e5f2a2a157f449842cc9340789392_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/manila-rhel9-operator@sha256:15356683398fada9c162ccc37f150477f39a1c53f55033d07c712ad6aa317e36_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/mariadb-rhel9-operator@sha256:98bcc0d3c4b05d160a615165426c13bb2318597fa126c2fe9a38688d81fd4ea1_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/neutron-rhel9-operator@sha256:850c2f1377fa0a5a0143ed226abccbec78ed03d86adcdc1e9daaa2dd45614d49_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/nova-rhel9-operator@sha256:641657e9340a21d5e82e81407b2b3719df6eed8cd8334171aaa338dde86d6d52_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/octavia-rhel9-operator@sha256:605b6c299ab3bd243638a7896c2f5105fcfddbe92d1d6975ad3819f449c00709_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-agent-rhel9@sha256:f08212d197b81bbcd1e44ffb5e20d2b7327b3b438b103e37065783f9027c020c_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-rhel9-operator@sha256:0960068ccad1929734b174c67a64e06d7afc1851123c117dc942d2873046f808_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-must-gather-rhel9@sha256:586ab3bab72c0dd76418c6e4fbf49577c289430212567aab495cd7231d52e4fc_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-rhel9-operator@sha256:7d7de1bbcd1154bb6aa9c1d0e94c1413aad4714b3cbe8d6d2512bca238af3292_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ovn-rhel9-operator@sha256:cca32c23677bf4ad3405d7151ced32b4963860edd50981b236b8ef636567e982_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/placement-rhel9-operator@sha256:44c1ef6eacfa049e4846dabd182648ccad01df7f5019ac7ea9d98bc8b0e2d95f_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/rabbitmq-cluster-rhel9-operator@sha256:e9f6e20f5e7a11cea3533cebc6834ce36d20007ad3fc866c373e410c66c8195d_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/sg-core-rhel9@sha256:e40fac6ed64076c41c6056df02153011ea9ac575ca018aa1c9c3b8093426f6d4_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/swift-rhel9-operator@sha256:59483bd45a23f40462c37064ec6dc334b8366f6266aa959825d2a8ed7075ff40_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/telemetry-rhel9-operator@sha256:66fefdca3acda5f33d8eefe32abd3a2c1e3665e5ae9456683dca604524001695_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/test-rhel9-operator@sha256:e248484aaea76516e4c504439608f3ccfd5236756521156780ada8a14bf25b98_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/barbican-rhel9-operator@sha256:9d4c302bf3ef3861b54fc401d1742e91b089e9172c28fcf7d450dac4c50f03ea_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/cinder-rhel9-operator@sha256:5b0a67c7eb1eeda740c1d7659eea8ab51a21427e1ba2ff1714860bc7f01a3ca6_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/designate-rhel9-operator@sha256:a5646a3a3d6f7584538ecddeac5537e26ae6c0f60b36df7ebae1bd527cc982c7_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/glance-rhel9-operator@sha256:a1c8bcc3bc80b8787bed607276084c23bc7891ddb91eba6f145779a8fe481834_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/heat-rhel9-operator@sha256:ea965c08c2c7d31410ed80b8eb808933cc511783f8c69b0d1bd8a17ee9abf19d_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/horizon-rhel9-operator@sha256:17246bbe4f31daffc1614ac6a3d5d90a552b2cdd68d757bd48be6c57d31f6c2e_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/infra-rhel9-operator@sha256:5c873e80bc6a33ac0244e75ef93582e22f211125ed50fd06b4537cc8db15e37e_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ironic-rhel9-operator@sha256:030589a0e86a20a306c3e9118c3f29ee95d409fc88a1173f174c11556c6ca58c_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/keystone-rhel9-operator@sha256:6d2d87f44b7c0b3b5aff6bc2ad112d4bcd3e5f2a2a157f449842cc9340789392_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/manila-rhel9-operator@sha256:15356683398fada9c162ccc37f150477f39a1c53f55033d07c712ad6aa317e36_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/mariadb-rhel9-operator@sha256:98bcc0d3c4b05d160a615165426c13bb2318597fa126c2fe9a38688d81fd4ea1_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/neutron-rhel9-operator@sha256:850c2f1377fa0a5a0143ed226abccbec78ed03d86adcdc1e9daaa2dd45614d49_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/nova-rhel9-operator@sha256:641657e9340a21d5e82e81407b2b3719df6eed8cd8334171aaa338dde86d6d52_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/octavia-rhel9-operator@sha256:605b6c299ab3bd243638a7896c2f5105fcfddbe92d1d6975ad3819f449c00709_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-agent-rhel9@sha256:f08212d197b81bbcd1e44ffb5e20d2b7327b3b438b103e37065783f9027c020c_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-rhel9-operator@sha256:0960068ccad1929734b174c67a64e06d7afc1851123c117dc942d2873046f808_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-must-gather-rhel9@sha256:586ab3bab72c0dd76418c6e4fbf49577c289430212567aab495cd7231d52e4fc_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-rhel9-operator@sha256:7d7de1bbcd1154bb6aa9c1d0e94c1413aad4714b3cbe8d6d2512bca238af3292_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ovn-rhel9-operator@sha256:cca32c23677bf4ad3405d7151ced32b4963860edd50981b236b8ef636567e982_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/placement-rhel9-operator@sha256:44c1ef6eacfa049e4846dabd182648ccad01df7f5019ac7ea9d98bc8b0e2d95f_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/rabbitmq-cluster-rhel9-operator@sha256:e9f6e20f5e7a11cea3533cebc6834ce36d20007ad3fc866c373e410c66c8195d_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/sg-core-rhel9@sha256:e40fac6ed64076c41c6056df02153011ea9ac575ca018aa1c9c3b8093426f6d4_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/swift-rhel9-operator@sha256:59483bd45a23f40462c37064ec6dc334b8366f6266aa959825d2a8ed7075ff40_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/telemetry-rhel9-operator@sha256:66fefdca3acda5f33d8eefe32abd3a2c1e3665e5ae9456683dca604524001695_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/test-rhel9-operator@sha256:e248484aaea76516e4c504439608f3ccfd5236756521156780ada8a14bf25b98_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/mail: comments in display names are incorrectly handled"
},
{
"cve": "CVE-2024-24785",
"cwe": {
"id": "CWE-74",
"name": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)"
},
"discovery_date": "2024-03-05T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268022"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s html/template standard library package. If errors returned from MarshalJSON methods contain user-controlled data, they may be used to break the contextual auto-escaping behavior of the html/template package, allowing subsequent actions to inject unexpected content into templates.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: html/template: errors returned from MarshalJSON methods may break template escaping",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/barbican-rhel9-operator@sha256:9d4c302bf3ef3861b54fc401d1742e91b089e9172c28fcf7d450dac4c50f03ea_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/cinder-rhel9-operator@sha256:5b0a67c7eb1eeda740c1d7659eea8ab51a21427e1ba2ff1714860bc7f01a3ca6_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/designate-rhel9-operator@sha256:a5646a3a3d6f7584538ecddeac5537e26ae6c0f60b36df7ebae1bd527cc982c7_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/glance-rhel9-operator@sha256:a1c8bcc3bc80b8787bed607276084c23bc7891ddb91eba6f145779a8fe481834_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/heat-rhel9-operator@sha256:ea965c08c2c7d31410ed80b8eb808933cc511783f8c69b0d1bd8a17ee9abf19d_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/horizon-rhel9-operator@sha256:17246bbe4f31daffc1614ac6a3d5d90a552b2cdd68d757bd48be6c57d31f6c2e_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/infra-rhel9-operator@sha256:5c873e80bc6a33ac0244e75ef93582e22f211125ed50fd06b4537cc8db15e37e_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ironic-rhel9-operator@sha256:030589a0e86a20a306c3e9118c3f29ee95d409fc88a1173f174c11556c6ca58c_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/keystone-rhel9-operator@sha256:6d2d87f44b7c0b3b5aff6bc2ad112d4bcd3e5f2a2a157f449842cc9340789392_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/manila-rhel9-operator@sha256:15356683398fada9c162ccc37f150477f39a1c53f55033d07c712ad6aa317e36_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/mariadb-rhel9-operator@sha256:98bcc0d3c4b05d160a615165426c13bb2318597fa126c2fe9a38688d81fd4ea1_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/neutron-rhel9-operator@sha256:850c2f1377fa0a5a0143ed226abccbec78ed03d86adcdc1e9daaa2dd45614d49_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/nova-rhel9-operator@sha256:641657e9340a21d5e82e81407b2b3719df6eed8cd8334171aaa338dde86d6d52_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/octavia-rhel9-operator@sha256:605b6c299ab3bd243638a7896c2f5105fcfddbe92d1d6975ad3819f449c00709_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-agent-rhel9@sha256:f08212d197b81bbcd1e44ffb5e20d2b7327b3b438b103e37065783f9027c020c_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-rhel9-operator@sha256:0960068ccad1929734b174c67a64e06d7afc1851123c117dc942d2873046f808_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-must-gather-rhel9@sha256:586ab3bab72c0dd76418c6e4fbf49577c289430212567aab495cd7231d52e4fc_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-rhel9-operator@sha256:7d7de1bbcd1154bb6aa9c1d0e94c1413aad4714b3cbe8d6d2512bca238af3292_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ovn-rhel9-operator@sha256:cca32c23677bf4ad3405d7151ced32b4963860edd50981b236b8ef636567e982_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/placement-rhel9-operator@sha256:44c1ef6eacfa049e4846dabd182648ccad01df7f5019ac7ea9d98bc8b0e2d95f_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/rabbitmq-cluster-rhel9-operator@sha256:e9f6e20f5e7a11cea3533cebc6834ce36d20007ad3fc866c373e410c66c8195d_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/sg-core-rhel9@sha256:e40fac6ed64076c41c6056df02153011ea9ac575ca018aa1c9c3b8093426f6d4_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/swift-rhel9-operator@sha256:59483bd45a23f40462c37064ec6dc334b8366f6266aa959825d2a8ed7075ff40_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/telemetry-rhel9-operator@sha256:66fefdca3acda5f33d8eefe32abd3a2c1e3665e5ae9456683dca604524001695_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/test-rhel9-operator@sha256:e248484aaea76516e4c504439608f3ccfd5236756521156780ada8a14bf25b98_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-24785"
},
{
"category": "external",
"summary": "RHBZ#2268022",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268022"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-24785",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24785"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24785",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24785"
},
{
"category": "external",
"summary": "https://go.dev/cl/564196",
"url": "https://go.dev/cl/564196"
},
{
"category": "external",
"summary": "https://go.dev/issue/65697",
"url": "https://go.dev/issue/65697"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg",
"url": "https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg"
},
{
"category": "external",
"summary": "https://vuln.go.dev/ID/GO-2024-2610.json",
"url": "https://vuln.go.dev/ID/GO-2024-2610.json"
}
],
"release_date": "2024-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-13T13:14:57+00:00",
"details": "RHOSO OpenStack Podified Control Plane Operators",
"product_ids": [
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/barbican-rhel9-operator@sha256:9d4c302bf3ef3861b54fc401d1742e91b089e9172c28fcf7d450dac4c50f03ea_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/cinder-rhel9-operator@sha256:5b0a67c7eb1eeda740c1d7659eea8ab51a21427e1ba2ff1714860bc7f01a3ca6_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/designate-rhel9-operator@sha256:a5646a3a3d6f7584538ecddeac5537e26ae6c0f60b36df7ebae1bd527cc982c7_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/glance-rhel9-operator@sha256:a1c8bcc3bc80b8787bed607276084c23bc7891ddb91eba6f145779a8fe481834_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/heat-rhel9-operator@sha256:ea965c08c2c7d31410ed80b8eb808933cc511783f8c69b0d1bd8a17ee9abf19d_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/horizon-rhel9-operator@sha256:17246bbe4f31daffc1614ac6a3d5d90a552b2cdd68d757bd48be6c57d31f6c2e_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/infra-rhel9-operator@sha256:5c873e80bc6a33ac0244e75ef93582e22f211125ed50fd06b4537cc8db15e37e_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ironic-rhel9-operator@sha256:030589a0e86a20a306c3e9118c3f29ee95d409fc88a1173f174c11556c6ca58c_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/keystone-rhel9-operator@sha256:6d2d87f44b7c0b3b5aff6bc2ad112d4bcd3e5f2a2a157f449842cc9340789392_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/manila-rhel9-operator@sha256:15356683398fada9c162ccc37f150477f39a1c53f55033d07c712ad6aa317e36_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/mariadb-rhel9-operator@sha256:98bcc0d3c4b05d160a615165426c13bb2318597fa126c2fe9a38688d81fd4ea1_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/neutron-rhel9-operator@sha256:850c2f1377fa0a5a0143ed226abccbec78ed03d86adcdc1e9daaa2dd45614d49_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/nova-rhel9-operator@sha256:641657e9340a21d5e82e81407b2b3719df6eed8cd8334171aaa338dde86d6d52_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/octavia-rhel9-operator@sha256:605b6c299ab3bd243638a7896c2f5105fcfddbe92d1d6975ad3819f449c00709_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-agent-rhel9@sha256:f08212d197b81bbcd1e44ffb5e20d2b7327b3b438b103e37065783f9027c020c_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-rhel9-operator@sha256:0960068ccad1929734b174c67a64e06d7afc1851123c117dc942d2873046f808_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-must-gather-rhel9@sha256:586ab3bab72c0dd76418c6e4fbf49577c289430212567aab495cd7231d52e4fc_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-rhel9-operator@sha256:7d7de1bbcd1154bb6aa9c1d0e94c1413aad4714b3cbe8d6d2512bca238af3292_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ovn-rhel9-operator@sha256:cca32c23677bf4ad3405d7151ced32b4963860edd50981b236b8ef636567e982_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/placement-rhel9-operator@sha256:44c1ef6eacfa049e4846dabd182648ccad01df7f5019ac7ea9d98bc8b0e2d95f_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/rabbitmq-cluster-rhel9-operator@sha256:e9f6e20f5e7a11cea3533cebc6834ce36d20007ad3fc866c373e410c66c8195d_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/sg-core-rhel9@sha256:e40fac6ed64076c41c6056df02153011ea9ac575ca018aa1c9c3b8093426f6d4_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/swift-rhel9-operator@sha256:59483bd45a23f40462c37064ec6dc334b8366f6266aa959825d2a8ed7075ff40_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/telemetry-rhel9-operator@sha256:66fefdca3acda5f33d8eefe32abd3a2c1e3665e5ae9456683dca604524001695_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/test-rhel9-operator@sha256:e248484aaea76516e4c504439608f3ccfd5236756521156780ada8a14bf25b98_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:9485"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/barbican-rhel9-operator@sha256:9d4c302bf3ef3861b54fc401d1742e91b089e9172c28fcf7d450dac4c50f03ea_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/cinder-rhel9-operator@sha256:5b0a67c7eb1eeda740c1d7659eea8ab51a21427e1ba2ff1714860bc7f01a3ca6_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/designate-rhel9-operator@sha256:a5646a3a3d6f7584538ecddeac5537e26ae6c0f60b36df7ebae1bd527cc982c7_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/glance-rhel9-operator@sha256:a1c8bcc3bc80b8787bed607276084c23bc7891ddb91eba6f145779a8fe481834_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/heat-rhel9-operator@sha256:ea965c08c2c7d31410ed80b8eb808933cc511783f8c69b0d1bd8a17ee9abf19d_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/horizon-rhel9-operator@sha256:17246bbe4f31daffc1614ac6a3d5d90a552b2cdd68d757bd48be6c57d31f6c2e_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/infra-rhel9-operator@sha256:5c873e80bc6a33ac0244e75ef93582e22f211125ed50fd06b4537cc8db15e37e_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ironic-rhel9-operator@sha256:030589a0e86a20a306c3e9118c3f29ee95d409fc88a1173f174c11556c6ca58c_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/keystone-rhel9-operator@sha256:6d2d87f44b7c0b3b5aff6bc2ad112d4bcd3e5f2a2a157f449842cc9340789392_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/manila-rhel9-operator@sha256:15356683398fada9c162ccc37f150477f39a1c53f55033d07c712ad6aa317e36_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/mariadb-rhel9-operator@sha256:98bcc0d3c4b05d160a615165426c13bb2318597fa126c2fe9a38688d81fd4ea1_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/neutron-rhel9-operator@sha256:850c2f1377fa0a5a0143ed226abccbec78ed03d86adcdc1e9daaa2dd45614d49_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/nova-rhel9-operator@sha256:641657e9340a21d5e82e81407b2b3719df6eed8cd8334171aaa338dde86d6d52_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/octavia-rhel9-operator@sha256:605b6c299ab3bd243638a7896c2f5105fcfddbe92d1d6975ad3819f449c00709_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-agent-rhel9@sha256:f08212d197b81bbcd1e44ffb5e20d2b7327b3b438b103e37065783f9027c020c_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-rhel9-operator@sha256:0960068ccad1929734b174c67a64e06d7afc1851123c117dc942d2873046f808_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-must-gather-rhel9@sha256:586ab3bab72c0dd76418c6e4fbf49577c289430212567aab495cd7231d52e4fc_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-rhel9-operator@sha256:7d7de1bbcd1154bb6aa9c1d0e94c1413aad4714b3cbe8d6d2512bca238af3292_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ovn-rhel9-operator@sha256:cca32c23677bf4ad3405d7151ced32b4963860edd50981b236b8ef636567e982_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/placement-rhel9-operator@sha256:44c1ef6eacfa049e4846dabd182648ccad01df7f5019ac7ea9d98bc8b0e2d95f_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/rabbitmq-cluster-rhel9-operator@sha256:e9f6e20f5e7a11cea3533cebc6834ce36d20007ad3fc866c373e410c66c8195d_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/sg-core-rhel9@sha256:e40fac6ed64076c41c6056df02153011ea9ac575ca018aa1c9c3b8093426f6d4_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/swift-rhel9-operator@sha256:59483bd45a23f40462c37064ec6dc334b8366f6266aa959825d2a8ed7075ff40_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/telemetry-rhel9-operator@sha256:66fefdca3acda5f33d8eefe32abd3a2c1e3665e5ae9456683dca604524001695_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/test-rhel9-operator@sha256:e248484aaea76516e4c504439608f3ccfd5236756521156780ada8a14bf25b98_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/barbican-rhel9-operator@sha256:9d4c302bf3ef3861b54fc401d1742e91b089e9172c28fcf7d450dac4c50f03ea_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/cinder-rhel9-operator@sha256:5b0a67c7eb1eeda740c1d7659eea8ab51a21427e1ba2ff1714860bc7f01a3ca6_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/designate-rhel9-operator@sha256:a5646a3a3d6f7584538ecddeac5537e26ae6c0f60b36df7ebae1bd527cc982c7_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/glance-rhel9-operator@sha256:a1c8bcc3bc80b8787bed607276084c23bc7891ddb91eba6f145779a8fe481834_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/heat-rhel9-operator@sha256:ea965c08c2c7d31410ed80b8eb808933cc511783f8c69b0d1bd8a17ee9abf19d_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/horizon-rhel9-operator@sha256:17246bbe4f31daffc1614ac6a3d5d90a552b2cdd68d757bd48be6c57d31f6c2e_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/infra-rhel9-operator@sha256:5c873e80bc6a33ac0244e75ef93582e22f211125ed50fd06b4537cc8db15e37e_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ironic-rhel9-operator@sha256:030589a0e86a20a306c3e9118c3f29ee95d409fc88a1173f174c11556c6ca58c_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/keystone-rhel9-operator@sha256:6d2d87f44b7c0b3b5aff6bc2ad112d4bcd3e5f2a2a157f449842cc9340789392_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/manila-rhel9-operator@sha256:15356683398fada9c162ccc37f150477f39a1c53f55033d07c712ad6aa317e36_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/mariadb-rhel9-operator@sha256:98bcc0d3c4b05d160a615165426c13bb2318597fa126c2fe9a38688d81fd4ea1_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/neutron-rhel9-operator@sha256:850c2f1377fa0a5a0143ed226abccbec78ed03d86adcdc1e9daaa2dd45614d49_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/nova-rhel9-operator@sha256:641657e9340a21d5e82e81407b2b3719df6eed8cd8334171aaa338dde86d6d52_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/octavia-rhel9-operator@sha256:605b6c299ab3bd243638a7896c2f5105fcfddbe92d1d6975ad3819f449c00709_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-agent-rhel9@sha256:f08212d197b81bbcd1e44ffb5e20d2b7327b3b438b103e37065783f9027c020c_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-rhel9-operator@sha256:0960068ccad1929734b174c67a64e06d7afc1851123c117dc942d2873046f808_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-must-gather-rhel9@sha256:586ab3bab72c0dd76418c6e4fbf49577c289430212567aab495cd7231d52e4fc_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-rhel9-operator@sha256:7d7de1bbcd1154bb6aa9c1d0e94c1413aad4714b3cbe8d6d2512bca238af3292_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ovn-rhel9-operator@sha256:cca32c23677bf4ad3405d7151ced32b4963860edd50981b236b8ef636567e982_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/placement-rhel9-operator@sha256:44c1ef6eacfa049e4846dabd182648ccad01df7f5019ac7ea9d98bc8b0e2d95f_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/rabbitmq-cluster-rhel9-operator@sha256:e9f6e20f5e7a11cea3533cebc6834ce36d20007ad3fc866c373e410c66c8195d_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/sg-core-rhel9@sha256:e40fac6ed64076c41c6056df02153011ea9ac575ca018aa1c9c3b8093426f6d4_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/swift-rhel9-operator@sha256:59483bd45a23f40462c37064ec6dc334b8366f6266aa959825d2a8ed7075ff40_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/telemetry-rhel9-operator@sha256:66fefdca3acda5f33d8eefe32abd3a2c1e3665e5ae9456683dca604524001695_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/test-rhel9-operator@sha256:e248484aaea76516e4c504439608f3ccfd5236756521156780ada8a14bf25b98_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: html/template: errors returned from MarshalJSON methods may break template escaping"
},
{
"cve": "CVE-2024-24788",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2024-05-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2279814"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net package of the Go stdlib. When a malformed DNS message is received as a response to a query, the Lookup functions within the net package can get stuck in an infinite loop. This issue can lead to resource exhaustion and denial of service (DoS) conditions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net: malformed DNS message can cause infinite loop",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/barbican-rhel9-operator@sha256:9d4c302bf3ef3861b54fc401d1742e91b089e9172c28fcf7d450dac4c50f03ea_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/cinder-rhel9-operator@sha256:5b0a67c7eb1eeda740c1d7659eea8ab51a21427e1ba2ff1714860bc7f01a3ca6_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/designate-rhel9-operator@sha256:a5646a3a3d6f7584538ecddeac5537e26ae6c0f60b36df7ebae1bd527cc982c7_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/glance-rhel9-operator@sha256:a1c8bcc3bc80b8787bed607276084c23bc7891ddb91eba6f145779a8fe481834_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/heat-rhel9-operator@sha256:ea965c08c2c7d31410ed80b8eb808933cc511783f8c69b0d1bd8a17ee9abf19d_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/horizon-rhel9-operator@sha256:17246bbe4f31daffc1614ac6a3d5d90a552b2cdd68d757bd48be6c57d31f6c2e_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/infra-rhel9-operator@sha256:5c873e80bc6a33ac0244e75ef93582e22f211125ed50fd06b4537cc8db15e37e_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ironic-rhel9-operator@sha256:030589a0e86a20a306c3e9118c3f29ee95d409fc88a1173f174c11556c6ca58c_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/keystone-rhel9-operator@sha256:6d2d87f44b7c0b3b5aff6bc2ad112d4bcd3e5f2a2a157f449842cc9340789392_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/manila-rhel9-operator@sha256:15356683398fada9c162ccc37f150477f39a1c53f55033d07c712ad6aa317e36_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/mariadb-rhel9-operator@sha256:98bcc0d3c4b05d160a615165426c13bb2318597fa126c2fe9a38688d81fd4ea1_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/neutron-rhel9-operator@sha256:850c2f1377fa0a5a0143ed226abccbec78ed03d86adcdc1e9daaa2dd45614d49_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/nova-rhel9-operator@sha256:641657e9340a21d5e82e81407b2b3719df6eed8cd8334171aaa338dde86d6d52_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/octavia-rhel9-operator@sha256:605b6c299ab3bd243638a7896c2f5105fcfddbe92d1d6975ad3819f449c00709_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-agent-rhel9@sha256:f08212d197b81bbcd1e44ffb5e20d2b7327b3b438b103e37065783f9027c020c_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-rhel9-operator@sha256:0960068ccad1929734b174c67a64e06d7afc1851123c117dc942d2873046f808_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-must-gather-rhel9@sha256:586ab3bab72c0dd76418c6e4fbf49577c289430212567aab495cd7231d52e4fc_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-rhel9-operator@sha256:7d7de1bbcd1154bb6aa9c1d0e94c1413aad4714b3cbe8d6d2512bca238af3292_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ovn-rhel9-operator@sha256:cca32c23677bf4ad3405d7151ced32b4963860edd50981b236b8ef636567e982_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/placement-rhel9-operator@sha256:44c1ef6eacfa049e4846dabd182648ccad01df7f5019ac7ea9d98bc8b0e2d95f_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/rabbitmq-cluster-rhel9-operator@sha256:e9f6e20f5e7a11cea3533cebc6834ce36d20007ad3fc866c373e410c66c8195d_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/sg-core-rhel9@sha256:e40fac6ed64076c41c6056df02153011ea9ac575ca018aa1c9c3b8093426f6d4_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/swift-rhel9-operator@sha256:59483bd45a23f40462c37064ec6dc334b8366f6266aa959825d2a8ed7075ff40_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/telemetry-rhel9-operator@sha256:66fefdca3acda5f33d8eefe32abd3a2c1e3665e5ae9456683dca604524001695_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/test-rhel9-operator@sha256:e248484aaea76516e4c504439608f3ccfd5236756521156780ada8a14bf25b98_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-24788"
},
{
"category": "external",
"summary": "RHBZ#2279814",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2279814"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-24788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24788"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-2824",
"url": "https://pkg.go.dev/vuln/GO-2024-2824"
}
],
"release_date": "2024-05-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-13T13:14:57+00:00",
"details": "RHOSO OpenStack Podified Control Plane Operators",
"product_ids": [
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/barbican-rhel9-operator@sha256:9d4c302bf3ef3861b54fc401d1742e91b089e9172c28fcf7d450dac4c50f03ea_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/cinder-rhel9-operator@sha256:5b0a67c7eb1eeda740c1d7659eea8ab51a21427e1ba2ff1714860bc7f01a3ca6_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/designate-rhel9-operator@sha256:a5646a3a3d6f7584538ecddeac5537e26ae6c0f60b36df7ebae1bd527cc982c7_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/glance-rhel9-operator@sha256:a1c8bcc3bc80b8787bed607276084c23bc7891ddb91eba6f145779a8fe481834_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/heat-rhel9-operator@sha256:ea965c08c2c7d31410ed80b8eb808933cc511783f8c69b0d1bd8a17ee9abf19d_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/horizon-rhel9-operator@sha256:17246bbe4f31daffc1614ac6a3d5d90a552b2cdd68d757bd48be6c57d31f6c2e_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/infra-rhel9-operator@sha256:5c873e80bc6a33ac0244e75ef93582e22f211125ed50fd06b4537cc8db15e37e_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ironic-rhel9-operator@sha256:030589a0e86a20a306c3e9118c3f29ee95d409fc88a1173f174c11556c6ca58c_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/keystone-rhel9-operator@sha256:6d2d87f44b7c0b3b5aff6bc2ad112d4bcd3e5f2a2a157f449842cc9340789392_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/manila-rhel9-operator@sha256:15356683398fada9c162ccc37f150477f39a1c53f55033d07c712ad6aa317e36_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/mariadb-rhel9-operator@sha256:98bcc0d3c4b05d160a615165426c13bb2318597fa126c2fe9a38688d81fd4ea1_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/neutron-rhel9-operator@sha256:850c2f1377fa0a5a0143ed226abccbec78ed03d86adcdc1e9daaa2dd45614d49_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/nova-rhel9-operator@sha256:641657e9340a21d5e82e81407b2b3719df6eed8cd8334171aaa338dde86d6d52_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/octavia-rhel9-operator@sha256:605b6c299ab3bd243638a7896c2f5105fcfddbe92d1d6975ad3819f449c00709_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-agent-rhel9@sha256:f08212d197b81bbcd1e44ffb5e20d2b7327b3b438b103e37065783f9027c020c_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-rhel9-operator@sha256:0960068ccad1929734b174c67a64e06d7afc1851123c117dc942d2873046f808_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-must-gather-rhel9@sha256:586ab3bab72c0dd76418c6e4fbf49577c289430212567aab495cd7231d52e4fc_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-rhel9-operator@sha256:7d7de1bbcd1154bb6aa9c1d0e94c1413aad4714b3cbe8d6d2512bca238af3292_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ovn-rhel9-operator@sha256:cca32c23677bf4ad3405d7151ced32b4963860edd50981b236b8ef636567e982_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/placement-rhel9-operator@sha256:44c1ef6eacfa049e4846dabd182648ccad01df7f5019ac7ea9d98bc8b0e2d95f_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/rabbitmq-cluster-rhel9-operator@sha256:e9f6e20f5e7a11cea3533cebc6834ce36d20007ad3fc866c373e410c66c8195d_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/sg-core-rhel9@sha256:e40fac6ed64076c41c6056df02153011ea9ac575ca018aa1c9c3b8093426f6d4_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/swift-rhel9-operator@sha256:59483bd45a23f40462c37064ec6dc334b8366f6266aa959825d2a8ed7075ff40_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/telemetry-rhel9-operator@sha256:66fefdca3acda5f33d8eefe32abd3a2c1e3665e5ae9456683dca604524001695_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/test-rhel9-operator@sha256:e248484aaea76516e4c504439608f3ccfd5236756521156780ada8a14bf25b98_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:9485"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/barbican-rhel9-operator@sha256:9d4c302bf3ef3861b54fc401d1742e91b089e9172c28fcf7d450dac4c50f03ea_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/cinder-rhel9-operator@sha256:5b0a67c7eb1eeda740c1d7659eea8ab51a21427e1ba2ff1714860bc7f01a3ca6_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/designate-rhel9-operator@sha256:a5646a3a3d6f7584538ecddeac5537e26ae6c0f60b36df7ebae1bd527cc982c7_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/glance-rhel9-operator@sha256:a1c8bcc3bc80b8787bed607276084c23bc7891ddb91eba6f145779a8fe481834_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/heat-rhel9-operator@sha256:ea965c08c2c7d31410ed80b8eb808933cc511783f8c69b0d1bd8a17ee9abf19d_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/horizon-rhel9-operator@sha256:17246bbe4f31daffc1614ac6a3d5d90a552b2cdd68d757bd48be6c57d31f6c2e_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/infra-rhel9-operator@sha256:5c873e80bc6a33ac0244e75ef93582e22f211125ed50fd06b4537cc8db15e37e_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ironic-rhel9-operator@sha256:030589a0e86a20a306c3e9118c3f29ee95d409fc88a1173f174c11556c6ca58c_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/keystone-rhel9-operator@sha256:6d2d87f44b7c0b3b5aff6bc2ad112d4bcd3e5f2a2a157f449842cc9340789392_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/manila-rhel9-operator@sha256:15356683398fada9c162ccc37f150477f39a1c53f55033d07c712ad6aa317e36_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/mariadb-rhel9-operator@sha256:98bcc0d3c4b05d160a615165426c13bb2318597fa126c2fe9a38688d81fd4ea1_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/neutron-rhel9-operator@sha256:850c2f1377fa0a5a0143ed226abccbec78ed03d86adcdc1e9daaa2dd45614d49_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/nova-rhel9-operator@sha256:641657e9340a21d5e82e81407b2b3719df6eed8cd8334171aaa338dde86d6d52_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/octavia-rhel9-operator@sha256:605b6c299ab3bd243638a7896c2f5105fcfddbe92d1d6975ad3819f449c00709_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-agent-rhel9@sha256:f08212d197b81bbcd1e44ffb5e20d2b7327b3b438b103e37065783f9027c020c_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-rhel9-operator@sha256:0960068ccad1929734b174c67a64e06d7afc1851123c117dc942d2873046f808_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-must-gather-rhel9@sha256:586ab3bab72c0dd76418c6e4fbf49577c289430212567aab495cd7231d52e4fc_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-rhel9-operator@sha256:7d7de1bbcd1154bb6aa9c1d0e94c1413aad4714b3cbe8d6d2512bca238af3292_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ovn-rhel9-operator@sha256:cca32c23677bf4ad3405d7151ced32b4963860edd50981b236b8ef636567e982_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/placement-rhel9-operator@sha256:44c1ef6eacfa049e4846dabd182648ccad01df7f5019ac7ea9d98bc8b0e2d95f_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/rabbitmq-cluster-rhel9-operator@sha256:e9f6e20f5e7a11cea3533cebc6834ce36d20007ad3fc866c373e410c66c8195d_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/sg-core-rhel9@sha256:e40fac6ed64076c41c6056df02153011ea9ac575ca018aa1c9c3b8093426f6d4_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/swift-rhel9-operator@sha256:59483bd45a23f40462c37064ec6dc334b8366f6266aa959825d2a8ed7075ff40_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/telemetry-rhel9-operator@sha256:66fefdca3acda5f33d8eefe32abd3a2c1e3665e5ae9456683dca604524001695_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/test-rhel9-operator@sha256:e248484aaea76516e4c504439608f3ccfd5236756521156780ada8a14bf25b98_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/barbican-rhel9-operator@sha256:9d4c302bf3ef3861b54fc401d1742e91b089e9172c28fcf7d450dac4c50f03ea_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/cinder-rhel9-operator@sha256:5b0a67c7eb1eeda740c1d7659eea8ab51a21427e1ba2ff1714860bc7f01a3ca6_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/designate-rhel9-operator@sha256:a5646a3a3d6f7584538ecddeac5537e26ae6c0f60b36df7ebae1bd527cc982c7_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/glance-rhel9-operator@sha256:a1c8bcc3bc80b8787bed607276084c23bc7891ddb91eba6f145779a8fe481834_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/heat-rhel9-operator@sha256:ea965c08c2c7d31410ed80b8eb808933cc511783f8c69b0d1bd8a17ee9abf19d_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/horizon-rhel9-operator@sha256:17246bbe4f31daffc1614ac6a3d5d90a552b2cdd68d757bd48be6c57d31f6c2e_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/infra-rhel9-operator@sha256:5c873e80bc6a33ac0244e75ef93582e22f211125ed50fd06b4537cc8db15e37e_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ironic-rhel9-operator@sha256:030589a0e86a20a306c3e9118c3f29ee95d409fc88a1173f174c11556c6ca58c_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/keystone-rhel9-operator@sha256:6d2d87f44b7c0b3b5aff6bc2ad112d4bcd3e5f2a2a157f449842cc9340789392_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/manila-rhel9-operator@sha256:15356683398fada9c162ccc37f150477f39a1c53f55033d07c712ad6aa317e36_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/mariadb-rhel9-operator@sha256:98bcc0d3c4b05d160a615165426c13bb2318597fa126c2fe9a38688d81fd4ea1_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/neutron-rhel9-operator@sha256:850c2f1377fa0a5a0143ed226abccbec78ed03d86adcdc1e9daaa2dd45614d49_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/nova-rhel9-operator@sha256:641657e9340a21d5e82e81407b2b3719df6eed8cd8334171aaa338dde86d6d52_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/octavia-rhel9-operator@sha256:605b6c299ab3bd243638a7896c2f5105fcfddbe92d1d6975ad3819f449c00709_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-agent-rhel9@sha256:f08212d197b81bbcd1e44ffb5e20d2b7327b3b438b103e37065783f9027c020c_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-rhel9-operator@sha256:0960068ccad1929734b174c67a64e06d7afc1851123c117dc942d2873046f808_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-must-gather-rhel9@sha256:586ab3bab72c0dd76418c6e4fbf49577c289430212567aab495cd7231d52e4fc_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-rhel9-operator@sha256:7d7de1bbcd1154bb6aa9c1d0e94c1413aad4714b3cbe8d6d2512bca238af3292_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ovn-rhel9-operator@sha256:cca32c23677bf4ad3405d7151ced32b4963860edd50981b236b8ef636567e982_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/placement-rhel9-operator@sha256:44c1ef6eacfa049e4846dabd182648ccad01df7f5019ac7ea9d98bc8b0e2d95f_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/rabbitmq-cluster-rhel9-operator@sha256:e9f6e20f5e7a11cea3533cebc6834ce36d20007ad3fc866c373e410c66c8195d_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/sg-core-rhel9@sha256:e40fac6ed64076c41c6056df02153011ea9ac575ca018aa1c9c3b8093426f6d4_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/swift-rhel9-operator@sha256:59483bd45a23f40462c37064ec6dc334b8366f6266aa959825d2a8ed7075ff40_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/telemetry-rhel9-operator@sha256:66fefdca3acda5f33d8eefe32abd3a2c1e3665e5ae9456683dca604524001695_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/test-rhel9-operator@sha256:e248484aaea76516e4c504439608f3ccfd5236756521156780ada8a14bf25b98_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net: malformed DNS message can cause infinite loop"
},
{
"cve": "CVE-2024-34155",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2024-09-06T21:20:06.929766+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310527"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the go/parser package of the Golang standard library. Calling any Parse functions on Go source code containing deeply nested literals can cause a panic due to stack exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/barbican-rhel9-operator@sha256:9d4c302bf3ef3861b54fc401d1742e91b089e9172c28fcf7d450dac4c50f03ea_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/cinder-rhel9-operator@sha256:5b0a67c7eb1eeda740c1d7659eea8ab51a21427e1ba2ff1714860bc7f01a3ca6_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/designate-rhel9-operator@sha256:a5646a3a3d6f7584538ecddeac5537e26ae6c0f60b36df7ebae1bd527cc982c7_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/glance-rhel9-operator@sha256:a1c8bcc3bc80b8787bed607276084c23bc7891ddb91eba6f145779a8fe481834_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/heat-rhel9-operator@sha256:ea965c08c2c7d31410ed80b8eb808933cc511783f8c69b0d1bd8a17ee9abf19d_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/horizon-rhel9-operator@sha256:17246bbe4f31daffc1614ac6a3d5d90a552b2cdd68d757bd48be6c57d31f6c2e_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/infra-rhel9-operator@sha256:5c873e80bc6a33ac0244e75ef93582e22f211125ed50fd06b4537cc8db15e37e_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ironic-rhel9-operator@sha256:030589a0e86a20a306c3e9118c3f29ee95d409fc88a1173f174c11556c6ca58c_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/keystone-rhel9-operator@sha256:6d2d87f44b7c0b3b5aff6bc2ad112d4bcd3e5f2a2a157f449842cc9340789392_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/manila-rhel9-operator@sha256:15356683398fada9c162ccc37f150477f39a1c53f55033d07c712ad6aa317e36_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/mariadb-rhel9-operator@sha256:98bcc0d3c4b05d160a615165426c13bb2318597fa126c2fe9a38688d81fd4ea1_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/neutron-rhel9-operator@sha256:850c2f1377fa0a5a0143ed226abccbec78ed03d86adcdc1e9daaa2dd45614d49_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/nova-rhel9-operator@sha256:641657e9340a21d5e82e81407b2b3719df6eed8cd8334171aaa338dde86d6d52_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/octavia-rhel9-operator@sha256:605b6c299ab3bd243638a7896c2f5105fcfddbe92d1d6975ad3819f449c00709_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-agent-rhel9@sha256:f08212d197b81bbcd1e44ffb5e20d2b7327b3b438b103e37065783f9027c020c_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-rhel9-operator@sha256:0960068ccad1929734b174c67a64e06d7afc1851123c117dc942d2873046f808_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-must-gather-rhel9@sha256:586ab3bab72c0dd76418c6e4fbf49577c289430212567aab495cd7231d52e4fc_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-rhel9-operator@sha256:7d7de1bbcd1154bb6aa9c1d0e94c1413aad4714b3cbe8d6d2512bca238af3292_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ovn-rhel9-operator@sha256:cca32c23677bf4ad3405d7151ced32b4963860edd50981b236b8ef636567e982_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/placement-rhel9-operator@sha256:44c1ef6eacfa049e4846dabd182648ccad01df7f5019ac7ea9d98bc8b0e2d95f_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/rabbitmq-cluster-rhel9-operator@sha256:e9f6e20f5e7a11cea3533cebc6834ce36d20007ad3fc866c373e410c66c8195d_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/sg-core-rhel9@sha256:e40fac6ed64076c41c6056df02153011ea9ac575ca018aa1c9c3b8093426f6d4_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/swift-rhel9-operator@sha256:59483bd45a23f40462c37064ec6dc334b8366f6266aa959825d2a8ed7075ff40_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/telemetry-rhel9-operator@sha256:66fefdca3acda5f33d8eefe32abd3a2c1e3665e5ae9456683dca604524001695_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/test-rhel9-operator@sha256:e248484aaea76516e4c504439608f3ccfd5236756521156780ada8a14bf25b98_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-34155"
},
{
"category": "external",
"summary": "RHBZ#2310527",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310527"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-34155",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34155"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-34155",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34155"
},
{
"category": "external",
"summary": "https://go.dev/cl/611238",
"url": "https://go.dev/cl/611238"
},
{
"category": "external",
"summary": "https://go.dev/issue/69138",
"url": "https://go.dev/issue/69138"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk",
"url": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3105",
"url": "https://pkg.go.dev/vuln/GO-2024-3105"
}
],
"release_date": "2024-09-06T21:15:11.947000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-13T13:14:57+00:00",
"details": "RHOSO OpenStack Podified Control Plane Operators",
"product_ids": [
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/barbican-rhel9-operator@sha256:9d4c302bf3ef3861b54fc401d1742e91b089e9172c28fcf7d450dac4c50f03ea_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/cinder-rhel9-operator@sha256:5b0a67c7eb1eeda740c1d7659eea8ab51a21427e1ba2ff1714860bc7f01a3ca6_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/designate-rhel9-operator@sha256:a5646a3a3d6f7584538ecddeac5537e26ae6c0f60b36df7ebae1bd527cc982c7_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/glance-rhel9-operator@sha256:a1c8bcc3bc80b8787bed607276084c23bc7891ddb91eba6f145779a8fe481834_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/heat-rhel9-operator@sha256:ea965c08c2c7d31410ed80b8eb808933cc511783f8c69b0d1bd8a17ee9abf19d_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/horizon-rhel9-operator@sha256:17246bbe4f31daffc1614ac6a3d5d90a552b2cdd68d757bd48be6c57d31f6c2e_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/infra-rhel9-operator@sha256:5c873e80bc6a33ac0244e75ef93582e22f211125ed50fd06b4537cc8db15e37e_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ironic-rhel9-operator@sha256:030589a0e86a20a306c3e9118c3f29ee95d409fc88a1173f174c11556c6ca58c_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/keystone-rhel9-operator@sha256:6d2d87f44b7c0b3b5aff6bc2ad112d4bcd3e5f2a2a157f449842cc9340789392_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/manila-rhel9-operator@sha256:15356683398fada9c162ccc37f150477f39a1c53f55033d07c712ad6aa317e36_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/mariadb-rhel9-operator@sha256:98bcc0d3c4b05d160a615165426c13bb2318597fa126c2fe9a38688d81fd4ea1_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/neutron-rhel9-operator@sha256:850c2f1377fa0a5a0143ed226abccbec78ed03d86adcdc1e9daaa2dd45614d49_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/nova-rhel9-operator@sha256:641657e9340a21d5e82e81407b2b3719df6eed8cd8334171aaa338dde86d6d52_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/octavia-rhel9-operator@sha256:605b6c299ab3bd243638a7896c2f5105fcfddbe92d1d6975ad3819f449c00709_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-agent-rhel9@sha256:f08212d197b81bbcd1e44ffb5e20d2b7327b3b438b103e37065783f9027c020c_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-rhel9-operator@sha256:0960068ccad1929734b174c67a64e06d7afc1851123c117dc942d2873046f808_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-must-gather-rhel9@sha256:586ab3bab72c0dd76418c6e4fbf49577c289430212567aab495cd7231d52e4fc_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-rhel9-operator@sha256:7d7de1bbcd1154bb6aa9c1d0e94c1413aad4714b3cbe8d6d2512bca238af3292_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ovn-rhel9-operator@sha256:cca32c23677bf4ad3405d7151ced32b4963860edd50981b236b8ef636567e982_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/placement-rhel9-operator@sha256:44c1ef6eacfa049e4846dabd182648ccad01df7f5019ac7ea9d98bc8b0e2d95f_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/rabbitmq-cluster-rhel9-operator@sha256:e9f6e20f5e7a11cea3533cebc6834ce36d20007ad3fc866c373e410c66c8195d_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/sg-core-rhel9@sha256:e40fac6ed64076c41c6056df02153011ea9ac575ca018aa1c9c3b8093426f6d4_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/swift-rhel9-operator@sha256:59483bd45a23f40462c37064ec6dc334b8366f6266aa959825d2a8ed7075ff40_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/telemetry-rhel9-operator@sha256:66fefdca3acda5f33d8eefe32abd3a2c1e3665e5ae9456683dca604524001695_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/test-rhel9-operator@sha256:e248484aaea76516e4c504439608f3ccfd5236756521156780ada8a14bf25b98_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:9485"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/barbican-rhel9-operator@sha256:9d4c302bf3ef3861b54fc401d1742e91b089e9172c28fcf7d450dac4c50f03ea_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/cinder-rhel9-operator@sha256:5b0a67c7eb1eeda740c1d7659eea8ab51a21427e1ba2ff1714860bc7f01a3ca6_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/designate-rhel9-operator@sha256:a5646a3a3d6f7584538ecddeac5537e26ae6c0f60b36df7ebae1bd527cc982c7_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/glance-rhel9-operator@sha256:a1c8bcc3bc80b8787bed607276084c23bc7891ddb91eba6f145779a8fe481834_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/heat-rhel9-operator@sha256:ea965c08c2c7d31410ed80b8eb808933cc511783f8c69b0d1bd8a17ee9abf19d_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/horizon-rhel9-operator@sha256:17246bbe4f31daffc1614ac6a3d5d90a552b2cdd68d757bd48be6c57d31f6c2e_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/infra-rhel9-operator@sha256:5c873e80bc6a33ac0244e75ef93582e22f211125ed50fd06b4537cc8db15e37e_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ironic-rhel9-operator@sha256:030589a0e86a20a306c3e9118c3f29ee95d409fc88a1173f174c11556c6ca58c_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/keystone-rhel9-operator@sha256:6d2d87f44b7c0b3b5aff6bc2ad112d4bcd3e5f2a2a157f449842cc9340789392_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/manila-rhel9-operator@sha256:15356683398fada9c162ccc37f150477f39a1c53f55033d07c712ad6aa317e36_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/mariadb-rhel9-operator@sha256:98bcc0d3c4b05d160a615165426c13bb2318597fa126c2fe9a38688d81fd4ea1_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/neutron-rhel9-operator@sha256:850c2f1377fa0a5a0143ed226abccbec78ed03d86adcdc1e9daaa2dd45614d49_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/nova-rhel9-operator@sha256:641657e9340a21d5e82e81407b2b3719df6eed8cd8334171aaa338dde86d6d52_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/octavia-rhel9-operator@sha256:605b6c299ab3bd243638a7896c2f5105fcfddbe92d1d6975ad3819f449c00709_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-agent-rhel9@sha256:f08212d197b81bbcd1e44ffb5e20d2b7327b3b438b103e37065783f9027c020c_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-rhel9-operator@sha256:0960068ccad1929734b174c67a64e06d7afc1851123c117dc942d2873046f808_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-must-gather-rhel9@sha256:586ab3bab72c0dd76418c6e4fbf49577c289430212567aab495cd7231d52e4fc_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-rhel9-operator@sha256:7d7de1bbcd1154bb6aa9c1d0e94c1413aad4714b3cbe8d6d2512bca238af3292_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ovn-rhel9-operator@sha256:cca32c23677bf4ad3405d7151ced32b4963860edd50981b236b8ef636567e982_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/placement-rhel9-operator@sha256:44c1ef6eacfa049e4846dabd182648ccad01df7f5019ac7ea9d98bc8b0e2d95f_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/rabbitmq-cluster-rhel9-operator@sha256:e9f6e20f5e7a11cea3533cebc6834ce36d20007ad3fc866c373e410c66c8195d_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/sg-core-rhel9@sha256:e40fac6ed64076c41c6056df02153011ea9ac575ca018aa1c9c3b8093426f6d4_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/swift-rhel9-operator@sha256:59483bd45a23f40462c37064ec6dc334b8366f6266aa959825d2a8ed7075ff40_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/telemetry-rhel9-operator@sha256:66fefdca3acda5f33d8eefe32abd3a2c1e3665e5ae9456683dca604524001695_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/test-rhel9-operator@sha256:e248484aaea76516e4c504439608f3ccfd5236756521156780ada8a14bf25b98_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/barbican-rhel9-operator@sha256:9d4c302bf3ef3861b54fc401d1742e91b089e9172c28fcf7d450dac4c50f03ea_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/cinder-rhel9-operator@sha256:5b0a67c7eb1eeda740c1d7659eea8ab51a21427e1ba2ff1714860bc7f01a3ca6_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/designate-rhel9-operator@sha256:a5646a3a3d6f7584538ecddeac5537e26ae6c0f60b36df7ebae1bd527cc982c7_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/glance-rhel9-operator@sha256:a1c8bcc3bc80b8787bed607276084c23bc7891ddb91eba6f145779a8fe481834_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/heat-rhel9-operator@sha256:ea965c08c2c7d31410ed80b8eb808933cc511783f8c69b0d1bd8a17ee9abf19d_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/horizon-rhel9-operator@sha256:17246bbe4f31daffc1614ac6a3d5d90a552b2cdd68d757bd48be6c57d31f6c2e_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/infra-rhel9-operator@sha256:5c873e80bc6a33ac0244e75ef93582e22f211125ed50fd06b4537cc8db15e37e_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ironic-rhel9-operator@sha256:030589a0e86a20a306c3e9118c3f29ee95d409fc88a1173f174c11556c6ca58c_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/keystone-rhel9-operator@sha256:6d2d87f44b7c0b3b5aff6bc2ad112d4bcd3e5f2a2a157f449842cc9340789392_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/manila-rhel9-operator@sha256:15356683398fada9c162ccc37f150477f39a1c53f55033d07c712ad6aa317e36_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/mariadb-rhel9-operator@sha256:98bcc0d3c4b05d160a615165426c13bb2318597fa126c2fe9a38688d81fd4ea1_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/neutron-rhel9-operator@sha256:850c2f1377fa0a5a0143ed226abccbec78ed03d86adcdc1e9daaa2dd45614d49_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/nova-rhel9-operator@sha256:641657e9340a21d5e82e81407b2b3719df6eed8cd8334171aaa338dde86d6d52_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/octavia-rhel9-operator@sha256:605b6c299ab3bd243638a7896c2f5105fcfddbe92d1d6975ad3819f449c00709_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-agent-rhel9@sha256:f08212d197b81bbcd1e44ffb5e20d2b7327b3b438b103e37065783f9027c020c_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-rhel9-operator@sha256:0960068ccad1929734b174c67a64e06d7afc1851123c117dc942d2873046f808_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-must-gather-rhel9@sha256:586ab3bab72c0dd76418c6e4fbf49577c289430212567aab495cd7231d52e4fc_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-rhel9-operator@sha256:7d7de1bbcd1154bb6aa9c1d0e94c1413aad4714b3cbe8d6d2512bca238af3292_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ovn-rhel9-operator@sha256:cca32c23677bf4ad3405d7151ced32b4963860edd50981b236b8ef636567e982_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/placement-rhel9-operator@sha256:44c1ef6eacfa049e4846dabd182648ccad01df7f5019ac7ea9d98bc8b0e2d95f_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/rabbitmq-cluster-rhel9-operator@sha256:e9f6e20f5e7a11cea3533cebc6834ce36d20007ad3fc866c373e410c66c8195d_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/sg-core-rhel9@sha256:e40fac6ed64076c41c6056df02153011ea9ac575ca018aa1c9c3b8093426f6d4_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/swift-rhel9-operator@sha256:59483bd45a23f40462c37064ec6dc334b8366f6266aa959825d2a8ed7075ff40_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/telemetry-rhel9-operator@sha256:66fefdca3acda5f33d8eefe32abd3a2c1e3665e5ae9456683dca604524001695_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/test-rhel9-operator@sha256:e248484aaea76516e4c504439608f3ccfd5236756521156780ada8a14bf25b98_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion"
},
{
"cve": "CVE-2024-34156",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2024-09-06T21:20:09.377905+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310528"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in Go\u0027s `encoding/gob` package is of high severity because it exposes applications to potential Denial of Service (DoS) attacks through stack exhaustion. Since `gob` relies on recursive function calls to decode nested structures, an attacker could exploit this by sending crafted messages with excessively deep nesting, causing the application to panic due to stack overflow. This risk is particularly important in scenarios where untrusted or external input is processed, as it can lead to system unavailability or crashes, undermining the reliability and availability of services.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/barbican-rhel9-operator@sha256:9d4c302bf3ef3861b54fc401d1742e91b089e9172c28fcf7d450dac4c50f03ea_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/cinder-rhel9-operator@sha256:5b0a67c7eb1eeda740c1d7659eea8ab51a21427e1ba2ff1714860bc7f01a3ca6_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/designate-rhel9-operator@sha256:a5646a3a3d6f7584538ecddeac5537e26ae6c0f60b36df7ebae1bd527cc982c7_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/glance-rhel9-operator@sha256:a1c8bcc3bc80b8787bed607276084c23bc7891ddb91eba6f145779a8fe481834_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/heat-rhel9-operator@sha256:ea965c08c2c7d31410ed80b8eb808933cc511783f8c69b0d1bd8a17ee9abf19d_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/horizon-rhel9-operator@sha256:17246bbe4f31daffc1614ac6a3d5d90a552b2cdd68d757bd48be6c57d31f6c2e_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/infra-rhel9-operator@sha256:5c873e80bc6a33ac0244e75ef93582e22f211125ed50fd06b4537cc8db15e37e_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ironic-rhel9-operator@sha256:030589a0e86a20a306c3e9118c3f29ee95d409fc88a1173f174c11556c6ca58c_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/keystone-rhel9-operator@sha256:6d2d87f44b7c0b3b5aff6bc2ad112d4bcd3e5f2a2a157f449842cc9340789392_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/manila-rhel9-operator@sha256:15356683398fada9c162ccc37f150477f39a1c53f55033d07c712ad6aa317e36_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/mariadb-rhel9-operator@sha256:98bcc0d3c4b05d160a615165426c13bb2318597fa126c2fe9a38688d81fd4ea1_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/neutron-rhel9-operator@sha256:850c2f1377fa0a5a0143ed226abccbec78ed03d86adcdc1e9daaa2dd45614d49_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/nova-rhel9-operator@sha256:641657e9340a21d5e82e81407b2b3719df6eed8cd8334171aaa338dde86d6d52_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/octavia-rhel9-operator@sha256:605b6c299ab3bd243638a7896c2f5105fcfddbe92d1d6975ad3819f449c00709_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-agent-rhel9@sha256:f08212d197b81bbcd1e44ffb5e20d2b7327b3b438b103e37065783f9027c020c_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-rhel9-operator@sha256:0960068ccad1929734b174c67a64e06d7afc1851123c117dc942d2873046f808_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-must-gather-rhel9@sha256:586ab3bab72c0dd76418c6e4fbf49577c289430212567aab495cd7231d52e4fc_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-rhel9-operator@sha256:7d7de1bbcd1154bb6aa9c1d0e94c1413aad4714b3cbe8d6d2512bca238af3292_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ovn-rhel9-operator@sha256:cca32c23677bf4ad3405d7151ced32b4963860edd50981b236b8ef636567e982_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/placement-rhel9-operator@sha256:44c1ef6eacfa049e4846dabd182648ccad01df7f5019ac7ea9d98bc8b0e2d95f_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/rabbitmq-cluster-rhel9-operator@sha256:e9f6e20f5e7a11cea3533cebc6834ce36d20007ad3fc866c373e410c66c8195d_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/sg-core-rhel9@sha256:e40fac6ed64076c41c6056df02153011ea9ac575ca018aa1c9c3b8093426f6d4_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/swift-rhel9-operator@sha256:59483bd45a23f40462c37064ec6dc334b8366f6266aa959825d2a8ed7075ff40_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/telemetry-rhel9-operator@sha256:66fefdca3acda5f33d8eefe32abd3a2c1e3665e5ae9456683dca604524001695_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/test-rhel9-operator@sha256:e248484aaea76516e4c504439608f3ccfd5236756521156780ada8a14bf25b98_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-34156"
},
{
"category": "external",
"summary": "RHBZ#2310528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310528"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-34156",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34156"
},
{
"category": "external",
"summary": "https://go.dev/cl/611239",
"url": "https://go.dev/cl/611239"
},
{
"category": "external",
"summary": "https://go.dev/issue/69139",
"url": "https://go.dev/issue/69139"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk",
"url": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3106",
"url": "https://pkg.go.dev/vuln/GO-2024-3106"
}
],
"release_date": "2024-09-06T21:15:12.020000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-13T13:14:57+00:00",
"details": "RHOSO OpenStack Podified Control Plane Operators",
"product_ids": [
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/barbican-rhel9-operator@sha256:9d4c302bf3ef3861b54fc401d1742e91b089e9172c28fcf7d450dac4c50f03ea_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/cinder-rhel9-operator@sha256:5b0a67c7eb1eeda740c1d7659eea8ab51a21427e1ba2ff1714860bc7f01a3ca6_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/designate-rhel9-operator@sha256:a5646a3a3d6f7584538ecddeac5537e26ae6c0f60b36df7ebae1bd527cc982c7_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/glance-rhel9-operator@sha256:a1c8bcc3bc80b8787bed607276084c23bc7891ddb91eba6f145779a8fe481834_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/heat-rhel9-operator@sha256:ea965c08c2c7d31410ed80b8eb808933cc511783f8c69b0d1bd8a17ee9abf19d_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/horizon-rhel9-operator@sha256:17246bbe4f31daffc1614ac6a3d5d90a552b2cdd68d757bd48be6c57d31f6c2e_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/infra-rhel9-operator@sha256:5c873e80bc6a33ac0244e75ef93582e22f211125ed50fd06b4537cc8db15e37e_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ironic-rhel9-operator@sha256:030589a0e86a20a306c3e9118c3f29ee95d409fc88a1173f174c11556c6ca58c_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/keystone-rhel9-operator@sha256:6d2d87f44b7c0b3b5aff6bc2ad112d4bcd3e5f2a2a157f449842cc9340789392_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/manila-rhel9-operator@sha256:15356683398fada9c162ccc37f150477f39a1c53f55033d07c712ad6aa317e36_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/mariadb-rhel9-operator@sha256:98bcc0d3c4b05d160a615165426c13bb2318597fa126c2fe9a38688d81fd4ea1_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/neutron-rhel9-operator@sha256:850c2f1377fa0a5a0143ed226abccbec78ed03d86adcdc1e9daaa2dd45614d49_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/nova-rhel9-operator@sha256:641657e9340a21d5e82e81407b2b3719df6eed8cd8334171aaa338dde86d6d52_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/octavia-rhel9-operator@sha256:605b6c299ab3bd243638a7896c2f5105fcfddbe92d1d6975ad3819f449c00709_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-agent-rhel9@sha256:f08212d197b81bbcd1e44ffb5e20d2b7327b3b438b103e37065783f9027c020c_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-rhel9-operator@sha256:0960068ccad1929734b174c67a64e06d7afc1851123c117dc942d2873046f808_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-must-gather-rhel9@sha256:586ab3bab72c0dd76418c6e4fbf49577c289430212567aab495cd7231d52e4fc_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-rhel9-operator@sha256:7d7de1bbcd1154bb6aa9c1d0e94c1413aad4714b3cbe8d6d2512bca238af3292_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ovn-rhel9-operator@sha256:cca32c23677bf4ad3405d7151ced32b4963860edd50981b236b8ef636567e982_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/placement-rhel9-operator@sha256:44c1ef6eacfa049e4846dabd182648ccad01df7f5019ac7ea9d98bc8b0e2d95f_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/rabbitmq-cluster-rhel9-operator@sha256:e9f6e20f5e7a11cea3533cebc6834ce36d20007ad3fc866c373e410c66c8195d_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/sg-core-rhel9@sha256:e40fac6ed64076c41c6056df02153011ea9ac575ca018aa1c9c3b8093426f6d4_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/swift-rhel9-operator@sha256:59483bd45a23f40462c37064ec6dc334b8366f6266aa959825d2a8ed7075ff40_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/telemetry-rhel9-operator@sha256:66fefdca3acda5f33d8eefe32abd3a2c1e3665e5ae9456683dca604524001695_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/test-rhel9-operator@sha256:e248484aaea76516e4c504439608f3ccfd5236756521156780ada8a14bf25b98_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:9485"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/barbican-rhel9-operator@sha256:9d4c302bf3ef3861b54fc401d1742e91b089e9172c28fcf7d450dac4c50f03ea_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/cinder-rhel9-operator@sha256:5b0a67c7eb1eeda740c1d7659eea8ab51a21427e1ba2ff1714860bc7f01a3ca6_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/designate-rhel9-operator@sha256:a5646a3a3d6f7584538ecddeac5537e26ae6c0f60b36df7ebae1bd527cc982c7_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/glance-rhel9-operator@sha256:a1c8bcc3bc80b8787bed607276084c23bc7891ddb91eba6f145779a8fe481834_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/heat-rhel9-operator@sha256:ea965c08c2c7d31410ed80b8eb808933cc511783f8c69b0d1bd8a17ee9abf19d_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/horizon-rhel9-operator@sha256:17246bbe4f31daffc1614ac6a3d5d90a552b2cdd68d757bd48be6c57d31f6c2e_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/infra-rhel9-operator@sha256:5c873e80bc6a33ac0244e75ef93582e22f211125ed50fd06b4537cc8db15e37e_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ironic-rhel9-operator@sha256:030589a0e86a20a306c3e9118c3f29ee95d409fc88a1173f174c11556c6ca58c_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/keystone-rhel9-operator@sha256:6d2d87f44b7c0b3b5aff6bc2ad112d4bcd3e5f2a2a157f449842cc9340789392_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/manila-rhel9-operator@sha256:15356683398fada9c162ccc37f150477f39a1c53f55033d07c712ad6aa317e36_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/mariadb-rhel9-operator@sha256:98bcc0d3c4b05d160a615165426c13bb2318597fa126c2fe9a38688d81fd4ea1_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/neutron-rhel9-operator@sha256:850c2f1377fa0a5a0143ed226abccbec78ed03d86adcdc1e9daaa2dd45614d49_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/nova-rhel9-operator@sha256:641657e9340a21d5e82e81407b2b3719df6eed8cd8334171aaa338dde86d6d52_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/octavia-rhel9-operator@sha256:605b6c299ab3bd243638a7896c2f5105fcfddbe92d1d6975ad3819f449c00709_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-agent-rhel9@sha256:f08212d197b81bbcd1e44ffb5e20d2b7327b3b438b103e37065783f9027c020c_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-rhel9-operator@sha256:0960068ccad1929734b174c67a64e06d7afc1851123c117dc942d2873046f808_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-must-gather-rhel9@sha256:586ab3bab72c0dd76418c6e4fbf49577c289430212567aab495cd7231d52e4fc_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-rhel9-operator@sha256:7d7de1bbcd1154bb6aa9c1d0e94c1413aad4714b3cbe8d6d2512bca238af3292_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ovn-rhel9-operator@sha256:cca32c23677bf4ad3405d7151ced32b4963860edd50981b236b8ef636567e982_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/placement-rhel9-operator@sha256:44c1ef6eacfa049e4846dabd182648ccad01df7f5019ac7ea9d98bc8b0e2d95f_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/rabbitmq-cluster-rhel9-operator@sha256:e9f6e20f5e7a11cea3533cebc6834ce36d20007ad3fc866c373e410c66c8195d_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/sg-core-rhel9@sha256:e40fac6ed64076c41c6056df02153011ea9ac575ca018aa1c9c3b8093426f6d4_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/swift-rhel9-operator@sha256:59483bd45a23f40462c37064ec6dc334b8366f6266aa959825d2a8ed7075ff40_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/telemetry-rhel9-operator@sha256:66fefdca3acda5f33d8eefe32abd3a2c1e3665e5ae9456683dca604524001695_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/test-rhel9-operator@sha256:e248484aaea76516e4c504439608f3ccfd5236756521156780ada8a14bf25b98_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/barbican-rhel9-operator@sha256:9d4c302bf3ef3861b54fc401d1742e91b089e9172c28fcf7d450dac4c50f03ea_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/cinder-rhel9-operator@sha256:5b0a67c7eb1eeda740c1d7659eea8ab51a21427e1ba2ff1714860bc7f01a3ca6_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/designate-rhel9-operator@sha256:a5646a3a3d6f7584538ecddeac5537e26ae6c0f60b36df7ebae1bd527cc982c7_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/glance-rhel9-operator@sha256:a1c8bcc3bc80b8787bed607276084c23bc7891ddb91eba6f145779a8fe481834_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/heat-rhel9-operator@sha256:ea965c08c2c7d31410ed80b8eb808933cc511783f8c69b0d1bd8a17ee9abf19d_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/horizon-rhel9-operator@sha256:17246bbe4f31daffc1614ac6a3d5d90a552b2cdd68d757bd48be6c57d31f6c2e_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/infra-rhel9-operator@sha256:5c873e80bc6a33ac0244e75ef93582e22f211125ed50fd06b4537cc8db15e37e_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ironic-rhel9-operator@sha256:030589a0e86a20a306c3e9118c3f29ee95d409fc88a1173f174c11556c6ca58c_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/keystone-rhel9-operator@sha256:6d2d87f44b7c0b3b5aff6bc2ad112d4bcd3e5f2a2a157f449842cc9340789392_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/manila-rhel9-operator@sha256:15356683398fada9c162ccc37f150477f39a1c53f55033d07c712ad6aa317e36_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/mariadb-rhel9-operator@sha256:98bcc0d3c4b05d160a615165426c13bb2318597fa126c2fe9a38688d81fd4ea1_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/neutron-rhel9-operator@sha256:850c2f1377fa0a5a0143ed226abccbec78ed03d86adcdc1e9daaa2dd45614d49_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/nova-rhel9-operator@sha256:641657e9340a21d5e82e81407b2b3719df6eed8cd8334171aaa338dde86d6d52_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/octavia-rhel9-operator@sha256:605b6c299ab3bd243638a7896c2f5105fcfddbe92d1d6975ad3819f449c00709_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-agent-rhel9@sha256:f08212d197b81bbcd1e44ffb5e20d2b7327b3b438b103e37065783f9027c020c_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-baremetal-rhel9-operator@sha256:0960068ccad1929734b174c67a64e06d7afc1851123c117dc942d2873046f808_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-must-gather-rhel9@sha256:586ab3bab72c0dd76418c6e4fbf49577c289430212567aab495cd7231d52e4fc_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/openstack-rhel9-operator@sha256:7d7de1bbcd1154bb6aa9c1d0e94c1413aad4714b3cbe8d6d2512bca238af3292_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/ovn-rhel9-operator@sha256:cca32c23677bf4ad3405d7151ced32b4963860edd50981b236b8ef636567e982_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/placement-rhel9-operator@sha256:44c1ef6eacfa049e4846dabd182648ccad01df7f5019ac7ea9d98bc8b0e2d95f_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/rabbitmq-cluster-rhel9-operator@sha256:e9f6e20f5e7a11cea3533cebc6834ce36d20007ad3fc866c373e410c66c8195d_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/sg-core-rhel9@sha256:e40fac6ed64076c41c6056df02153011ea9ac575ca018aa1c9c3b8093426f6d4_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/swift-rhel9-operator@sha256:59483bd45a23f40462c37064ec6dc334b8366f6266aa959825d2a8ed7075ff40_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/telemetry-rhel9-operator@sha256:66fefdca3acda5f33d8eefe32abd3a2c1e3665e5ae9456683dca604524001695_amd64",
"9Base-RHOSO-1.0-PODIFIED:rhoso-operators/test-rhel9-operator@sha256:e248484aaea76516e4c504439608f3ccfd5236756521156780ada8a14bf25b98_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion"
}
]
}
RHSA-2024_9583
Vulnerability from csaf_redhat - Published: 2024-11-13 18:00 - Updated: 2024-12-18 04:40A flaw was found in Golang. The ZIP implementation of the Go language archive/zip library behaves differently than the rest of the ZIP file format implementations. When handling ZIP files with a corrupted central directory record, the library skips over the invalid record and processes the next valid one. This flaw allows a malicious user to access hidden information or files inside maliciously crafted ZIP files.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:81b5d9d7c45c4a8609c777e658eb8898e655799c813049ea75b0ad235d6c6031_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:91807217f7a5d5a234fe52d22ab0efb5d1555ecbea6bf0e73ea22986f0ccd7b9_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:ae1ec07ca41d555e1979d5a78c2a5d73b1ba40deea93fd9c68480dd2a273107d_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:16557a28d0f406947511e9c0ac45ee817ea140889bafcb904cac32bd8bd5e1f8_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:2fd7371cc9b6d31e893ccf947e1eb82dfdafe64cf52f5180fb56eda3b5f39c1e_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:f06e63143446f6adaa05e172e6badc0d1d5ed4c84e2d5d2557d6009f2f8fc020_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:138e5980154aaa0ac5e9298f784b526351c99704cf695ee431501323ca009ee3_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:825d631625833d741b1a1b5dc5b4ed58931bba19c0df3dfffbe37c8d288501d3_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:973018e772a918fdf56c326a9a2dab6930d0495b8832d93a9ce38715bdd3a793_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:1d91f26a507a68b406bb35e5773a482ae91e395ee2076a8c1a518f20c5709d39_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:85a7cd5b497ecaa4050bd1a1452da303a188c8c39e647506a97cb51f77bd15ed_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ad57793f8387672543643510eb5ed7e7bbc3fff4b40b8f46c0133cbaba20fad3_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4394e75958311552877cfb76fc7b6e2fb8b2bce515c0e1caf4a8dd74c656b391_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4f0354935b9ed09306af1ed8484da9b36fe0bac08ffa846c8b8ea882fef672f5_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:881b3767f0cfe08cb5fac5fcb8869410c05978909ab3cf8e1c636ab3676c9fc8_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:044dd53b4b98134210f70146352a200965479f3a585c025b4d754fe891ec9bc3_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:99c096b912ee9f55ad36d402a0e78ba2dfc4120313d3bdb9fc0254f3ef0bfebc_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c1481660a52b4d594368f1fe9b55646ac09d71ca8b6039e983752fa3185976bf_s390x | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9178124bc5c25689fcc7f18e612324eb960a89cd9953e25ddcfb86901cef121f_ppc64le | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:c4fb7a4e30d0e7e8849e37bc6109f23670036f33eea58f5d298b442ce1afb671_amd64 | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:ee6981dd3ba39a27922af01c8b4daadbefe669bf749323c2f6c1b338130d51ca_s390x | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:7e8ecd268fc23e6012789bf37c79e3f32b2b97fb8680212de48c9d2b45ed6039_amd64 | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:95cb6eda4d1ab5fc90ac93317051262c3f1fece5bc038ecee402d9637ac9065b_s390x | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:d889a70c089484065a2ec82125046ab4a33b128f4dde1964cc079351870e9fb4_ppc64le | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:4841ffb3af288d62c7b55bc8aa0181a22f9115412412199d47ee867bc993dcb1_s390x | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:891a5bfabb3caa1500e010a5fa52cb8cb0ae5e891927f29482b60d0c5ff3a689_ppc64le | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:b0ad6462f9116dfef5d6f674abb40888fe0838f63ea63a910e28108fa9cfac96_amd64 | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:1ca8319a9362df3b09515f3a721152af15068cb98596fabd202be639ec847cd8_ppc64le | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:7a5e9703c62f13b5b9541dacb86b864a02399a2facc5e77da50c990742fa48db_s390x | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b481c31ea787bb4817304023ab223996b5deaf01f0c80557d652ca2e76a3dfc5_amd64 | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3661729758bf85f23ea026ee63878c37e633a559e3a9cb62831c5756208849e0_amd64 | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c958195cb7c571b2281e68812730e5bfdb56239dd78cd7eef68c78305df3a22_s390x | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e343a83ec73665ed07c5960878a1b523c2cec5d5f1c17bfbedda3fc1a1670f3f_ppc64le | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0c937e3b9c64f9b162cfbe427f7302dae647ede0a521954c2dcda9ae5209c02f_amd64 | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8ac90dab1deddcca3eeba5fbe21393745a83241bf58c5e45346d1d8136bc766_s390x | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dd5bcce7eab9696f3df21db09e63df3a80ce8e5fa64120b0fcaf68abde0d0ba1_ppc64le | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6d670d1f82894be7a953b784958929790702a922f13237cba2653bb85541d34_s390x | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d4ab8e4dbf191fb71d9b7457846e5544949d03c356c6c855f5490e819b50ab01_amd64 | — | ||
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:fc03767015d6a89e53ca40378638f2e392941b7ff2e3a820b9528d7fcd0e3db9_ppc64le | — |
A flaw was found in the Go language standard library net/netip. The method Is*() (IsPrivate(), IsPublic(), etc) doesn't behave properly when working with IPv6 mapped to IPv4 addresses. The unexpected behavior can lead to integrity and confidentiality issues, specifically when these methods are used to control access to resources or data.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:81b5d9d7c45c4a8609c777e658eb8898e655799c813049ea75b0ad235d6c6031_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:91807217f7a5d5a234fe52d22ab0efb5d1555ecbea6bf0e73ea22986f0ccd7b9_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:ae1ec07ca41d555e1979d5a78c2a5d73b1ba40deea93fd9c68480dd2a273107d_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9178124bc5c25689fcc7f18e612324eb960a89cd9953e25ddcfb86901cef121f_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:c4fb7a4e30d0e7e8849e37bc6109f23670036f33eea58f5d298b442ce1afb671_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:ee6981dd3ba39a27922af01c8b4daadbefe669bf749323c2f6c1b338130d51ca_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:7e8ecd268fc23e6012789bf37c79e3f32b2b97fb8680212de48c9d2b45ed6039_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:95cb6eda4d1ab5fc90ac93317051262c3f1fece5bc038ecee402d9637ac9065b_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:d889a70c089484065a2ec82125046ab4a33b128f4dde1964cc079351870e9fb4_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:4841ffb3af288d62c7b55bc8aa0181a22f9115412412199d47ee867bc993dcb1_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:891a5bfabb3caa1500e010a5fa52cb8cb0ae5e891927f29482b60d0c5ff3a689_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:b0ad6462f9116dfef5d6f674abb40888fe0838f63ea63a910e28108fa9cfac96_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:1ca8319a9362df3b09515f3a721152af15068cb98596fabd202be639ec847cd8_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:7a5e9703c62f13b5b9541dacb86b864a02399a2facc5e77da50c990742fa48db_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b481c31ea787bb4817304023ab223996b5deaf01f0c80557d652ca2e76a3dfc5_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:16557a28d0f406947511e9c0ac45ee817ea140889bafcb904cac32bd8bd5e1f8_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:2fd7371cc9b6d31e893ccf947e1eb82dfdafe64cf52f5180fb56eda3b5f39c1e_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:f06e63143446f6adaa05e172e6badc0d1d5ed4c84e2d5d2557d6009f2f8fc020_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:138e5980154aaa0ac5e9298f784b526351c99704cf695ee431501323ca009ee3_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:825d631625833d741b1a1b5dc5b4ed58931bba19c0df3dfffbe37c8d288501d3_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:973018e772a918fdf56c326a9a2dab6930d0495b8832d93a9ce38715bdd3a793_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3661729758bf85f23ea026ee63878c37e633a559e3a9cb62831c5756208849e0_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c958195cb7c571b2281e68812730e5bfdb56239dd78cd7eef68c78305df3a22_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e343a83ec73665ed07c5960878a1b523c2cec5d5f1c17bfbedda3fc1a1670f3f_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0c937e3b9c64f9b162cfbe427f7302dae647ede0a521954c2dcda9ae5209c02f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8ac90dab1deddcca3eeba5fbe21393745a83241bf58c5e45346d1d8136bc766_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dd5bcce7eab9696f3df21db09e63df3a80ce8e5fa64120b0fcaf68abde0d0ba1_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:1d91f26a507a68b406bb35e5773a482ae91e395ee2076a8c1a518f20c5709d39_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:85a7cd5b497ecaa4050bd1a1452da303a188c8c39e647506a97cb51f77bd15ed_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ad57793f8387672543643510eb5ed7e7bbc3fff4b40b8f46c0133cbaba20fad3_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4394e75958311552877cfb76fc7b6e2fb8b2bce515c0e1caf4a8dd74c656b391_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4f0354935b9ed09306af1ed8484da9b36fe0bac08ffa846c8b8ea882fef672f5_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:881b3767f0cfe08cb5fac5fcb8869410c05978909ab3cf8e1c636ab3676c9fc8_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6d670d1f82894be7a953b784958929790702a922f13237cba2653bb85541d34_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d4ab8e4dbf191fb71d9b7457846e5544949d03c356c6c855f5490e819b50ab01_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:fc03767015d6a89e53ca40378638f2e392941b7ff2e3a820b9528d7fcd0e3db9_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:044dd53b4b98134210f70146352a200965479f3a585c025b4d754fe891ec9bc3_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:99c096b912ee9f55ad36d402a0e78ba2dfc4120313d3bdb9fc0254f3ef0bfebc_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c1481660a52b4d594368f1fe9b55646ac09d71ca8b6039e983752fa3185976bf_s390x | — |
Workaround
|
A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:81b5d9d7c45c4a8609c777e658eb8898e655799c813049ea75b0ad235d6c6031_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:91807217f7a5d5a234fe52d22ab0efb5d1555ecbea6bf0e73ea22986f0ccd7b9_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:ae1ec07ca41d555e1979d5a78c2a5d73b1ba40deea93fd9c68480dd2a273107d_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9178124bc5c25689fcc7f18e612324eb960a89cd9953e25ddcfb86901cef121f_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:c4fb7a4e30d0e7e8849e37bc6109f23670036f33eea58f5d298b442ce1afb671_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:ee6981dd3ba39a27922af01c8b4daadbefe669bf749323c2f6c1b338130d51ca_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:7e8ecd268fc23e6012789bf37c79e3f32b2b97fb8680212de48c9d2b45ed6039_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:95cb6eda4d1ab5fc90ac93317051262c3f1fece5bc038ecee402d9637ac9065b_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:d889a70c089484065a2ec82125046ab4a33b128f4dde1964cc079351870e9fb4_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:4841ffb3af288d62c7b55bc8aa0181a22f9115412412199d47ee867bc993dcb1_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:891a5bfabb3caa1500e010a5fa52cb8cb0ae5e891927f29482b60d0c5ff3a689_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:b0ad6462f9116dfef5d6f674abb40888fe0838f63ea63a910e28108fa9cfac96_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:1ca8319a9362df3b09515f3a721152af15068cb98596fabd202be639ec847cd8_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:7a5e9703c62f13b5b9541dacb86b864a02399a2facc5e77da50c990742fa48db_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b481c31ea787bb4817304023ab223996b5deaf01f0c80557d652ca2e76a3dfc5_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:16557a28d0f406947511e9c0ac45ee817ea140889bafcb904cac32bd8bd5e1f8_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:2fd7371cc9b6d31e893ccf947e1eb82dfdafe64cf52f5180fb56eda3b5f39c1e_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:f06e63143446f6adaa05e172e6badc0d1d5ed4c84e2d5d2557d6009f2f8fc020_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:138e5980154aaa0ac5e9298f784b526351c99704cf695ee431501323ca009ee3_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:825d631625833d741b1a1b5dc5b4ed58931bba19c0df3dfffbe37c8d288501d3_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:973018e772a918fdf56c326a9a2dab6930d0495b8832d93a9ce38715bdd3a793_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3661729758bf85f23ea026ee63878c37e633a559e3a9cb62831c5756208849e0_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c958195cb7c571b2281e68812730e5bfdb56239dd78cd7eef68c78305df3a22_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e343a83ec73665ed07c5960878a1b523c2cec5d5f1c17bfbedda3fc1a1670f3f_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0c937e3b9c64f9b162cfbe427f7302dae647ede0a521954c2dcda9ae5209c02f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8ac90dab1deddcca3eeba5fbe21393745a83241bf58c5e45346d1d8136bc766_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dd5bcce7eab9696f3df21db09e63df3a80ce8e5fa64120b0fcaf68abde0d0ba1_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:1d91f26a507a68b406bb35e5773a482ae91e395ee2076a8c1a518f20c5709d39_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:85a7cd5b497ecaa4050bd1a1452da303a188c8c39e647506a97cb51f77bd15ed_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ad57793f8387672543643510eb5ed7e7bbc3fff4b40b8f46c0133cbaba20fad3_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4394e75958311552877cfb76fc7b6e2fb8b2bce515c0e1caf4a8dd74c656b391_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4f0354935b9ed09306af1ed8484da9b36fe0bac08ffa846c8b8ea882fef672f5_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:881b3767f0cfe08cb5fac5fcb8869410c05978909ab3cf8e1c636ab3676c9fc8_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6d670d1f82894be7a953b784958929790702a922f13237cba2653bb85541d34_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d4ab8e4dbf191fb71d9b7457846e5544949d03c356c6c855f5490e819b50ab01_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:fc03767015d6a89e53ca40378638f2e392941b7ff2e3a820b9528d7fcd0e3db9_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:044dd53b4b98134210f70146352a200965479f3a585c025b4d754fe891ec9bc3_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:99c096b912ee9f55ad36d402a0e78ba2dfc4120313d3bdb9fc0254f3ef0bfebc_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c1481660a52b4d594368f1fe9b55646ac09d71ca8b6039e983752fa3185976bf_s390x | — |
Workaround
|
A flaw was found in body-parser. This vulnerability causes denial of service via a specially crafted payload when the URL encoding is enabled.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:81b5d9d7c45c4a8609c777e658eb8898e655799c813049ea75b0ad235d6c6031_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:91807217f7a5d5a234fe52d22ab0efb5d1555ecbea6bf0e73ea22986f0ccd7b9_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:ae1ec07ca41d555e1979d5a78c2a5d73b1ba40deea93fd9c68480dd2a273107d_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9178124bc5c25689fcc7f18e612324eb960a89cd9953e25ddcfb86901cef121f_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:c4fb7a4e30d0e7e8849e37bc6109f23670036f33eea58f5d298b442ce1afb671_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:ee6981dd3ba39a27922af01c8b4daadbefe669bf749323c2f6c1b338130d51ca_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:7e8ecd268fc23e6012789bf37c79e3f32b2b97fb8680212de48c9d2b45ed6039_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:95cb6eda4d1ab5fc90ac93317051262c3f1fece5bc038ecee402d9637ac9065b_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:d889a70c089484065a2ec82125046ab4a33b128f4dde1964cc079351870e9fb4_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:4841ffb3af288d62c7b55bc8aa0181a22f9115412412199d47ee867bc993dcb1_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:891a5bfabb3caa1500e010a5fa52cb8cb0ae5e891927f29482b60d0c5ff3a689_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:b0ad6462f9116dfef5d6f674abb40888fe0838f63ea63a910e28108fa9cfac96_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:1ca8319a9362df3b09515f3a721152af15068cb98596fabd202be639ec847cd8_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:7a5e9703c62f13b5b9541dacb86b864a02399a2facc5e77da50c990742fa48db_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b481c31ea787bb4817304023ab223996b5deaf01f0c80557d652ca2e76a3dfc5_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:16557a28d0f406947511e9c0ac45ee817ea140889bafcb904cac32bd8bd5e1f8_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:2fd7371cc9b6d31e893ccf947e1eb82dfdafe64cf52f5180fb56eda3b5f39c1e_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:f06e63143446f6adaa05e172e6badc0d1d5ed4c84e2d5d2557d6009f2f8fc020_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:138e5980154aaa0ac5e9298f784b526351c99704cf695ee431501323ca009ee3_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:825d631625833d741b1a1b5dc5b4ed58931bba19c0df3dfffbe37c8d288501d3_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:973018e772a918fdf56c326a9a2dab6930d0495b8832d93a9ce38715bdd3a793_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3661729758bf85f23ea026ee63878c37e633a559e3a9cb62831c5756208849e0_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c958195cb7c571b2281e68812730e5bfdb56239dd78cd7eef68c78305df3a22_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e343a83ec73665ed07c5960878a1b523c2cec5d5f1c17bfbedda3fc1a1670f3f_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0c937e3b9c64f9b162cfbe427f7302dae647ede0a521954c2dcda9ae5209c02f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8ac90dab1deddcca3eeba5fbe21393745a83241bf58c5e45346d1d8136bc766_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dd5bcce7eab9696f3df21db09e63df3a80ce8e5fa64120b0fcaf68abde0d0ba1_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:1d91f26a507a68b406bb35e5773a482ae91e395ee2076a8c1a518f20c5709d39_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:85a7cd5b497ecaa4050bd1a1452da303a188c8c39e647506a97cb51f77bd15ed_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ad57793f8387672543643510eb5ed7e7bbc3fff4b40b8f46c0133cbaba20fad3_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4394e75958311552877cfb76fc7b6e2fb8b2bce515c0e1caf4a8dd74c656b391_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4f0354935b9ed09306af1ed8484da9b36fe0bac08ffa846c8b8ea882fef672f5_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:881b3767f0cfe08cb5fac5fcb8869410c05978909ab3cf8e1c636ab3676c9fc8_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6d670d1f82894be7a953b784958929790702a922f13237cba2653bb85541d34_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d4ab8e4dbf191fb71d9b7457846e5544949d03c356c6c855f5490e819b50ab01_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:fc03767015d6a89e53ca40378638f2e392941b7ff2e3a820b9528d7fcd0e3db9_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:044dd53b4b98134210f70146352a200965479f3a585c025b4d754fe891ec9bc3_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:99c096b912ee9f55ad36d402a0e78ba2dfc4120313d3bdb9fc0254f3ef0bfebc_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c1481660a52b4d594368f1fe9b55646ac09d71ca8b6039e983752fa3185976bf_s390x | — |
Workaround
|
A prototype pollution vulnerability was found in DOMPurify. This flaw allows a remote attacker to add or modify attributes of an object prototype. This issue can lead to the injection of malicious attributes used in other components or cause a crash by overriding existing attributes with ones of incompatible type.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:81b5d9d7c45c4a8609c777e658eb8898e655799c813049ea75b0ad235d6c6031_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:91807217f7a5d5a234fe52d22ab0efb5d1555ecbea6bf0e73ea22986f0ccd7b9_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:ae1ec07ca41d555e1979d5a78c2a5d73b1ba40deea93fd9c68480dd2a273107d_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9178124bc5c25689fcc7f18e612324eb960a89cd9953e25ddcfb86901cef121f_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:c4fb7a4e30d0e7e8849e37bc6109f23670036f33eea58f5d298b442ce1afb671_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:ee6981dd3ba39a27922af01c8b4daadbefe669bf749323c2f6c1b338130d51ca_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:7e8ecd268fc23e6012789bf37c79e3f32b2b97fb8680212de48c9d2b45ed6039_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:95cb6eda4d1ab5fc90ac93317051262c3f1fece5bc038ecee402d9637ac9065b_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:d889a70c089484065a2ec82125046ab4a33b128f4dde1964cc079351870e9fb4_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:4841ffb3af288d62c7b55bc8aa0181a22f9115412412199d47ee867bc993dcb1_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:891a5bfabb3caa1500e010a5fa52cb8cb0ae5e891927f29482b60d0c5ff3a689_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:b0ad6462f9116dfef5d6f674abb40888fe0838f63ea63a910e28108fa9cfac96_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:1ca8319a9362df3b09515f3a721152af15068cb98596fabd202be639ec847cd8_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:7a5e9703c62f13b5b9541dacb86b864a02399a2facc5e77da50c990742fa48db_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b481c31ea787bb4817304023ab223996b5deaf01f0c80557d652ca2e76a3dfc5_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:16557a28d0f406947511e9c0ac45ee817ea140889bafcb904cac32bd8bd5e1f8_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:2fd7371cc9b6d31e893ccf947e1eb82dfdafe64cf52f5180fb56eda3b5f39c1e_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:f06e63143446f6adaa05e172e6badc0d1d5ed4c84e2d5d2557d6009f2f8fc020_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:138e5980154aaa0ac5e9298f784b526351c99704cf695ee431501323ca009ee3_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:825d631625833d741b1a1b5dc5b4ed58931bba19c0df3dfffbe37c8d288501d3_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:973018e772a918fdf56c326a9a2dab6930d0495b8832d93a9ce38715bdd3a793_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3661729758bf85f23ea026ee63878c37e633a559e3a9cb62831c5756208849e0_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c958195cb7c571b2281e68812730e5bfdb56239dd78cd7eef68c78305df3a22_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e343a83ec73665ed07c5960878a1b523c2cec5d5f1c17bfbedda3fc1a1670f3f_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0c937e3b9c64f9b162cfbe427f7302dae647ede0a521954c2dcda9ae5209c02f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8ac90dab1deddcca3eeba5fbe21393745a83241bf58c5e45346d1d8136bc766_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dd5bcce7eab9696f3df21db09e63df3a80ce8e5fa64120b0fcaf68abde0d0ba1_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:1d91f26a507a68b406bb35e5773a482ae91e395ee2076a8c1a518f20c5709d39_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:85a7cd5b497ecaa4050bd1a1452da303a188c8c39e647506a97cb51f77bd15ed_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ad57793f8387672543643510eb5ed7e7bbc3fff4b40b8f46c0133cbaba20fad3_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4394e75958311552877cfb76fc7b6e2fb8b2bce515c0e1caf4a8dd74c656b391_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4f0354935b9ed09306af1ed8484da9b36fe0bac08ffa846c8b8ea882fef672f5_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:881b3767f0cfe08cb5fac5fcb8869410c05978909ab3cf8e1c636ab3676c9fc8_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6d670d1f82894be7a953b784958929790702a922f13237cba2653bb85541d34_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d4ab8e4dbf191fb71d9b7457846e5544949d03c356c6c855f5490e819b50ab01_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:fc03767015d6a89e53ca40378638f2e392941b7ff2e3a820b9528d7fcd0e3db9_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:044dd53b4b98134210f70146352a200965479f3a585c025b4d754fe891ec9bc3_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:99c096b912ee9f55ad36d402a0e78ba2dfc4120313d3bdb9fc0254f3ef0bfebc_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c1481660a52b4d594368f1fe9b55646ac09d71ca8b6039e983752fa3185976bf_s390x | — |
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated images are now available for Red Hat Advanced Cluster Security\n(RHACS). The updated image includes a bug fix and security fixes.\n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release of RHACS 4.4.6 introduces the following changes:\n\nBug fix:\n\n* Fixed an issue where you could not view detailed scan results for certain images in RHACS because the page redirected to an error after a brief display. (ROX-24326)\n\nSecurity fixes:\n\n* encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion (CVE-2024-34156)\n\n* body-parser: Denial of Service Vulnerability in body-parser (CVE-2024-45590)\n\n* dompurify: DOMPurify vulnerable to tampering by prototype pollution (CVE-2024-48910)\n\n* golang: archive/zip: Incorrect handling of certain ZIP files (CVE-2024-24789)\n\n* golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses (CVE-2024-24790)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:9583",
"url": "https://access.redhat.com/errata/RHSA-2024:9583"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://docs.openshift.com/acs/4.4/release_notes/44-release-notes.html",
"url": "https://docs.openshift.com/acs/4.4/release_notes/44-release-notes.html"
},
{
"category": "external",
"summary": "2292668",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292668"
},
{
"category": "external",
"summary": "2292787",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292787"
},
{
"category": "external",
"summary": "2310528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310528"
},
{
"category": "external",
"summary": "2311171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311171"
},
{
"category": "external",
"summary": "2322949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2322949"
},
{
"category": "external",
"summary": "ROX-24326",
"url": "https://issues.redhat.com/browse/ROX-24326"
},
{
"category": "external",
"summary": "ROX-26880",
"url": "https://issues.redhat.com/browse/ROX-26880"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_9583.json"
}
],
"title": "Red Hat Security Advisory: ACS 4.4 enhancement update",
"tracking": {
"current_release_date": "2024-12-18T04:40:08+00:00",
"generator": {
"date": "2024-12-18T04:40:08+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2024:9583",
"initial_release_date": "2024-11-13T18:00:45+00:00",
"revision_history": [
{
"date": "2024-11-13T18:00:45+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-11-13T18:00:45+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-18T04:40:08+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHACS 4.4 for RHEL 8",
"product": {
"name": "RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:advanced_cluster_security:4.4::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Advanced Cluster Security for Kubernetes"
},
{
"branches": [
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:ee6981dd3ba39a27922af01c8b4daadbefe669bf749323c2f6c1b338130d51ca_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:ee6981dd3ba39a27922af01c8b4daadbefe669bf749323c2f6c1b338130d51ca_s390x",
"product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:ee6981dd3ba39a27922af01c8b4daadbefe669bf749323c2f6c1b338130d51ca_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256:ee6981dd3ba39a27922af01c8b4daadbefe669bf749323c2f6c1b338130d51ca?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=4.4.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:95cb6eda4d1ab5fc90ac93317051262c3f1fece5bc038ecee402d9637ac9065b_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:95cb6eda4d1ab5fc90ac93317051262c3f1fece5bc038ecee402d9637ac9065b_s390x",
"product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:95cb6eda4d1ab5fc90ac93317051262c3f1fece5bc038ecee402d9637ac9065b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256:95cb6eda4d1ab5fc90ac93317051262c3f1fece5bc038ecee402d9637ac9065b?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=4.4.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:4841ffb3af288d62c7b55bc8aa0181a22f9115412412199d47ee867bc993dcb1_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:4841ffb3af288d62c7b55bc8aa0181a22f9115412412199d47ee867bc993dcb1_s390x",
"product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:4841ffb3af288d62c7b55bc8aa0181a22f9115412412199d47ee867bc993dcb1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:4841ffb3af288d62c7b55bc8aa0181a22f9115412412199d47ee867bc993dcb1?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=4.4.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:91807217f7a5d5a234fe52d22ab0efb5d1555ecbea6bf0e73ea22986f0ccd7b9_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:91807217f7a5d5a234fe52d22ab0efb5d1555ecbea6bf0e73ea22986f0ccd7b9_s390x",
"product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:91807217f7a5d5a234fe52d22ab0efb5d1555ecbea6bf0e73ea22986f0ccd7b9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256:91807217f7a5d5a234fe52d22ab0efb5d1555ecbea6bf0e73ea22986f0ccd7b9?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=4.4.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:7a5e9703c62f13b5b9541dacb86b864a02399a2facc5e77da50c990742fa48db_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:7a5e9703c62f13b5b9541dacb86b864a02399a2facc5e77da50c990742fa48db_s390x",
"product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:7a5e9703c62f13b5b9541dacb86b864a02399a2facc5e77da50c990742fa48db_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256:7a5e9703c62f13b5b9541dacb86b864a02399a2facc5e77da50c990742fa48db?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=4.4.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:2fd7371cc9b6d31e893ccf947e1eb82dfdafe64cf52f5180fb56eda3b5f39c1e_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:2fd7371cc9b6d31e893ccf947e1eb82dfdafe64cf52f5180fb56eda3b5f39c1e_s390x",
"product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:2fd7371cc9b6d31e893ccf947e1eb82dfdafe64cf52f5180fb56eda3b5f39c1e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256:2fd7371cc9b6d31e893ccf947e1eb82dfdafe64cf52f5180fb56eda3b5f39c1e?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=4.4.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:825d631625833d741b1a1b5dc5b4ed58931bba19c0df3dfffbe37c8d288501d3_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:825d631625833d741b1a1b5dc5b4ed58931bba19c0df3dfffbe37c8d288501d3_s390x",
"product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:825d631625833d741b1a1b5dc5b4ed58931bba19c0df3dfffbe37c8d288501d3_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:825d631625833d741b1a1b5dc5b4ed58931bba19c0df3dfffbe37c8d288501d3?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=4.4.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:1d91f26a507a68b406bb35e5773a482ae91e395ee2076a8c1a518f20c5709d39_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:1d91f26a507a68b406bb35e5773a482ae91e395ee2076a8c1a518f20c5709d39_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:1d91f26a507a68b406bb35e5773a482ae91e395ee2076a8c1a518f20c5709d39_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256:1d91f26a507a68b406bb35e5773a482ae91e395ee2076a8c1a518f20c5709d39?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=4.4.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c958195cb7c571b2281e68812730e5bfdb56239dd78cd7eef68c78305df3a22_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c958195cb7c571b2281e68812730e5bfdb56239dd78cd7eef68c78305df3a22_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c958195cb7c571b2281e68812730e5bfdb56239dd78cd7eef68c78305df3a22_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:7c958195cb7c571b2281e68812730e5bfdb56239dd78cd7eef68c78305df3a22?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=4.4.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8ac90dab1deddcca3eeba5fbe21393745a83241bf58c5e45346d1d8136bc766_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8ac90dab1deddcca3eeba5fbe21393745a83241bf58c5e45346d1d8136bc766_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8ac90dab1deddcca3eeba5fbe21393745a83241bf58c5e45346d1d8136bc766_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:c8ac90dab1deddcca3eeba5fbe21393745a83241bf58c5e45346d1d8136bc766?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=4.4.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4394e75958311552877cfb76fc7b6e2fb8b2bce515c0e1caf4a8dd74c656b391_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4394e75958311552877cfb76fc7b6e2fb8b2bce515c0e1caf4a8dd74c656b391_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4394e75958311552877cfb76fc7b6e2fb8b2bce515c0e1caf4a8dd74c656b391_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:4394e75958311552877cfb76fc7b6e2fb8b2bce515c0e1caf4a8dd74c656b391?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=4.4.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c1481660a52b4d594368f1fe9b55646ac09d71ca8b6039e983752fa3185976bf_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c1481660a52b4d594368f1fe9b55646ac09d71ca8b6039e983752fa3185976bf_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c1481660a52b4d594368f1fe9b55646ac09d71ca8b6039e983752fa3185976bf_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256:c1481660a52b4d594368f1fe9b55646ac09d71ca8b6039e983752fa3185976bf?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8\u0026tag=4.4.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6d670d1f82894be7a953b784958929790702a922f13237cba2653bb85541d34_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6d670d1f82894be7a953b784958929790702a922f13237cba2653bb85541d34_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6d670d1f82894be7a953b784958929790702a922f13237cba2653bb85541d34_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256:c6d670d1f82894be7a953b784958929790702a922f13237cba2653bb85541d34?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8\u0026tag=4.4.6-2"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:c4fb7a4e30d0e7e8849e37bc6109f23670036f33eea58f5d298b442ce1afb671_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:c4fb7a4e30d0e7e8849e37bc6109f23670036f33eea58f5d298b442ce1afb671_amd64",
"product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:c4fb7a4e30d0e7e8849e37bc6109f23670036f33eea58f5d298b442ce1afb671_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256:c4fb7a4e30d0e7e8849e37bc6109f23670036f33eea58f5d298b442ce1afb671?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=4.4.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:7e8ecd268fc23e6012789bf37c79e3f32b2b97fb8680212de48c9d2b45ed6039_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:7e8ecd268fc23e6012789bf37c79e3f32b2b97fb8680212de48c9d2b45ed6039_amd64",
"product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:7e8ecd268fc23e6012789bf37c79e3f32b2b97fb8680212de48c9d2b45ed6039_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256:7e8ecd268fc23e6012789bf37c79e3f32b2b97fb8680212de48c9d2b45ed6039?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=4.4.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:b0ad6462f9116dfef5d6f674abb40888fe0838f63ea63a910e28108fa9cfac96_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:b0ad6462f9116dfef5d6f674abb40888fe0838f63ea63a910e28108fa9cfac96_amd64",
"product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:b0ad6462f9116dfef5d6f674abb40888fe0838f63ea63a910e28108fa9cfac96_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:b0ad6462f9116dfef5d6f674abb40888fe0838f63ea63a910e28108fa9cfac96?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=4.4.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:ae1ec07ca41d555e1979d5a78c2a5d73b1ba40deea93fd9c68480dd2a273107d_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:ae1ec07ca41d555e1979d5a78c2a5d73b1ba40deea93fd9c68480dd2a273107d_amd64",
"product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:ae1ec07ca41d555e1979d5a78c2a5d73b1ba40deea93fd9c68480dd2a273107d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256:ae1ec07ca41d555e1979d5a78c2a5d73b1ba40deea93fd9c68480dd2a273107d?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=4.4.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:b481c31ea787bb4817304023ab223996b5deaf01f0c80557d652ca2e76a3dfc5_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:b481c31ea787bb4817304023ab223996b5deaf01f0c80557d652ca2e76a3dfc5_amd64",
"product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:b481c31ea787bb4817304023ab223996b5deaf01f0c80557d652ca2e76a3dfc5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256:b481c31ea787bb4817304023ab223996b5deaf01f0c80557d652ca2e76a3dfc5?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=4.4.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:16557a28d0f406947511e9c0ac45ee817ea140889bafcb904cac32bd8bd5e1f8_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:16557a28d0f406947511e9c0ac45ee817ea140889bafcb904cac32bd8bd5e1f8_amd64",
"product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:16557a28d0f406947511e9c0ac45ee817ea140889bafcb904cac32bd8bd5e1f8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256:16557a28d0f406947511e9c0ac45ee817ea140889bafcb904cac32bd8bd5e1f8?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=4.4.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:973018e772a918fdf56c326a9a2dab6930d0495b8832d93a9ce38715bdd3a793_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:973018e772a918fdf56c326a9a2dab6930d0495b8832d93a9ce38715bdd3a793_amd64",
"product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:973018e772a918fdf56c326a9a2dab6930d0495b8832d93a9ce38715bdd3a793_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:973018e772a918fdf56c326a9a2dab6930d0495b8832d93a9ce38715bdd3a793?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=4.4.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:ad57793f8387672543643510eb5ed7e7bbc3fff4b40b8f46c0133cbaba20fad3_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:ad57793f8387672543643510eb5ed7e7bbc3fff4b40b8f46c0133cbaba20fad3_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:ad57793f8387672543643510eb5ed7e7bbc3fff4b40b8f46c0133cbaba20fad3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256:ad57793f8387672543643510eb5ed7e7bbc3fff4b40b8f46c0133cbaba20fad3?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=4.4.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3661729758bf85f23ea026ee63878c37e633a559e3a9cb62831c5756208849e0_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3661729758bf85f23ea026ee63878c37e633a559e3a9cb62831c5756208849e0_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3661729758bf85f23ea026ee63878c37e633a559e3a9cb62831c5756208849e0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:3661729758bf85f23ea026ee63878c37e633a559e3a9cb62831c5756208849e0?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=4.4.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0c937e3b9c64f9b162cfbe427f7302dae647ede0a521954c2dcda9ae5209c02f_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0c937e3b9c64f9b162cfbe427f7302dae647ede0a521954c2dcda9ae5209c02f_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0c937e3b9c64f9b162cfbe427f7302dae647ede0a521954c2dcda9ae5209c02f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:0c937e3b9c64f9b162cfbe427f7302dae647ede0a521954c2dcda9ae5209c02f?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=4.4.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4f0354935b9ed09306af1ed8484da9b36fe0bac08ffa846c8b8ea882fef672f5_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4f0354935b9ed09306af1ed8484da9b36fe0bac08ffa846c8b8ea882fef672f5_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4f0354935b9ed09306af1ed8484da9b36fe0bac08ffa846c8b8ea882fef672f5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:4f0354935b9ed09306af1ed8484da9b36fe0bac08ffa846c8b8ea882fef672f5?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=4.4.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:044dd53b4b98134210f70146352a200965479f3a585c025b4d754fe891ec9bc3_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:044dd53b4b98134210f70146352a200965479f3a585c025b4d754fe891ec9bc3_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:044dd53b4b98134210f70146352a200965479f3a585c025b4d754fe891ec9bc3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256:044dd53b4b98134210f70146352a200965479f3a585c025b4d754fe891ec9bc3?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8\u0026tag=4.4.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d4ab8e4dbf191fb71d9b7457846e5544949d03c356c6c855f5490e819b50ab01_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d4ab8e4dbf191fb71d9b7457846e5544949d03c356c6c855f5490e819b50ab01_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d4ab8e4dbf191fb71d9b7457846e5544949d03c356c6c855f5490e819b50ab01_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256:d4ab8e4dbf191fb71d9b7457846e5544949d03c356c6c855f5490e819b50ab01?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8\u0026tag=4.4.6-2"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:9178124bc5c25689fcc7f18e612324eb960a89cd9953e25ddcfb86901cef121f_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:9178124bc5c25689fcc7f18e612324eb960a89cd9953e25ddcfb86901cef121f_ppc64le",
"product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:9178124bc5c25689fcc7f18e612324eb960a89cd9953e25ddcfb86901cef121f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256:9178124bc5c25689fcc7f18e612324eb960a89cd9953e25ddcfb86901cef121f?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=4.4.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:d889a70c089484065a2ec82125046ab4a33b128f4dde1964cc079351870e9fb4_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:d889a70c089484065a2ec82125046ab4a33b128f4dde1964cc079351870e9fb4_ppc64le",
"product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:d889a70c089484065a2ec82125046ab4a33b128f4dde1964cc079351870e9fb4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256:d889a70c089484065a2ec82125046ab4a33b128f4dde1964cc079351870e9fb4?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=4.4.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:891a5bfabb3caa1500e010a5fa52cb8cb0ae5e891927f29482b60d0c5ff3a689_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:891a5bfabb3caa1500e010a5fa52cb8cb0ae5e891927f29482b60d0c5ff3a689_ppc64le",
"product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:891a5bfabb3caa1500e010a5fa52cb8cb0ae5e891927f29482b60d0c5ff3a689_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:891a5bfabb3caa1500e010a5fa52cb8cb0ae5e891927f29482b60d0c5ff3a689?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=4.4.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:81b5d9d7c45c4a8609c777e658eb8898e655799c813049ea75b0ad235d6c6031_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:81b5d9d7c45c4a8609c777e658eb8898e655799c813049ea75b0ad235d6c6031_ppc64le",
"product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:81b5d9d7c45c4a8609c777e658eb8898e655799c813049ea75b0ad235d6c6031_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256:81b5d9d7c45c4a8609c777e658eb8898e655799c813049ea75b0ad235d6c6031?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=4.4.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:1ca8319a9362df3b09515f3a721152af15068cb98596fabd202be639ec847cd8_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:1ca8319a9362df3b09515f3a721152af15068cb98596fabd202be639ec847cd8_ppc64le",
"product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:1ca8319a9362df3b09515f3a721152af15068cb98596fabd202be639ec847cd8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256:1ca8319a9362df3b09515f3a721152af15068cb98596fabd202be639ec847cd8?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=4.4.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:f06e63143446f6adaa05e172e6badc0d1d5ed4c84e2d5d2557d6009f2f8fc020_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:f06e63143446f6adaa05e172e6badc0d1d5ed4c84e2d5d2557d6009f2f8fc020_ppc64le",
"product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:f06e63143446f6adaa05e172e6badc0d1d5ed4c84e2d5d2557d6009f2f8fc020_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256:f06e63143446f6adaa05e172e6badc0d1d5ed4c84e2d5d2557d6009f2f8fc020?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=4.4.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:138e5980154aaa0ac5e9298f784b526351c99704cf695ee431501323ca009ee3_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:138e5980154aaa0ac5e9298f784b526351c99704cf695ee431501323ca009ee3_ppc64le",
"product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:138e5980154aaa0ac5e9298f784b526351c99704cf695ee431501323ca009ee3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:138e5980154aaa0ac5e9298f784b526351c99704cf695ee431501323ca009ee3?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=4.4.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:85a7cd5b497ecaa4050bd1a1452da303a188c8c39e647506a97cb51f77bd15ed_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:85a7cd5b497ecaa4050bd1a1452da303a188c8c39e647506a97cb51f77bd15ed_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:85a7cd5b497ecaa4050bd1a1452da303a188c8c39e647506a97cb51f77bd15ed_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256:85a7cd5b497ecaa4050bd1a1452da303a188c8c39e647506a97cb51f77bd15ed?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=4.4.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e343a83ec73665ed07c5960878a1b523c2cec5d5f1c17bfbedda3fc1a1670f3f_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e343a83ec73665ed07c5960878a1b523c2cec5d5f1c17bfbedda3fc1a1670f3f_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e343a83ec73665ed07c5960878a1b523c2cec5d5f1c17bfbedda3fc1a1670f3f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:e343a83ec73665ed07c5960878a1b523c2cec5d5f1c17bfbedda3fc1a1670f3f?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=4.4.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dd5bcce7eab9696f3df21db09e63df3a80ce8e5fa64120b0fcaf68abde0d0ba1_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dd5bcce7eab9696f3df21db09e63df3a80ce8e5fa64120b0fcaf68abde0d0ba1_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dd5bcce7eab9696f3df21db09e63df3a80ce8e5fa64120b0fcaf68abde0d0ba1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:dd5bcce7eab9696f3df21db09e63df3a80ce8e5fa64120b0fcaf68abde0d0ba1?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=4.4.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:881b3767f0cfe08cb5fac5fcb8869410c05978909ab3cf8e1c636ab3676c9fc8_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:881b3767f0cfe08cb5fac5fcb8869410c05978909ab3cf8e1c636ab3676c9fc8_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:881b3767f0cfe08cb5fac5fcb8869410c05978909ab3cf8e1c636ab3676c9fc8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:881b3767f0cfe08cb5fac5fcb8869410c05978909ab3cf8e1c636ab3676c9fc8?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=4.4.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:99c096b912ee9f55ad36d402a0e78ba2dfc4120313d3bdb9fc0254f3ef0bfebc_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:99c096b912ee9f55ad36d402a0e78ba2dfc4120313d3bdb9fc0254f3ef0bfebc_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:99c096b912ee9f55ad36d402a0e78ba2dfc4120313d3bdb9fc0254f3ef0bfebc_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256:99c096b912ee9f55ad36d402a0e78ba2dfc4120313d3bdb9fc0254f3ef0bfebc?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8\u0026tag=4.4.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:fc03767015d6a89e53ca40378638f2e392941b7ff2e3a820b9528d7fcd0e3db9_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:fc03767015d6a89e53ca40378638f2e392941b7ff2e3a820b9528d7fcd0e3db9_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:fc03767015d6a89e53ca40378638f2e392941b7ff2e3a820b9528d7fcd0e3db9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256:fc03767015d6a89e53ca40378638f2e392941b7ff2e3a820b9528d7fcd0e3db9?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8\u0026tag=4.4.6-2"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:9178124bc5c25689fcc7f18e612324eb960a89cd9953e25ddcfb86901cef121f_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9178124bc5c25689fcc7f18e612324eb960a89cd9953e25ddcfb86901cef121f_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:9178124bc5c25689fcc7f18e612324eb960a89cd9953e25ddcfb86901cef121f_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:c4fb7a4e30d0e7e8849e37bc6109f23670036f33eea58f5d298b442ce1afb671_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:c4fb7a4e30d0e7e8849e37bc6109f23670036f33eea58f5d298b442ce1afb671_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:c4fb7a4e30d0e7e8849e37bc6109f23670036f33eea58f5d298b442ce1afb671_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:ee6981dd3ba39a27922af01c8b4daadbefe669bf749323c2f6c1b338130d51ca_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:ee6981dd3ba39a27922af01c8b4daadbefe669bf749323c2f6c1b338130d51ca_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:ee6981dd3ba39a27922af01c8b4daadbefe669bf749323c2f6c1b338130d51ca_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:7e8ecd268fc23e6012789bf37c79e3f32b2b97fb8680212de48c9d2b45ed6039_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:7e8ecd268fc23e6012789bf37c79e3f32b2b97fb8680212de48c9d2b45ed6039_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:7e8ecd268fc23e6012789bf37c79e3f32b2b97fb8680212de48c9d2b45ed6039_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:95cb6eda4d1ab5fc90ac93317051262c3f1fece5bc038ecee402d9637ac9065b_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:95cb6eda4d1ab5fc90ac93317051262c3f1fece5bc038ecee402d9637ac9065b_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:95cb6eda4d1ab5fc90ac93317051262c3f1fece5bc038ecee402d9637ac9065b_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:d889a70c089484065a2ec82125046ab4a33b128f4dde1964cc079351870e9fb4_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:d889a70c089484065a2ec82125046ab4a33b128f4dde1964cc079351870e9fb4_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:d889a70c089484065a2ec82125046ab4a33b128f4dde1964cc079351870e9fb4_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:4841ffb3af288d62c7b55bc8aa0181a22f9115412412199d47ee867bc993dcb1_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:4841ffb3af288d62c7b55bc8aa0181a22f9115412412199d47ee867bc993dcb1_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:4841ffb3af288d62c7b55bc8aa0181a22f9115412412199d47ee867bc993dcb1_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:891a5bfabb3caa1500e010a5fa52cb8cb0ae5e891927f29482b60d0c5ff3a689_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:891a5bfabb3caa1500e010a5fa52cb8cb0ae5e891927f29482b60d0c5ff3a689_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:891a5bfabb3caa1500e010a5fa52cb8cb0ae5e891927f29482b60d0c5ff3a689_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:b0ad6462f9116dfef5d6f674abb40888fe0838f63ea63a910e28108fa9cfac96_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:b0ad6462f9116dfef5d6f674abb40888fe0838f63ea63a910e28108fa9cfac96_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:b0ad6462f9116dfef5d6f674abb40888fe0838f63ea63a910e28108fa9cfac96_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:81b5d9d7c45c4a8609c777e658eb8898e655799c813049ea75b0ad235d6c6031_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:81b5d9d7c45c4a8609c777e658eb8898e655799c813049ea75b0ad235d6c6031_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:81b5d9d7c45c4a8609c777e658eb8898e655799c813049ea75b0ad235d6c6031_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:91807217f7a5d5a234fe52d22ab0efb5d1555ecbea6bf0e73ea22986f0ccd7b9_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:91807217f7a5d5a234fe52d22ab0efb5d1555ecbea6bf0e73ea22986f0ccd7b9_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:91807217f7a5d5a234fe52d22ab0efb5d1555ecbea6bf0e73ea22986f0ccd7b9_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:ae1ec07ca41d555e1979d5a78c2a5d73b1ba40deea93fd9c68480dd2a273107d_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:ae1ec07ca41d555e1979d5a78c2a5d73b1ba40deea93fd9c68480dd2a273107d_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:ae1ec07ca41d555e1979d5a78c2a5d73b1ba40deea93fd9c68480dd2a273107d_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:1ca8319a9362df3b09515f3a721152af15068cb98596fabd202be639ec847cd8_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:1ca8319a9362df3b09515f3a721152af15068cb98596fabd202be639ec847cd8_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:1ca8319a9362df3b09515f3a721152af15068cb98596fabd202be639ec847cd8_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:7a5e9703c62f13b5b9541dacb86b864a02399a2facc5e77da50c990742fa48db_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:7a5e9703c62f13b5b9541dacb86b864a02399a2facc5e77da50c990742fa48db_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:7a5e9703c62f13b5b9541dacb86b864a02399a2facc5e77da50c990742fa48db_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:b481c31ea787bb4817304023ab223996b5deaf01f0c80557d652ca2e76a3dfc5_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b481c31ea787bb4817304023ab223996b5deaf01f0c80557d652ca2e76a3dfc5_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:b481c31ea787bb4817304023ab223996b5deaf01f0c80557d652ca2e76a3dfc5_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:16557a28d0f406947511e9c0ac45ee817ea140889bafcb904cac32bd8bd5e1f8_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:16557a28d0f406947511e9c0ac45ee817ea140889bafcb904cac32bd8bd5e1f8_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:16557a28d0f406947511e9c0ac45ee817ea140889bafcb904cac32bd8bd5e1f8_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:2fd7371cc9b6d31e893ccf947e1eb82dfdafe64cf52f5180fb56eda3b5f39c1e_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:2fd7371cc9b6d31e893ccf947e1eb82dfdafe64cf52f5180fb56eda3b5f39c1e_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:2fd7371cc9b6d31e893ccf947e1eb82dfdafe64cf52f5180fb56eda3b5f39c1e_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:f06e63143446f6adaa05e172e6badc0d1d5ed4c84e2d5d2557d6009f2f8fc020_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:f06e63143446f6adaa05e172e6badc0d1d5ed4c84e2d5d2557d6009f2f8fc020_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:f06e63143446f6adaa05e172e6badc0d1d5ed4c84e2d5d2557d6009f2f8fc020_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:138e5980154aaa0ac5e9298f784b526351c99704cf695ee431501323ca009ee3_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:138e5980154aaa0ac5e9298f784b526351c99704cf695ee431501323ca009ee3_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:138e5980154aaa0ac5e9298f784b526351c99704cf695ee431501323ca009ee3_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:825d631625833d741b1a1b5dc5b4ed58931bba19c0df3dfffbe37c8d288501d3_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:825d631625833d741b1a1b5dc5b4ed58931bba19c0df3dfffbe37c8d288501d3_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:825d631625833d741b1a1b5dc5b4ed58931bba19c0df3dfffbe37c8d288501d3_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:973018e772a918fdf56c326a9a2dab6930d0495b8832d93a9ce38715bdd3a793_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:973018e772a918fdf56c326a9a2dab6930d0495b8832d93a9ce38715bdd3a793_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:973018e772a918fdf56c326a9a2dab6930d0495b8832d93a9ce38715bdd3a793_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3661729758bf85f23ea026ee63878c37e633a559e3a9cb62831c5756208849e0_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3661729758bf85f23ea026ee63878c37e633a559e3a9cb62831c5756208849e0_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3661729758bf85f23ea026ee63878c37e633a559e3a9cb62831c5756208849e0_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c958195cb7c571b2281e68812730e5bfdb56239dd78cd7eef68c78305df3a22_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c958195cb7c571b2281e68812730e5bfdb56239dd78cd7eef68c78305df3a22_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c958195cb7c571b2281e68812730e5bfdb56239dd78cd7eef68c78305df3a22_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e343a83ec73665ed07c5960878a1b523c2cec5d5f1c17bfbedda3fc1a1670f3f_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e343a83ec73665ed07c5960878a1b523c2cec5d5f1c17bfbedda3fc1a1670f3f_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e343a83ec73665ed07c5960878a1b523c2cec5d5f1c17bfbedda3fc1a1670f3f_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0c937e3b9c64f9b162cfbe427f7302dae647ede0a521954c2dcda9ae5209c02f_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0c937e3b9c64f9b162cfbe427f7302dae647ede0a521954c2dcda9ae5209c02f_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0c937e3b9c64f9b162cfbe427f7302dae647ede0a521954c2dcda9ae5209c02f_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8ac90dab1deddcca3eeba5fbe21393745a83241bf58c5e45346d1d8136bc766_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8ac90dab1deddcca3eeba5fbe21393745a83241bf58c5e45346d1d8136bc766_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8ac90dab1deddcca3eeba5fbe21393745a83241bf58c5e45346d1d8136bc766_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dd5bcce7eab9696f3df21db09e63df3a80ce8e5fa64120b0fcaf68abde0d0ba1_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dd5bcce7eab9696f3df21db09e63df3a80ce8e5fa64120b0fcaf68abde0d0ba1_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dd5bcce7eab9696f3df21db09e63df3a80ce8e5fa64120b0fcaf68abde0d0ba1_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:1d91f26a507a68b406bb35e5773a482ae91e395ee2076a8c1a518f20c5709d39_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:1d91f26a507a68b406bb35e5773a482ae91e395ee2076a8c1a518f20c5709d39_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:1d91f26a507a68b406bb35e5773a482ae91e395ee2076a8c1a518f20c5709d39_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:85a7cd5b497ecaa4050bd1a1452da303a188c8c39e647506a97cb51f77bd15ed_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:85a7cd5b497ecaa4050bd1a1452da303a188c8c39e647506a97cb51f77bd15ed_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:85a7cd5b497ecaa4050bd1a1452da303a188c8c39e647506a97cb51f77bd15ed_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:ad57793f8387672543643510eb5ed7e7bbc3fff4b40b8f46c0133cbaba20fad3_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ad57793f8387672543643510eb5ed7e7bbc3fff4b40b8f46c0133cbaba20fad3_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:ad57793f8387672543643510eb5ed7e7bbc3fff4b40b8f46c0133cbaba20fad3_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4394e75958311552877cfb76fc7b6e2fb8b2bce515c0e1caf4a8dd74c656b391_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4394e75958311552877cfb76fc7b6e2fb8b2bce515c0e1caf4a8dd74c656b391_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4394e75958311552877cfb76fc7b6e2fb8b2bce515c0e1caf4a8dd74c656b391_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4f0354935b9ed09306af1ed8484da9b36fe0bac08ffa846c8b8ea882fef672f5_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4f0354935b9ed09306af1ed8484da9b36fe0bac08ffa846c8b8ea882fef672f5_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4f0354935b9ed09306af1ed8484da9b36fe0bac08ffa846c8b8ea882fef672f5_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:881b3767f0cfe08cb5fac5fcb8869410c05978909ab3cf8e1c636ab3676c9fc8_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:881b3767f0cfe08cb5fac5fcb8869410c05978909ab3cf8e1c636ab3676c9fc8_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:881b3767f0cfe08cb5fac5fcb8869410c05978909ab3cf8e1c636ab3676c9fc8_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6d670d1f82894be7a953b784958929790702a922f13237cba2653bb85541d34_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6d670d1f82894be7a953b784958929790702a922f13237cba2653bb85541d34_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6d670d1f82894be7a953b784958929790702a922f13237cba2653bb85541d34_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d4ab8e4dbf191fb71d9b7457846e5544949d03c356c6c855f5490e819b50ab01_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d4ab8e4dbf191fb71d9b7457846e5544949d03c356c6c855f5490e819b50ab01_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d4ab8e4dbf191fb71d9b7457846e5544949d03c356c6c855f5490e819b50ab01_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:fc03767015d6a89e53ca40378638f2e392941b7ff2e3a820b9528d7fcd0e3db9_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:fc03767015d6a89e53ca40378638f2e392941b7ff2e3a820b9528d7fcd0e3db9_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:fc03767015d6a89e53ca40378638f2e392941b7ff2e3a820b9528d7fcd0e3db9_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:044dd53b4b98134210f70146352a200965479f3a585c025b4d754fe891ec9bc3_amd64 as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:044dd53b4b98134210f70146352a200965479f3a585c025b4d754fe891ec9bc3_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:044dd53b4b98134210f70146352a200965479f3a585c025b4d754fe891ec9bc3_amd64",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:99c096b912ee9f55ad36d402a0e78ba2dfc4120313d3bdb9fc0254f3ef0bfebc_ppc64le as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:99c096b912ee9f55ad36d402a0e78ba2dfc4120313d3bdb9fc0254f3ef0bfebc_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:99c096b912ee9f55ad36d402a0e78ba2dfc4120313d3bdb9fc0254f3ef0bfebc_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c1481660a52b4d594368f1fe9b55646ac09d71ca8b6039e983752fa3185976bf_s390x as a component of RHACS 4.4 for RHEL 8",
"product_id": "8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c1481660a52b4d594368f1fe9b55646ac09d71ca8b6039e983752fa3185976bf_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c1481660a52b4d594368f1fe9b55646ac09d71ca8b6039e983752fa3185976bf_s390x",
"relates_to_product_reference": "8Base-RHACS-4.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-24789",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2024-06-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9178124bc5c25689fcc7f18e612324eb960a89cd9953e25ddcfb86901cef121f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:c4fb7a4e30d0e7e8849e37bc6109f23670036f33eea58f5d298b442ce1afb671_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:ee6981dd3ba39a27922af01c8b4daadbefe669bf749323c2f6c1b338130d51ca_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:7e8ecd268fc23e6012789bf37c79e3f32b2b97fb8680212de48c9d2b45ed6039_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:95cb6eda4d1ab5fc90ac93317051262c3f1fece5bc038ecee402d9637ac9065b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:d889a70c089484065a2ec82125046ab4a33b128f4dde1964cc079351870e9fb4_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:4841ffb3af288d62c7b55bc8aa0181a22f9115412412199d47ee867bc993dcb1_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:891a5bfabb3caa1500e010a5fa52cb8cb0ae5e891927f29482b60d0c5ff3a689_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:b0ad6462f9116dfef5d6f674abb40888fe0838f63ea63a910e28108fa9cfac96_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:1ca8319a9362df3b09515f3a721152af15068cb98596fabd202be639ec847cd8_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:7a5e9703c62f13b5b9541dacb86b864a02399a2facc5e77da50c990742fa48db_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b481c31ea787bb4817304023ab223996b5deaf01f0c80557d652ca2e76a3dfc5_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3661729758bf85f23ea026ee63878c37e633a559e3a9cb62831c5756208849e0_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c958195cb7c571b2281e68812730e5bfdb56239dd78cd7eef68c78305df3a22_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e343a83ec73665ed07c5960878a1b523c2cec5d5f1c17bfbedda3fc1a1670f3f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0c937e3b9c64f9b162cfbe427f7302dae647ede0a521954c2dcda9ae5209c02f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8ac90dab1deddcca3eeba5fbe21393745a83241bf58c5e45346d1d8136bc766_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dd5bcce7eab9696f3df21db09e63df3a80ce8e5fa64120b0fcaf68abde0d0ba1_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6d670d1f82894be7a953b784958929790702a922f13237cba2653bb85541d34_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d4ab8e4dbf191fb71d9b7457846e5544949d03c356c6c855f5490e819b50ab01_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:fc03767015d6a89e53ca40378638f2e392941b7ff2e3a820b9528d7fcd0e3db9_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2292668"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang. The ZIP implementation of the Go language archive/zip library behaves differently than the rest of the ZIP file format implementations. When handling ZIP files with a corrupted central directory record, the library skips over the invalid record and processes the next valid one. This flaw allows a malicious user to access hidden information or files inside maliciously crafted ZIP files.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: archive/zip: Incorrect handling of certain ZIP files",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:81b5d9d7c45c4a8609c777e658eb8898e655799c813049ea75b0ad235d6c6031_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:91807217f7a5d5a234fe52d22ab0efb5d1555ecbea6bf0e73ea22986f0ccd7b9_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:ae1ec07ca41d555e1979d5a78c2a5d73b1ba40deea93fd9c68480dd2a273107d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:16557a28d0f406947511e9c0ac45ee817ea140889bafcb904cac32bd8bd5e1f8_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:2fd7371cc9b6d31e893ccf947e1eb82dfdafe64cf52f5180fb56eda3b5f39c1e_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:f06e63143446f6adaa05e172e6badc0d1d5ed4c84e2d5d2557d6009f2f8fc020_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:138e5980154aaa0ac5e9298f784b526351c99704cf695ee431501323ca009ee3_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:825d631625833d741b1a1b5dc5b4ed58931bba19c0df3dfffbe37c8d288501d3_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:973018e772a918fdf56c326a9a2dab6930d0495b8832d93a9ce38715bdd3a793_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:1d91f26a507a68b406bb35e5773a482ae91e395ee2076a8c1a518f20c5709d39_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:85a7cd5b497ecaa4050bd1a1452da303a188c8c39e647506a97cb51f77bd15ed_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ad57793f8387672543643510eb5ed7e7bbc3fff4b40b8f46c0133cbaba20fad3_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4394e75958311552877cfb76fc7b6e2fb8b2bce515c0e1caf4a8dd74c656b391_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4f0354935b9ed09306af1ed8484da9b36fe0bac08ffa846c8b8ea882fef672f5_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:881b3767f0cfe08cb5fac5fcb8869410c05978909ab3cf8e1c636ab3676c9fc8_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:044dd53b4b98134210f70146352a200965479f3a585c025b4d754fe891ec9bc3_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:99c096b912ee9f55ad36d402a0e78ba2dfc4120313d3bdb9fc0254f3ef0bfebc_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c1481660a52b4d594368f1fe9b55646ac09d71ca8b6039e983752fa3185976bf_s390x"
],
"known_not_affected": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9178124bc5c25689fcc7f18e612324eb960a89cd9953e25ddcfb86901cef121f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:c4fb7a4e30d0e7e8849e37bc6109f23670036f33eea58f5d298b442ce1afb671_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:ee6981dd3ba39a27922af01c8b4daadbefe669bf749323c2f6c1b338130d51ca_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:7e8ecd268fc23e6012789bf37c79e3f32b2b97fb8680212de48c9d2b45ed6039_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:95cb6eda4d1ab5fc90ac93317051262c3f1fece5bc038ecee402d9637ac9065b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:d889a70c089484065a2ec82125046ab4a33b128f4dde1964cc079351870e9fb4_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:4841ffb3af288d62c7b55bc8aa0181a22f9115412412199d47ee867bc993dcb1_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:891a5bfabb3caa1500e010a5fa52cb8cb0ae5e891927f29482b60d0c5ff3a689_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:b0ad6462f9116dfef5d6f674abb40888fe0838f63ea63a910e28108fa9cfac96_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:1ca8319a9362df3b09515f3a721152af15068cb98596fabd202be639ec847cd8_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:7a5e9703c62f13b5b9541dacb86b864a02399a2facc5e77da50c990742fa48db_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b481c31ea787bb4817304023ab223996b5deaf01f0c80557d652ca2e76a3dfc5_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3661729758bf85f23ea026ee63878c37e633a559e3a9cb62831c5756208849e0_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c958195cb7c571b2281e68812730e5bfdb56239dd78cd7eef68c78305df3a22_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e343a83ec73665ed07c5960878a1b523c2cec5d5f1c17bfbedda3fc1a1670f3f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0c937e3b9c64f9b162cfbe427f7302dae647ede0a521954c2dcda9ae5209c02f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8ac90dab1deddcca3eeba5fbe21393745a83241bf58c5e45346d1d8136bc766_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dd5bcce7eab9696f3df21db09e63df3a80ce8e5fa64120b0fcaf68abde0d0ba1_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6d670d1f82894be7a953b784958929790702a922f13237cba2653bb85541d34_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d4ab8e4dbf191fb71d9b7457846e5544949d03c356c6c855f5490e819b50ab01_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:fc03767015d6a89e53ca40378638f2e392941b7ff2e3a820b9528d7fcd0e3db9_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-24789"
},
{
"category": "external",
"summary": "RHBZ#2292668",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292668"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-24789",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24789"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24789",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24789"
}
],
"release_date": "2024-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-13T18:00:45+00:00",
"details": "If you are using an earlier version of RHACS 4.4, you are advised to upgrade to this patch release 4.4.6.",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:81b5d9d7c45c4a8609c777e658eb8898e655799c813049ea75b0ad235d6c6031_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:91807217f7a5d5a234fe52d22ab0efb5d1555ecbea6bf0e73ea22986f0ccd7b9_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:ae1ec07ca41d555e1979d5a78c2a5d73b1ba40deea93fd9c68480dd2a273107d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:16557a28d0f406947511e9c0ac45ee817ea140889bafcb904cac32bd8bd5e1f8_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:2fd7371cc9b6d31e893ccf947e1eb82dfdafe64cf52f5180fb56eda3b5f39c1e_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:f06e63143446f6adaa05e172e6badc0d1d5ed4c84e2d5d2557d6009f2f8fc020_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:138e5980154aaa0ac5e9298f784b526351c99704cf695ee431501323ca009ee3_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:825d631625833d741b1a1b5dc5b4ed58931bba19c0df3dfffbe37c8d288501d3_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:973018e772a918fdf56c326a9a2dab6930d0495b8832d93a9ce38715bdd3a793_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:1d91f26a507a68b406bb35e5773a482ae91e395ee2076a8c1a518f20c5709d39_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:85a7cd5b497ecaa4050bd1a1452da303a188c8c39e647506a97cb51f77bd15ed_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ad57793f8387672543643510eb5ed7e7bbc3fff4b40b8f46c0133cbaba20fad3_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4394e75958311552877cfb76fc7b6e2fb8b2bce515c0e1caf4a8dd74c656b391_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4f0354935b9ed09306af1ed8484da9b36fe0bac08ffa846c8b8ea882fef672f5_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:881b3767f0cfe08cb5fac5fcb8869410c05978909ab3cf8e1c636ab3676c9fc8_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:044dd53b4b98134210f70146352a200965479f3a585c025b4d754fe891ec9bc3_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:99c096b912ee9f55ad36d402a0e78ba2dfc4120313d3bdb9fc0254f3ef0bfebc_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c1481660a52b4d594368f1fe9b55646ac09d71ca8b6039e983752fa3185976bf_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:9583"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9178124bc5c25689fcc7f18e612324eb960a89cd9953e25ddcfb86901cef121f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:c4fb7a4e30d0e7e8849e37bc6109f23670036f33eea58f5d298b442ce1afb671_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:ee6981dd3ba39a27922af01c8b4daadbefe669bf749323c2f6c1b338130d51ca_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:7e8ecd268fc23e6012789bf37c79e3f32b2b97fb8680212de48c9d2b45ed6039_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:95cb6eda4d1ab5fc90ac93317051262c3f1fece5bc038ecee402d9637ac9065b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:d889a70c089484065a2ec82125046ab4a33b128f4dde1964cc079351870e9fb4_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:4841ffb3af288d62c7b55bc8aa0181a22f9115412412199d47ee867bc993dcb1_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:891a5bfabb3caa1500e010a5fa52cb8cb0ae5e891927f29482b60d0c5ff3a689_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:b0ad6462f9116dfef5d6f674abb40888fe0838f63ea63a910e28108fa9cfac96_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:81b5d9d7c45c4a8609c777e658eb8898e655799c813049ea75b0ad235d6c6031_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:91807217f7a5d5a234fe52d22ab0efb5d1555ecbea6bf0e73ea22986f0ccd7b9_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:ae1ec07ca41d555e1979d5a78c2a5d73b1ba40deea93fd9c68480dd2a273107d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:1ca8319a9362df3b09515f3a721152af15068cb98596fabd202be639ec847cd8_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:7a5e9703c62f13b5b9541dacb86b864a02399a2facc5e77da50c990742fa48db_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b481c31ea787bb4817304023ab223996b5deaf01f0c80557d652ca2e76a3dfc5_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:16557a28d0f406947511e9c0ac45ee817ea140889bafcb904cac32bd8bd5e1f8_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:2fd7371cc9b6d31e893ccf947e1eb82dfdafe64cf52f5180fb56eda3b5f39c1e_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:f06e63143446f6adaa05e172e6badc0d1d5ed4c84e2d5d2557d6009f2f8fc020_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:138e5980154aaa0ac5e9298f784b526351c99704cf695ee431501323ca009ee3_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:825d631625833d741b1a1b5dc5b4ed58931bba19c0df3dfffbe37c8d288501d3_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:973018e772a918fdf56c326a9a2dab6930d0495b8832d93a9ce38715bdd3a793_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3661729758bf85f23ea026ee63878c37e633a559e3a9cb62831c5756208849e0_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c958195cb7c571b2281e68812730e5bfdb56239dd78cd7eef68c78305df3a22_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e343a83ec73665ed07c5960878a1b523c2cec5d5f1c17bfbedda3fc1a1670f3f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0c937e3b9c64f9b162cfbe427f7302dae647ede0a521954c2dcda9ae5209c02f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8ac90dab1deddcca3eeba5fbe21393745a83241bf58c5e45346d1d8136bc766_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dd5bcce7eab9696f3df21db09e63df3a80ce8e5fa64120b0fcaf68abde0d0ba1_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:1d91f26a507a68b406bb35e5773a482ae91e395ee2076a8c1a518f20c5709d39_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:85a7cd5b497ecaa4050bd1a1452da303a188c8c39e647506a97cb51f77bd15ed_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ad57793f8387672543643510eb5ed7e7bbc3fff4b40b8f46c0133cbaba20fad3_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4394e75958311552877cfb76fc7b6e2fb8b2bce515c0e1caf4a8dd74c656b391_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4f0354935b9ed09306af1ed8484da9b36fe0bac08ffa846c8b8ea882fef672f5_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:881b3767f0cfe08cb5fac5fcb8869410c05978909ab3cf8e1c636ab3676c9fc8_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6d670d1f82894be7a953b784958929790702a922f13237cba2653bb85541d34_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d4ab8e4dbf191fb71d9b7457846e5544949d03c356c6c855f5490e819b50ab01_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:fc03767015d6a89e53ca40378638f2e392941b7ff2e3a820b9528d7fcd0e3db9_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:044dd53b4b98134210f70146352a200965479f3a585c025b4d754fe891ec9bc3_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:99c096b912ee9f55ad36d402a0e78ba2dfc4120313d3bdb9fc0254f3ef0bfebc_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c1481660a52b4d594368f1fe9b55646ac09d71ca8b6039e983752fa3185976bf_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: archive/zip: Incorrect handling of certain ZIP files"
},
{
"cve": "CVE-2024-24790",
"cwe": {
"id": "CWE-115",
"name": "Misinterpretation of Input"
},
"discovery_date": "2024-06-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9178124bc5c25689fcc7f18e612324eb960a89cd9953e25ddcfb86901cef121f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:c4fb7a4e30d0e7e8849e37bc6109f23670036f33eea58f5d298b442ce1afb671_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:ee6981dd3ba39a27922af01c8b4daadbefe669bf749323c2f6c1b338130d51ca_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:7e8ecd268fc23e6012789bf37c79e3f32b2b97fb8680212de48c9d2b45ed6039_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:95cb6eda4d1ab5fc90ac93317051262c3f1fece5bc038ecee402d9637ac9065b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:d889a70c089484065a2ec82125046ab4a33b128f4dde1964cc079351870e9fb4_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:4841ffb3af288d62c7b55bc8aa0181a22f9115412412199d47ee867bc993dcb1_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:891a5bfabb3caa1500e010a5fa52cb8cb0ae5e891927f29482b60d0c5ff3a689_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:b0ad6462f9116dfef5d6f674abb40888fe0838f63ea63a910e28108fa9cfac96_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:1ca8319a9362df3b09515f3a721152af15068cb98596fabd202be639ec847cd8_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:7a5e9703c62f13b5b9541dacb86b864a02399a2facc5e77da50c990742fa48db_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b481c31ea787bb4817304023ab223996b5deaf01f0c80557d652ca2e76a3dfc5_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:16557a28d0f406947511e9c0ac45ee817ea140889bafcb904cac32bd8bd5e1f8_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:2fd7371cc9b6d31e893ccf947e1eb82dfdafe64cf52f5180fb56eda3b5f39c1e_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:f06e63143446f6adaa05e172e6badc0d1d5ed4c84e2d5d2557d6009f2f8fc020_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:138e5980154aaa0ac5e9298f784b526351c99704cf695ee431501323ca009ee3_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:825d631625833d741b1a1b5dc5b4ed58931bba19c0df3dfffbe37c8d288501d3_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:973018e772a918fdf56c326a9a2dab6930d0495b8832d93a9ce38715bdd3a793_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3661729758bf85f23ea026ee63878c37e633a559e3a9cb62831c5756208849e0_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c958195cb7c571b2281e68812730e5bfdb56239dd78cd7eef68c78305df3a22_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e343a83ec73665ed07c5960878a1b523c2cec5d5f1c17bfbedda3fc1a1670f3f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0c937e3b9c64f9b162cfbe427f7302dae647ede0a521954c2dcda9ae5209c02f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8ac90dab1deddcca3eeba5fbe21393745a83241bf58c5e45346d1d8136bc766_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dd5bcce7eab9696f3df21db09e63df3a80ce8e5fa64120b0fcaf68abde0d0ba1_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:1d91f26a507a68b406bb35e5773a482ae91e395ee2076a8c1a518f20c5709d39_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:85a7cd5b497ecaa4050bd1a1452da303a188c8c39e647506a97cb51f77bd15ed_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ad57793f8387672543643510eb5ed7e7bbc3fff4b40b8f46c0133cbaba20fad3_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4394e75958311552877cfb76fc7b6e2fb8b2bce515c0e1caf4a8dd74c656b391_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4f0354935b9ed09306af1ed8484da9b36fe0bac08ffa846c8b8ea882fef672f5_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:881b3767f0cfe08cb5fac5fcb8869410c05978909ab3cf8e1c636ab3676c9fc8_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6d670d1f82894be7a953b784958929790702a922f13237cba2653bb85541d34_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d4ab8e4dbf191fb71d9b7457846e5544949d03c356c6c855f5490e819b50ab01_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:fc03767015d6a89e53ca40378638f2e392941b7ff2e3a820b9528d7fcd0e3db9_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:044dd53b4b98134210f70146352a200965479f3a585c025b4d754fe891ec9bc3_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:99c096b912ee9f55ad36d402a0e78ba2dfc4120313d3bdb9fc0254f3ef0bfebc_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c1481660a52b4d594368f1fe9b55646ac09d71ca8b6039e983752fa3185976bf_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2292787"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Go language standard library net/netip. The method Is*() (IsPrivate(), IsPublic(), etc) doesn\u0027t behave properly when working with IPv6 mapped to IPv4 addresses. The unexpected behavior can lead to integrity and confidentiality issues, specifically when these methods are used to control access to resources or data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This CVE has been marked as moderate as for our products a network-based attack vector is simply impossible when it comes to golang code,apart from that as per CVE flaw analysis reported by golang, this only affects integrity and confidentiality and has no effect on availability, hence CVSS has been marked as such.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:81b5d9d7c45c4a8609c777e658eb8898e655799c813049ea75b0ad235d6c6031_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:91807217f7a5d5a234fe52d22ab0efb5d1555ecbea6bf0e73ea22986f0ccd7b9_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:ae1ec07ca41d555e1979d5a78c2a5d73b1ba40deea93fd9c68480dd2a273107d_amd64"
],
"known_not_affected": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9178124bc5c25689fcc7f18e612324eb960a89cd9953e25ddcfb86901cef121f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:c4fb7a4e30d0e7e8849e37bc6109f23670036f33eea58f5d298b442ce1afb671_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:ee6981dd3ba39a27922af01c8b4daadbefe669bf749323c2f6c1b338130d51ca_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:7e8ecd268fc23e6012789bf37c79e3f32b2b97fb8680212de48c9d2b45ed6039_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:95cb6eda4d1ab5fc90ac93317051262c3f1fece5bc038ecee402d9637ac9065b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:d889a70c089484065a2ec82125046ab4a33b128f4dde1964cc079351870e9fb4_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:4841ffb3af288d62c7b55bc8aa0181a22f9115412412199d47ee867bc993dcb1_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:891a5bfabb3caa1500e010a5fa52cb8cb0ae5e891927f29482b60d0c5ff3a689_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:b0ad6462f9116dfef5d6f674abb40888fe0838f63ea63a910e28108fa9cfac96_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:1ca8319a9362df3b09515f3a721152af15068cb98596fabd202be639ec847cd8_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:7a5e9703c62f13b5b9541dacb86b864a02399a2facc5e77da50c990742fa48db_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b481c31ea787bb4817304023ab223996b5deaf01f0c80557d652ca2e76a3dfc5_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:16557a28d0f406947511e9c0ac45ee817ea140889bafcb904cac32bd8bd5e1f8_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:2fd7371cc9b6d31e893ccf947e1eb82dfdafe64cf52f5180fb56eda3b5f39c1e_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:f06e63143446f6adaa05e172e6badc0d1d5ed4c84e2d5d2557d6009f2f8fc020_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:138e5980154aaa0ac5e9298f784b526351c99704cf695ee431501323ca009ee3_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:825d631625833d741b1a1b5dc5b4ed58931bba19c0df3dfffbe37c8d288501d3_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:973018e772a918fdf56c326a9a2dab6930d0495b8832d93a9ce38715bdd3a793_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3661729758bf85f23ea026ee63878c37e633a559e3a9cb62831c5756208849e0_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c958195cb7c571b2281e68812730e5bfdb56239dd78cd7eef68c78305df3a22_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e343a83ec73665ed07c5960878a1b523c2cec5d5f1c17bfbedda3fc1a1670f3f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0c937e3b9c64f9b162cfbe427f7302dae647ede0a521954c2dcda9ae5209c02f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8ac90dab1deddcca3eeba5fbe21393745a83241bf58c5e45346d1d8136bc766_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dd5bcce7eab9696f3df21db09e63df3a80ce8e5fa64120b0fcaf68abde0d0ba1_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:1d91f26a507a68b406bb35e5773a482ae91e395ee2076a8c1a518f20c5709d39_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:85a7cd5b497ecaa4050bd1a1452da303a188c8c39e647506a97cb51f77bd15ed_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ad57793f8387672543643510eb5ed7e7bbc3fff4b40b8f46c0133cbaba20fad3_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4394e75958311552877cfb76fc7b6e2fb8b2bce515c0e1caf4a8dd74c656b391_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4f0354935b9ed09306af1ed8484da9b36fe0bac08ffa846c8b8ea882fef672f5_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:881b3767f0cfe08cb5fac5fcb8869410c05978909ab3cf8e1c636ab3676c9fc8_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6d670d1f82894be7a953b784958929790702a922f13237cba2653bb85541d34_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d4ab8e4dbf191fb71d9b7457846e5544949d03c356c6c855f5490e819b50ab01_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:fc03767015d6a89e53ca40378638f2e392941b7ff2e3a820b9528d7fcd0e3db9_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:044dd53b4b98134210f70146352a200965479f3a585c025b4d754fe891ec9bc3_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:99c096b912ee9f55ad36d402a0e78ba2dfc4120313d3bdb9fc0254f3ef0bfebc_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c1481660a52b4d594368f1fe9b55646ac09d71ca8b6039e983752fa3185976bf_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-24790"
},
{
"category": "external",
"summary": "RHBZ#2292787",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292787"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-24790",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24790"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24790",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24790"
}
],
"release_date": "2024-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-13T18:00:45+00:00",
"details": "If you are using an earlier version of RHACS 4.4, you are advised to upgrade to this patch release 4.4.6.",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:81b5d9d7c45c4a8609c777e658eb8898e655799c813049ea75b0ad235d6c6031_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:91807217f7a5d5a234fe52d22ab0efb5d1555ecbea6bf0e73ea22986f0ccd7b9_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:ae1ec07ca41d555e1979d5a78c2a5d73b1ba40deea93fd9c68480dd2a273107d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:9583"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9178124bc5c25689fcc7f18e612324eb960a89cd9953e25ddcfb86901cef121f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:c4fb7a4e30d0e7e8849e37bc6109f23670036f33eea58f5d298b442ce1afb671_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:ee6981dd3ba39a27922af01c8b4daadbefe669bf749323c2f6c1b338130d51ca_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:7e8ecd268fc23e6012789bf37c79e3f32b2b97fb8680212de48c9d2b45ed6039_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:95cb6eda4d1ab5fc90ac93317051262c3f1fece5bc038ecee402d9637ac9065b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:d889a70c089484065a2ec82125046ab4a33b128f4dde1964cc079351870e9fb4_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:4841ffb3af288d62c7b55bc8aa0181a22f9115412412199d47ee867bc993dcb1_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:891a5bfabb3caa1500e010a5fa52cb8cb0ae5e891927f29482b60d0c5ff3a689_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:b0ad6462f9116dfef5d6f674abb40888fe0838f63ea63a910e28108fa9cfac96_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:81b5d9d7c45c4a8609c777e658eb8898e655799c813049ea75b0ad235d6c6031_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:91807217f7a5d5a234fe52d22ab0efb5d1555ecbea6bf0e73ea22986f0ccd7b9_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:ae1ec07ca41d555e1979d5a78c2a5d73b1ba40deea93fd9c68480dd2a273107d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:1ca8319a9362df3b09515f3a721152af15068cb98596fabd202be639ec847cd8_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:7a5e9703c62f13b5b9541dacb86b864a02399a2facc5e77da50c990742fa48db_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b481c31ea787bb4817304023ab223996b5deaf01f0c80557d652ca2e76a3dfc5_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:16557a28d0f406947511e9c0ac45ee817ea140889bafcb904cac32bd8bd5e1f8_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:2fd7371cc9b6d31e893ccf947e1eb82dfdafe64cf52f5180fb56eda3b5f39c1e_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:f06e63143446f6adaa05e172e6badc0d1d5ed4c84e2d5d2557d6009f2f8fc020_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:138e5980154aaa0ac5e9298f784b526351c99704cf695ee431501323ca009ee3_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:825d631625833d741b1a1b5dc5b4ed58931bba19c0df3dfffbe37c8d288501d3_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:973018e772a918fdf56c326a9a2dab6930d0495b8832d93a9ce38715bdd3a793_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3661729758bf85f23ea026ee63878c37e633a559e3a9cb62831c5756208849e0_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c958195cb7c571b2281e68812730e5bfdb56239dd78cd7eef68c78305df3a22_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e343a83ec73665ed07c5960878a1b523c2cec5d5f1c17bfbedda3fc1a1670f3f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0c937e3b9c64f9b162cfbe427f7302dae647ede0a521954c2dcda9ae5209c02f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8ac90dab1deddcca3eeba5fbe21393745a83241bf58c5e45346d1d8136bc766_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dd5bcce7eab9696f3df21db09e63df3a80ce8e5fa64120b0fcaf68abde0d0ba1_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:1d91f26a507a68b406bb35e5773a482ae91e395ee2076a8c1a518f20c5709d39_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:85a7cd5b497ecaa4050bd1a1452da303a188c8c39e647506a97cb51f77bd15ed_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ad57793f8387672543643510eb5ed7e7bbc3fff4b40b8f46c0133cbaba20fad3_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4394e75958311552877cfb76fc7b6e2fb8b2bce515c0e1caf4a8dd74c656b391_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4f0354935b9ed09306af1ed8484da9b36fe0bac08ffa846c8b8ea882fef672f5_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:881b3767f0cfe08cb5fac5fcb8869410c05978909ab3cf8e1c636ab3676c9fc8_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6d670d1f82894be7a953b784958929790702a922f13237cba2653bb85541d34_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d4ab8e4dbf191fb71d9b7457846e5544949d03c356c6c855f5490e819b50ab01_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:fc03767015d6a89e53ca40378638f2e392941b7ff2e3a820b9528d7fcd0e3db9_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:044dd53b4b98134210f70146352a200965479f3a585c025b4d754fe891ec9bc3_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:99c096b912ee9f55ad36d402a0e78ba2dfc4120313d3bdb9fc0254f3ef0bfebc_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c1481660a52b4d594368f1fe9b55646ac09d71ca8b6039e983752fa3185976bf_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9178124bc5c25689fcc7f18e612324eb960a89cd9953e25ddcfb86901cef121f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:c4fb7a4e30d0e7e8849e37bc6109f23670036f33eea58f5d298b442ce1afb671_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:ee6981dd3ba39a27922af01c8b4daadbefe669bf749323c2f6c1b338130d51ca_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:7e8ecd268fc23e6012789bf37c79e3f32b2b97fb8680212de48c9d2b45ed6039_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:95cb6eda4d1ab5fc90ac93317051262c3f1fece5bc038ecee402d9637ac9065b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:d889a70c089484065a2ec82125046ab4a33b128f4dde1964cc079351870e9fb4_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:4841ffb3af288d62c7b55bc8aa0181a22f9115412412199d47ee867bc993dcb1_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:891a5bfabb3caa1500e010a5fa52cb8cb0ae5e891927f29482b60d0c5ff3a689_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:b0ad6462f9116dfef5d6f674abb40888fe0838f63ea63a910e28108fa9cfac96_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:81b5d9d7c45c4a8609c777e658eb8898e655799c813049ea75b0ad235d6c6031_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:91807217f7a5d5a234fe52d22ab0efb5d1555ecbea6bf0e73ea22986f0ccd7b9_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:ae1ec07ca41d555e1979d5a78c2a5d73b1ba40deea93fd9c68480dd2a273107d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:1ca8319a9362df3b09515f3a721152af15068cb98596fabd202be639ec847cd8_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:7a5e9703c62f13b5b9541dacb86b864a02399a2facc5e77da50c990742fa48db_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b481c31ea787bb4817304023ab223996b5deaf01f0c80557d652ca2e76a3dfc5_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:16557a28d0f406947511e9c0ac45ee817ea140889bafcb904cac32bd8bd5e1f8_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:2fd7371cc9b6d31e893ccf947e1eb82dfdafe64cf52f5180fb56eda3b5f39c1e_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:f06e63143446f6adaa05e172e6badc0d1d5ed4c84e2d5d2557d6009f2f8fc020_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:138e5980154aaa0ac5e9298f784b526351c99704cf695ee431501323ca009ee3_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:825d631625833d741b1a1b5dc5b4ed58931bba19c0df3dfffbe37c8d288501d3_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:973018e772a918fdf56c326a9a2dab6930d0495b8832d93a9ce38715bdd3a793_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3661729758bf85f23ea026ee63878c37e633a559e3a9cb62831c5756208849e0_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c958195cb7c571b2281e68812730e5bfdb56239dd78cd7eef68c78305df3a22_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e343a83ec73665ed07c5960878a1b523c2cec5d5f1c17bfbedda3fc1a1670f3f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0c937e3b9c64f9b162cfbe427f7302dae647ede0a521954c2dcda9ae5209c02f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8ac90dab1deddcca3eeba5fbe21393745a83241bf58c5e45346d1d8136bc766_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dd5bcce7eab9696f3df21db09e63df3a80ce8e5fa64120b0fcaf68abde0d0ba1_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:1d91f26a507a68b406bb35e5773a482ae91e395ee2076a8c1a518f20c5709d39_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:85a7cd5b497ecaa4050bd1a1452da303a188c8c39e647506a97cb51f77bd15ed_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ad57793f8387672543643510eb5ed7e7bbc3fff4b40b8f46c0133cbaba20fad3_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4394e75958311552877cfb76fc7b6e2fb8b2bce515c0e1caf4a8dd74c656b391_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4f0354935b9ed09306af1ed8484da9b36fe0bac08ffa846c8b8ea882fef672f5_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:881b3767f0cfe08cb5fac5fcb8869410c05978909ab3cf8e1c636ab3676c9fc8_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6d670d1f82894be7a953b784958929790702a922f13237cba2653bb85541d34_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d4ab8e4dbf191fb71d9b7457846e5544949d03c356c6c855f5490e819b50ab01_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:fc03767015d6a89e53ca40378638f2e392941b7ff2e3a820b9528d7fcd0e3db9_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:044dd53b4b98134210f70146352a200965479f3a585c025b4d754fe891ec9bc3_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:99c096b912ee9f55ad36d402a0e78ba2dfc4120313d3bdb9fc0254f3ef0bfebc_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c1481660a52b4d594368f1fe9b55646ac09d71ca8b6039e983752fa3185976bf_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses"
},
{
"cve": "CVE-2024-34156",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2024-09-06T21:20:09.377905+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9178124bc5c25689fcc7f18e612324eb960a89cd9953e25ddcfb86901cef121f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:c4fb7a4e30d0e7e8849e37bc6109f23670036f33eea58f5d298b442ce1afb671_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:ee6981dd3ba39a27922af01c8b4daadbefe669bf749323c2f6c1b338130d51ca_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:7e8ecd268fc23e6012789bf37c79e3f32b2b97fb8680212de48c9d2b45ed6039_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:95cb6eda4d1ab5fc90ac93317051262c3f1fece5bc038ecee402d9637ac9065b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:d889a70c089484065a2ec82125046ab4a33b128f4dde1964cc079351870e9fb4_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:4841ffb3af288d62c7b55bc8aa0181a22f9115412412199d47ee867bc993dcb1_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:891a5bfabb3caa1500e010a5fa52cb8cb0ae5e891927f29482b60d0c5ff3a689_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:b0ad6462f9116dfef5d6f674abb40888fe0838f63ea63a910e28108fa9cfac96_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:1ca8319a9362df3b09515f3a721152af15068cb98596fabd202be639ec847cd8_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:7a5e9703c62f13b5b9541dacb86b864a02399a2facc5e77da50c990742fa48db_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b481c31ea787bb4817304023ab223996b5deaf01f0c80557d652ca2e76a3dfc5_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:16557a28d0f406947511e9c0ac45ee817ea140889bafcb904cac32bd8bd5e1f8_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:2fd7371cc9b6d31e893ccf947e1eb82dfdafe64cf52f5180fb56eda3b5f39c1e_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:f06e63143446f6adaa05e172e6badc0d1d5ed4c84e2d5d2557d6009f2f8fc020_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:138e5980154aaa0ac5e9298f784b526351c99704cf695ee431501323ca009ee3_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:825d631625833d741b1a1b5dc5b4ed58931bba19c0df3dfffbe37c8d288501d3_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:973018e772a918fdf56c326a9a2dab6930d0495b8832d93a9ce38715bdd3a793_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3661729758bf85f23ea026ee63878c37e633a559e3a9cb62831c5756208849e0_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c958195cb7c571b2281e68812730e5bfdb56239dd78cd7eef68c78305df3a22_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e343a83ec73665ed07c5960878a1b523c2cec5d5f1c17bfbedda3fc1a1670f3f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0c937e3b9c64f9b162cfbe427f7302dae647ede0a521954c2dcda9ae5209c02f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8ac90dab1deddcca3eeba5fbe21393745a83241bf58c5e45346d1d8136bc766_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dd5bcce7eab9696f3df21db09e63df3a80ce8e5fa64120b0fcaf68abde0d0ba1_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:1d91f26a507a68b406bb35e5773a482ae91e395ee2076a8c1a518f20c5709d39_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:85a7cd5b497ecaa4050bd1a1452da303a188c8c39e647506a97cb51f77bd15ed_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ad57793f8387672543643510eb5ed7e7bbc3fff4b40b8f46c0133cbaba20fad3_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4394e75958311552877cfb76fc7b6e2fb8b2bce515c0e1caf4a8dd74c656b391_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4f0354935b9ed09306af1ed8484da9b36fe0bac08ffa846c8b8ea882fef672f5_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:881b3767f0cfe08cb5fac5fcb8869410c05978909ab3cf8e1c636ab3676c9fc8_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6d670d1f82894be7a953b784958929790702a922f13237cba2653bb85541d34_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d4ab8e4dbf191fb71d9b7457846e5544949d03c356c6c855f5490e819b50ab01_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:fc03767015d6a89e53ca40378638f2e392941b7ff2e3a820b9528d7fcd0e3db9_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:044dd53b4b98134210f70146352a200965479f3a585c025b4d754fe891ec9bc3_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:99c096b912ee9f55ad36d402a0e78ba2dfc4120313d3bdb9fc0254f3ef0bfebc_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c1481660a52b4d594368f1fe9b55646ac09d71ca8b6039e983752fa3185976bf_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310528"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in Go\u0027s `encoding/gob` package is of high severity because it exposes applications to potential Denial of Service (DoS) attacks through stack exhaustion. Since `gob` relies on recursive function calls to decode nested structures, an attacker could exploit this by sending crafted messages with excessively deep nesting, causing the application to panic due to stack overflow. This risk is particularly important in scenarios where untrusted or external input is processed, as it can lead to system unavailability or crashes, undermining the reliability and availability of services.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:81b5d9d7c45c4a8609c777e658eb8898e655799c813049ea75b0ad235d6c6031_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:91807217f7a5d5a234fe52d22ab0efb5d1555ecbea6bf0e73ea22986f0ccd7b9_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:ae1ec07ca41d555e1979d5a78c2a5d73b1ba40deea93fd9c68480dd2a273107d_amd64"
],
"known_not_affected": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9178124bc5c25689fcc7f18e612324eb960a89cd9953e25ddcfb86901cef121f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:c4fb7a4e30d0e7e8849e37bc6109f23670036f33eea58f5d298b442ce1afb671_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:ee6981dd3ba39a27922af01c8b4daadbefe669bf749323c2f6c1b338130d51ca_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:7e8ecd268fc23e6012789bf37c79e3f32b2b97fb8680212de48c9d2b45ed6039_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:95cb6eda4d1ab5fc90ac93317051262c3f1fece5bc038ecee402d9637ac9065b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:d889a70c089484065a2ec82125046ab4a33b128f4dde1964cc079351870e9fb4_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:4841ffb3af288d62c7b55bc8aa0181a22f9115412412199d47ee867bc993dcb1_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:891a5bfabb3caa1500e010a5fa52cb8cb0ae5e891927f29482b60d0c5ff3a689_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:b0ad6462f9116dfef5d6f674abb40888fe0838f63ea63a910e28108fa9cfac96_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:1ca8319a9362df3b09515f3a721152af15068cb98596fabd202be639ec847cd8_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:7a5e9703c62f13b5b9541dacb86b864a02399a2facc5e77da50c990742fa48db_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b481c31ea787bb4817304023ab223996b5deaf01f0c80557d652ca2e76a3dfc5_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:16557a28d0f406947511e9c0ac45ee817ea140889bafcb904cac32bd8bd5e1f8_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:2fd7371cc9b6d31e893ccf947e1eb82dfdafe64cf52f5180fb56eda3b5f39c1e_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:f06e63143446f6adaa05e172e6badc0d1d5ed4c84e2d5d2557d6009f2f8fc020_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:138e5980154aaa0ac5e9298f784b526351c99704cf695ee431501323ca009ee3_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:825d631625833d741b1a1b5dc5b4ed58931bba19c0df3dfffbe37c8d288501d3_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:973018e772a918fdf56c326a9a2dab6930d0495b8832d93a9ce38715bdd3a793_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3661729758bf85f23ea026ee63878c37e633a559e3a9cb62831c5756208849e0_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c958195cb7c571b2281e68812730e5bfdb56239dd78cd7eef68c78305df3a22_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e343a83ec73665ed07c5960878a1b523c2cec5d5f1c17bfbedda3fc1a1670f3f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0c937e3b9c64f9b162cfbe427f7302dae647ede0a521954c2dcda9ae5209c02f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8ac90dab1deddcca3eeba5fbe21393745a83241bf58c5e45346d1d8136bc766_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dd5bcce7eab9696f3df21db09e63df3a80ce8e5fa64120b0fcaf68abde0d0ba1_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:1d91f26a507a68b406bb35e5773a482ae91e395ee2076a8c1a518f20c5709d39_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:85a7cd5b497ecaa4050bd1a1452da303a188c8c39e647506a97cb51f77bd15ed_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ad57793f8387672543643510eb5ed7e7bbc3fff4b40b8f46c0133cbaba20fad3_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4394e75958311552877cfb76fc7b6e2fb8b2bce515c0e1caf4a8dd74c656b391_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4f0354935b9ed09306af1ed8484da9b36fe0bac08ffa846c8b8ea882fef672f5_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:881b3767f0cfe08cb5fac5fcb8869410c05978909ab3cf8e1c636ab3676c9fc8_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6d670d1f82894be7a953b784958929790702a922f13237cba2653bb85541d34_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d4ab8e4dbf191fb71d9b7457846e5544949d03c356c6c855f5490e819b50ab01_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:fc03767015d6a89e53ca40378638f2e392941b7ff2e3a820b9528d7fcd0e3db9_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:044dd53b4b98134210f70146352a200965479f3a585c025b4d754fe891ec9bc3_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:99c096b912ee9f55ad36d402a0e78ba2dfc4120313d3bdb9fc0254f3ef0bfebc_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c1481660a52b4d594368f1fe9b55646ac09d71ca8b6039e983752fa3185976bf_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-34156"
},
{
"category": "external",
"summary": "RHBZ#2310528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310528"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-34156",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34156"
},
{
"category": "external",
"summary": "https://go.dev/cl/611239",
"url": "https://go.dev/cl/611239"
},
{
"category": "external",
"summary": "https://go.dev/issue/69139",
"url": "https://go.dev/issue/69139"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk",
"url": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3106",
"url": "https://pkg.go.dev/vuln/GO-2024-3106"
}
],
"release_date": "2024-09-06T21:15:12.020000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-13T18:00:45+00:00",
"details": "If you are using an earlier version of RHACS 4.4, you are advised to upgrade to this patch release 4.4.6.",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:81b5d9d7c45c4a8609c777e658eb8898e655799c813049ea75b0ad235d6c6031_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:91807217f7a5d5a234fe52d22ab0efb5d1555ecbea6bf0e73ea22986f0ccd7b9_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:ae1ec07ca41d555e1979d5a78c2a5d73b1ba40deea93fd9c68480dd2a273107d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:9583"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9178124bc5c25689fcc7f18e612324eb960a89cd9953e25ddcfb86901cef121f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:c4fb7a4e30d0e7e8849e37bc6109f23670036f33eea58f5d298b442ce1afb671_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:ee6981dd3ba39a27922af01c8b4daadbefe669bf749323c2f6c1b338130d51ca_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:7e8ecd268fc23e6012789bf37c79e3f32b2b97fb8680212de48c9d2b45ed6039_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:95cb6eda4d1ab5fc90ac93317051262c3f1fece5bc038ecee402d9637ac9065b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:d889a70c089484065a2ec82125046ab4a33b128f4dde1964cc079351870e9fb4_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:4841ffb3af288d62c7b55bc8aa0181a22f9115412412199d47ee867bc993dcb1_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:891a5bfabb3caa1500e010a5fa52cb8cb0ae5e891927f29482b60d0c5ff3a689_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:b0ad6462f9116dfef5d6f674abb40888fe0838f63ea63a910e28108fa9cfac96_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:81b5d9d7c45c4a8609c777e658eb8898e655799c813049ea75b0ad235d6c6031_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:91807217f7a5d5a234fe52d22ab0efb5d1555ecbea6bf0e73ea22986f0ccd7b9_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:ae1ec07ca41d555e1979d5a78c2a5d73b1ba40deea93fd9c68480dd2a273107d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:1ca8319a9362df3b09515f3a721152af15068cb98596fabd202be639ec847cd8_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:7a5e9703c62f13b5b9541dacb86b864a02399a2facc5e77da50c990742fa48db_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b481c31ea787bb4817304023ab223996b5deaf01f0c80557d652ca2e76a3dfc5_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:16557a28d0f406947511e9c0ac45ee817ea140889bafcb904cac32bd8bd5e1f8_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:2fd7371cc9b6d31e893ccf947e1eb82dfdafe64cf52f5180fb56eda3b5f39c1e_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:f06e63143446f6adaa05e172e6badc0d1d5ed4c84e2d5d2557d6009f2f8fc020_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:138e5980154aaa0ac5e9298f784b526351c99704cf695ee431501323ca009ee3_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:825d631625833d741b1a1b5dc5b4ed58931bba19c0df3dfffbe37c8d288501d3_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:973018e772a918fdf56c326a9a2dab6930d0495b8832d93a9ce38715bdd3a793_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3661729758bf85f23ea026ee63878c37e633a559e3a9cb62831c5756208849e0_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c958195cb7c571b2281e68812730e5bfdb56239dd78cd7eef68c78305df3a22_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e343a83ec73665ed07c5960878a1b523c2cec5d5f1c17bfbedda3fc1a1670f3f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0c937e3b9c64f9b162cfbe427f7302dae647ede0a521954c2dcda9ae5209c02f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8ac90dab1deddcca3eeba5fbe21393745a83241bf58c5e45346d1d8136bc766_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dd5bcce7eab9696f3df21db09e63df3a80ce8e5fa64120b0fcaf68abde0d0ba1_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:1d91f26a507a68b406bb35e5773a482ae91e395ee2076a8c1a518f20c5709d39_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:85a7cd5b497ecaa4050bd1a1452da303a188c8c39e647506a97cb51f77bd15ed_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ad57793f8387672543643510eb5ed7e7bbc3fff4b40b8f46c0133cbaba20fad3_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4394e75958311552877cfb76fc7b6e2fb8b2bce515c0e1caf4a8dd74c656b391_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4f0354935b9ed09306af1ed8484da9b36fe0bac08ffa846c8b8ea882fef672f5_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:881b3767f0cfe08cb5fac5fcb8869410c05978909ab3cf8e1c636ab3676c9fc8_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6d670d1f82894be7a953b784958929790702a922f13237cba2653bb85541d34_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d4ab8e4dbf191fb71d9b7457846e5544949d03c356c6c855f5490e819b50ab01_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:fc03767015d6a89e53ca40378638f2e392941b7ff2e3a820b9528d7fcd0e3db9_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:044dd53b4b98134210f70146352a200965479f3a585c025b4d754fe891ec9bc3_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:99c096b912ee9f55ad36d402a0e78ba2dfc4120313d3bdb9fc0254f3ef0bfebc_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c1481660a52b4d594368f1fe9b55646ac09d71ca8b6039e983752fa3185976bf_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9178124bc5c25689fcc7f18e612324eb960a89cd9953e25ddcfb86901cef121f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:c4fb7a4e30d0e7e8849e37bc6109f23670036f33eea58f5d298b442ce1afb671_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:ee6981dd3ba39a27922af01c8b4daadbefe669bf749323c2f6c1b338130d51ca_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:7e8ecd268fc23e6012789bf37c79e3f32b2b97fb8680212de48c9d2b45ed6039_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:95cb6eda4d1ab5fc90ac93317051262c3f1fece5bc038ecee402d9637ac9065b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:d889a70c089484065a2ec82125046ab4a33b128f4dde1964cc079351870e9fb4_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:4841ffb3af288d62c7b55bc8aa0181a22f9115412412199d47ee867bc993dcb1_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:891a5bfabb3caa1500e010a5fa52cb8cb0ae5e891927f29482b60d0c5ff3a689_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:b0ad6462f9116dfef5d6f674abb40888fe0838f63ea63a910e28108fa9cfac96_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:81b5d9d7c45c4a8609c777e658eb8898e655799c813049ea75b0ad235d6c6031_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:91807217f7a5d5a234fe52d22ab0efb5d1555ecbea6bf0e73ea22986f0ccd7b9_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:ae1ec07ca41d555e1979d5a78c2a5d73b1ba40deea93fd9c68480dd2a273107d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:1ca8319a9362df3b09515f3a721152af15068cb98596fabd202be639ec847cd8_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:7a5e9703c62f13b5b9541dacb86b864a02399a2facc5e77da50c990742fa48db_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b481c31ea787bb4817304023ab223996b5deaf01f0c80557d652ca2e76a3dfc5_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:16557a28d0f406947511e9c0ac45ee817ea140889bafcb904cac32bd8bd5e1f8_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:2fd7371cc9b6d31e893ccf947e1eb82dfdafe64cf52f5180fb56eda3b5f39c1e_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:f06e63143446f6adaa05e172e6badc0d1d5ed4c84e2d5d2557d6009f2f8fc020_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:138e5980154aaa0ac5e9298f784b526351c99704cf695ee431501323ca009ee3_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:825d631625833d741b1a1b5dc5b4ed58931bba19c0df3dfffbe37c8d288501d3_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:973018e772a918fdf56c326a9a2dab6930d0495b8832d93a9ce38715bdd3a793_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3661729758bf85f23ea026ee63878c37e633a559e3a9cb62831c5756208849e0_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c958195cb7c571b2281e68812730e5bfdb56239dd78cd7eef68c78305df3a22_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e343a83ec73665ed07c5960878a1b523c2cec5d5f1c17bfbedda3fc1a1670f3f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0c937e3b9c64f9b162cfbe427f7302dae647ede0a521954c2dcda9ae5209c02f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8ac90dab1deddcca3eeba5fbe21393745a83241bf58c5e45346d1d8136bc766_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dd5bcce7eab9696f3df21db09e63df3a80ce8e5fa64120b0fcaf68abde0d0ba1_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:1d91f26a507a68b406bb35e5773a482ae91e395ee2076a8c1a518f20c5709d39_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:85a7cd5b497ecaa4050bd1a1452da303a188c8c39e647506a97cb51f77bd15ed_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ad57793f8387672543643510eb5ed7e7bbc3fff4b40b8f46c0133cbaba20fad3_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4394e75958311552877cfb76fc7b6e2fb8b2bce515c0e1caf4a8dd74c656b391_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4f0354935b9ed09306af1ed8484da9b36fe0bac08ffa846c8b8ea882fef672f5_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:881b3767f0cfe08cb5fac5fcb8869410c05978909ab3cf8e1c636ab3676c9fc8_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6d670d1f82894be7a953b784958929790702a922f13237cba2653bb85541d34_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d4ab8e4dbf191fb71d9b7457846e5544949d03c356c6c855f5490e819b50ab01_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:fc03767015d6a89e53ca40378638f2e392941b7ff2e3a820b9528d7fcd0e3db9_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:044dd53b4b98134210f70146352a200965479f3a585c025b4d754fe891ec9bc3_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:99c096b912ee9f55ad36d402a0e78ba2dfc4120313d3bdb9fc0254f3ef0bfebc_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c1481660a52b4d594368f1fe9b55646ac09d71ca8b6039e983752fa3185976bf_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion"
},
{
"cve": "CVE-2024-45590",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2024-09-10T16:20:29.292154+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9178124bc5c25689fcc7f18e612324eb960a89cd9953e25ddcfb86901cef121f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:c4fb7a4e30d0e7e8849e37bc6109f23670036f33eea58f5d298b442ce1afb671_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:ee6981dd3ba39a27922af01c8b4daadbefe669bf749323c2f6c1b338130d51ca_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:7e8ecd268fc23e6012789bf37c79e3f32b2b97fb8680212de48c9d2b45ed6039_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:95cb6eda4d1ab5fc90ac93317051262c3f1fece5bc038ecee402d9637ac9065b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:d889a70c089484065a2ec82125046ab4a33b128f4dde1964cc079351870e9fb4_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:4841ffb3af288d62c7b55bc8aa0181a22f9115412412199d47ee867bc993dcb1_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:891a5bfabb3caa1500e010a5fa52cb8cb0ae5e891927f29482b60d0c5ff3a689_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:b0ad6462f9116dfef5d6f674abb40888fe0838f63ea63a910e28108fa9cfac96_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:1ca8319a9362df3b09515f3a721152af15068cb98596fabd202be639ec847cd8_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:7a5e9703c62f13b5b9541dacb86b864a02399a2facc5e77da50c990742fa48db_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b481c31ea787bb4817304023ab223996b5deaf01f0c80557d652ca2e76a3dfc5_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:16557a28d0f406947511e9c0ac45ee817ea140889bafcb904cac32bd8bd5e1f8_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:2fd7371cc9b6d31e893ccf947e1eb82dfdafe64cf52f5180fb56eda3b5f39c1e_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:f06e63143446f6adaa05e172e6badc0d1d5ed4c84e2d5d2557d6009f2f8fc020_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:138e5980154aaa0ac5e9298f784b526351c99704cf695ee431501323ca009ee3_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:825d631625833d741b1a1b5dc5b4ed58931bba19c0df3dfffbe37c8d288501d3_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:973018e772a918fdf56c326a9a2dab6930d0495b8832d93a9ce38715bdd3a793_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3661729758bf85f23ea026ee63878c37e633a559e3a9cb62831c5756208849e0_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c958195cb7c571b2281e68812730e5bfdb56239dd78cd7eef68c78305df3a22_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e343a83ec73665ed07c5960878a1b523c2cec5d5f1c17bfbedda3fc1a1670f3f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0c937e3b9c64f9b162cfbe427f7302dae647ede0a521954c2dcda9ae5209c02f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8ac90dab1deddcca3eeba5fbe21393745a83241bf58c5e45346d1d8136bc766_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dd5bcce7eab9696f3df21db09e63df3a80ce8e5fa64120b0fcaf68abde0d0ba1_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:1d91f26a507a68b406bb35e5773a482ae91e395ee2076a8c1a518f20c5709d39_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:85a7cd5b497ecaa4050bd1a1452da303a188c8c39e647506a97cb51f77bd15ed_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ad57793f8387672543643510eb5ed7e7bbc3fff4b40b8f46c0133cbaba20fad3_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4394e75958311552877cfb76fc7b6e2fb8b2bce515c0e1caf4a8dd74c656b391_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4f0354935b9ed09306af1ed8484da9b36fe0bac08ffa846c8b8ea882fef672f5_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:881b3767f0cfe08cb5fac5fcb8869410c05978909ab3cf8e1c636ab3676c9fc8_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6d670d1f82894be7a953b784958929790702a922f13237cba2653bb85541d34_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d4ab8e4dbf191fb71d9b7457846e5544949d03c356c6c855f5490e819b50ab01_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:fc03767015d6a89e53ca40378638f2e392941b7ff2e3a820b9528d7fcd0e3db9_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:044dd53b4b98134210f70146352a200965479f3a585c025b4d754fe891ec9bc3_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:99c096b912ee9f55ad36d402a0e78ba2dfc4120313d3bdb9fc0254f3ef0bfebc_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c1481660a52b4d594368f1fe9b55646ac09d71ca8b6039e983752fa3185976bf_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311171"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in body-parser. This vulnerability causes denial of service via a specially crafted payload when the URL encoding is enabled.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "body-parser: Denial of Service Vulnerability in body-parser",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:81b5d9d7c45c4a8609c777e658eb8898e655799c813049ea75b0ad235d6c6031_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:91807217f7a5d5a234fe52d22ab0efb5d1555ecbea6bf0e73ea22986f0ccd7b9_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:ae1ec07ca41d555e1979d5a78c2a5d73b1ba40deea93fd9c68480dd2a273107d_amd64"
],
"known_not_affected": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9178124bc5c25689fcc7f18e612324eb960a89cd9953e25ddcfb86901cef121f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:c4fb7a4e30d0e7e8849e37bc6109f23670036f33eea58f5d298b442ce1afb671_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:ee6981dd3ba39a27922af01c8b4daadbefe669bf749323c2f6c1b338130d51ca_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:7e8ecd268fc23e6012789bf37c79e3f32b2b97fb8680212de48c9d2b45ed6039_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:95cb6eda4d1ab5fc90ac93317051262c3f1fece5bc038ecee402d9637ac9065b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:d889a70c089484065a2ec82125046ab4a33b128f4dde1964cc079351870e9fb4_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:4841ffb3af288d62c7b55bc8aa0181a22f9115412412199d47ee867bc993dcb1_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:891a5bfabb3caa1500e010a5fa52cb8cb0ae5e891927f29482b60d0c5ff3a689_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:b0ad6462f9116dfef5d6f674abb40888fe0838f63ea63a910e28108fa9cfac96_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:1ca8319a9362df3b09515f3a721152af15068cb98596fabd202be639ec847cd8_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:7a5e9703c62f13b5b9541dacb86b864a02399a2facc5e77da50c990742fa48db_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b481c31ea787bb4817304023ab223996b5deaf01f0c80557d652ca2e76a3dfc5_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:16557a28d0f406947511e9c0ac45ee817ea140889bafcb904cac32bd8bd5e1f8_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:2fd7371cc9b6d31e893ccf947e1eb82dfdafe64cf52f5180fb56eda3b5f39c1e_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:f06e63143446f6adaa05e172e6badc0d1d5ed4c84e2d5d2557d6009f2f8fc020_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:138e5980154aaa0ac5e9298f784b526351c99704cf695ee431501323ca009ee3_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:825d631625833d741b1a1b5dc5b4ed58931bba19c0df3dfffbe37c8d288501d3_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:973018e772a918fdf56c326a9a2dab6930d0495b8832d93a9ce38715bdd3a793_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3661729758bf85f23ea026ee63878c37e633a559e3a9cb62831c5756208849e0_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c958195cb7c571b2281e68812730e5bfdb56239dd78cd7eef68c78305df3a22_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e343a83ec73665ed07c5960878a1b523c2cec5d5f1c17bfbedda3fc1a1670f3f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0c937e3b9c64f9b162cfbe427f7302dae647ede0a521954c2dcda9ae5209c02f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8ac90dab1deddcca3eeba5fbe21393745a83241bf58c5e45346d1d8136bc766_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dd5bcce7eab9696f3df21db09e63df3a80ce8e5fa64120b0fcaf68abde0d0ba1_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:1d91f26a507a68b406bb35e5773a482ae91e395ee2076a8c1a518f20c5709d39_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:85a7cd5b497ecaa4050bd1a1452da303a188c8c39e647506a97cb51f77bd15ed_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ad57793f8387672543643510eb5ed7e7bbc3fff4b40b8f46c0133cbaba20fad3_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4394e75958311552877cfb76fc7b6e2fb8b2bce515c0e1caf4a8dd74c656b391_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4f0354935b9ed09306af1ed8484da9b36fe0bac08ffa846c8b8ea882fef672f5_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:881b3767f0cfe08cb5fac5fcb8869410c05978909ab3cf8e1c636ab3676c9fc8_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6d670d1f82894be7a953b784958929790702a922f13237cba2653bb85541d34_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d4ab8e4dbf191fb71d9b7457846e5544949d03c356c6c855f5490e819b50ab01_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:fc03767015d6a89e53ca40378638f2e392941b7ff2e3a820b9528d7fcd0e3db9_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:044dd53b4b98134210f70146352a200965479f3a585c025b4d754fe891ec9bc3_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:99c096b912ee9f55ad36d402a0e78ba2dfc4120313d3bdb9fc0254f3ef0bfebc_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c1481660a52b4d594368f1fe9b55646ac09d71ca8b6039e983752fa3185976bf_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45590"
},
{
"category": "external",
"summary": "RHBZ#2311171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311171"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45590",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45590"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45590",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45590"
},
{
"category": "external",
"summary": "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce",
"url": "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce"
},
{
"category": "external",
"summary": "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7",
"url": "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7"
}
],
"release_date": "2024-09-10T16:15:21.083000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-13T18:00:45+00:00",
"details": "If you are using an earlier version of RHACS 4.4, you are advised to upgrade to this patch release 4.4.6.",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:81b5d9d7c45c4a8609c777e658eb8898e655799c813049ea75b0ad235d6c6031_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:91807217f7a5d5a234fe52d22ab0efb5d1555ecbea6bf0e73ea22986f0ccd7b9_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:ae1ec07ca41d555e1979d5a78c2a5d73b1ba40deea93fd9c68480dd2a273107d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:9583"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9178124bc5c25689fcc7f18e612324eb960a89cd9953e25ddcfb86901cef121f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:c4fb7a4e30d0e7e8849e37bc6109f23670036f33eea58f5d298b442ce1afb671_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:ee6981dd3ba39a27922af01c8b4daadbefe669bf749323c2f6c1b338130d51ca_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:7e8ecd268fc23e6012789bf37c79e3f32b2b97fb8680212de48c9d2b45ed6039_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:95cb6eda4d1ab5fc90ac93317051262c3f1fece5bc038ecee402d9637ac9065b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:d889a70c089484065a2ec82125046ab4a33b128f4dde1964cc079351870e9fb4_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:4841ffb3af288d62c7b55bc8aa0181a22f9115412412199d47ee867bc993dcb1_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:891a5bfabb3caa1500e010a5fa52cb8cb0ae5e891927f29482b60d0c5ff3a689_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:b0ad6462f9116dfef5d6f674abb40888fe0838f63ea63a910e28108fa9cfac96_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:81b5d9d7c45c4a8609c777e658eb8898e655799c813049ea75b0ad235d6c6031_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:91807217f7a5d5a234fe52d22ab0efb5d1555ecbea6bf0e73ea22986f0ccd7b9_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:ae1ec07ca41d555e1979d5a78c2a5d73b1ba40deea93fd9c68480dd2a273107d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:1ca8319a9362df3b09515f3a721152af15068cb98596fabd202be639ec847cd8_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:7a5e9703c62f13b5b9541dacb86b864a02399a2facc5e77da50c990742fa48db_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b481c31ea787bb4817304023ab223996b5deaf01f0c80557d652ca2e76a3dfc5_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:16557a28d0f406947511e9c0ac45ee817ea140889bafcb904cac32bd8bd5e1f8_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:2fd7371cc9b6d31e893ccf947e1eb82dfdafe64cf52f5180fb56eda3b5f39c1e_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:f06e63143446f6adaa05e172e6badc0d1d5ed4c84e2d5d2557d6009f2f8fc020_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:138e5980154aaa0ac5e9298f784b526351c99704cf695ee431501323ca009ee3_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:825d631625833d741b1a1b5dc5b4ed58931bba19c0df3dfffbe37c8d288501d3_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:973018e772a918fdf56c326a9a2dab6930d0495b8832d93a9ce38715bdd3a793_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3661729758bf85f23ea026ee63878c37e633a559e3a9cb62831c5756208849e0_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c958195cb7c571b2281e68812730e5bfdb56239dd78cd7eef68c78305df3a22_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e343a83ec73665ed07c5960878a1b523c2cec5d5f1c17bfbedda3fc1a1670f3f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0c937e3b9c64f9b162cfbe427f7302dae647ede0a521954c2dcda9ae5209c02f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8ac90dab1deddcca3eeba5fbe21393745a83241bf58c5e45346d1d8136bc766_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dd5bcce7eab9696f3df21db09e63df3a80ce8e5fa64120b0fcaf68abde0d0ba1_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:1d91f26a507a68b406bb35e5773a482ae91e395ee2076a8c1a518f20c5709d39_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:85a7cd5b497ecaa4050bd1a1452da303a188c8c39e647506a97cb51f77bd15ed_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ad57793f8387672543643510eb5ed7e7bbc3fff4b40b8f46c0133cbaba20fad3_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4394e75958311552877cfb76fc7b6e2fb8b2bce515c0e1caf4a8dd74c656b391_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4f0354935b9ed09306af1ed8484da9b36fe0bac08ffa846c8b8ea882fef672f5_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:881b3767f0cfe08cb5fac5fcb8869410c05978909ab3cf8e1c636ab3676c9fc8_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6d670d1f82894be7a953b784958929790702a922f13237cba2653bb85541d34_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d4ab8e4dbf191fb71d9b7457846e5544949d03c356c6c855f5490e819b50ab01_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:fc03767015d6a89e53ca40378638f2e392941b7ff2e3a820b9528d7fcd0e3db9_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:044dd53b4b98134210f70146352a200965479f3a585c025b4d754fe891ec9bc3_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:99c096b912ee9f55ad36d402a0e78ba2dfc4120313d3bdb9fc0254f3ef0bfebc_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c1481660a52b4d594368f1fe9b55646ac09d71ca8b6039e983752fa3185976bf_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9178124bc5c25689fcc7f18e612324eb960a89cd9953e25ddcfb86901cef121f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:c4fb7a4e30d0e7e8849e37bc6109f23670036f33eea58f5d298b442ce1afb671_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:ee6981dd3ba39a27922af01c8b4daadbefe669bf749323c2f6c1b338130d51ca_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:7e8ecd268fc23e6012789bf37c79e3f32b2b97fb8680212de48c9d2b45ed6039_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:95cb6eda4d1ab5fc90ac93317051262c3f1fece5bc038ecee402d9637ac9065b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:d889a70c089484065a2ec82125046ab4a33b128f4dde1964cc079351870e9fb4_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:4841ffb3af288d62c7b55bc8aa0181a22f9115412412199d47ee867bc993dcb1_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:891a5bfabb3caa1500e010a5fa52cb8cb0ae5e891927f29482b60d0c5ff3a689_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:b0ad6462f9116dfef5d6f674abb40888fe0838f63ea63a910e28108fa9cfac96_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:81b5d9d7c45c4a8609c777e658eb8898e655799c813049ea75b0ad235d6c6031_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:91807217f7a5d5a234fe52d22ab0efb5d1555ecbea6bf0e73ea22986f0ccd7b9_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:ae1ec07ca41d555e1979d5a78c2a5d73b1ba40deea93fd9c68480dd2a273107d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:1ca8319a9362df3b09515f3a721152af15068cb98596fabd202be639ec847cd8_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:7a5e9703c62f13b5b9541dacb86b864a02399a2facc5e77da50c990742fa48db_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b481c31ea787bb4817304023ab223996b5deaf01f0c80557d652ca2e76a3dfc5_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:16557a28d0f406947511e9c0ac45ee817ea140889bafcb904cac32bd8bd5e1f8_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:2fd7371cc9b6d31e893ccf947e1eb82dfdafe64cf52f5180fb56eda3b5f39c1e_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:f06e63143446f6adaa05e172e6badc0d1d5ed4c84e2d5d2557d6009f2f8fc020_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:138e5980154aaa0ac5e9298f784b526351c99704cf695ee431501323ca009ee3_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:825d631625833d741b1a1b5dc5b4ed58931bba19c0df3dfffbe37c8d288501d3_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:973018e772a918fdf56c326a9a2dab6930d0495b8832d93a9ce38715bdd3a793_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3661729758bf85f23ea026ee63878c37e633a559e3a9cb62831c5756208849e0_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c958195cb7c571b2281e68812730e5bfdb56239dd78cd7eef68c78305df3a22_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e343a83ec73665ed07c5960878a1b523c2cec5d5f1c17bfbedda3fc1a1670f3f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0c937e3b9c64f9b162cfbe427f7302dae647ede0a521954c2dcda9ae5209c02f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8ac90dab1deddcca3eeba5fbe21393745a83241bf58c5e45346d1d8136bc766_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dd5bcce7eab9696f3df21db09e63df3a80ce8e5fa64120b0fcaf68abde0d0ba1_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:1d91f26a507a68b406bb35e5773a482ae91e395ee2076a8c1a518f20c5709d39_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:85a7cd5b497ecaa4050bd1a1452da303a188c8c39e647506a97cb51f77bd15ed_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ad57793f8387672543643510eb5ed7e7bbc3fff4b40b8f46c0133cbaba20fad3_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4394e75958311552877cfb76fc7b6e2fb8b2bce515c0e1caf4a8dd74c656b391_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4f0354935b9ed09306af1ed8484da9b36fe0bac08ffa846c8b8ea882fef672f5_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:881b3767f0cfe08cb5fac5fcb8869410c05978909ab3cf8e1c636ab3676c9fc8_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6d670d1f82894be7a953b784958929790702a922f13237cba2653bb85541d34_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d4ab8e4dbf191fb71d9b7457846e5544949d03c356c6c855f5490e819b50ab01_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:fc03767015d6a89e53ca40378638f2e392941b7ff2e3a820b9528d7fcd0e3db9_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:044dd53b4b98134210f70146352a200965479f3a585c025b4d754fe891ec9bc3_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:99c096b912ee9f55ad36d402a0e78ba2dfc4120313d3bdb9fc0254f3ef0bfebc_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c1481660a52b4d594368f1fe9b55646ac09d71ca8b6039e983752fa3185976bf_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "body-parser: Denial of Service Vulnerability in body-parser"
},
{
"cve": "CVE-2024-48910",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"discovery_date": "2024-10-31T15:00:53.609372+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9178124bc5c25689fcc7f18e612324eb960a89cd9953e25ddcfb86901cef121f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:c4fb7a4e30d0e7e8849e37bc6109f23670036f33eea58f5d298b442ce1afb671_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:ee6981dd3ba39a27922af01c8b4daadbefe669bf749323c2f6c1b338130d51ca_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:7e8ecd268fc23e6012789bf37c79e3f32b2b97fb8680212de48c9d2b45ed6039_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:95cb6eda4d1ab5fc90ac93317051262c3f1fece5bc038ecee402d9637ac9065b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:d889a70c089484065a2ec82125046ab4a33b128f4dde1964cc079351870e9fb4_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:4841ffb3af288d62c7b55bc8aa0181a22f9115412412199d47ee867bc993dcb1_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:891a5bfabb3caa1500e010a5fa52cb8cb0ae5e891927f29482b60d0c5ff3a689_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:b0ad6462f9116dfef5d6f674abb40888fe0838f63ea63a910e28108fa9cfac96_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:1ca8319a9362df3b09515f3a721152af15068cb98596fabd202be639ec847cd8_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:7a5e9703c62f13b5b9541dacb86b864a02399a2facc5e77da50c990742fa48db_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b481c31ea787bb4817304023ab223996b5deaf01f0c80557d652ca2e76a3dfc5_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:16557a28d0f406947511e9c0ac45ee817ea140889bafcb904cac32bd8bd5e1f8_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:2fd7371cc9b6d31e893ccf947e1eb82dfdafe64cf52f5180fb56eda3b5f39c1e_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:f06e63143446f6adaa05e172e6badc0d1d5ed4c84e2d5d2557d6009f2f8fc020_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:138e5980154aaa0ac5e9298f784b526351c99704cf695ee431501323ca009ee3_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:825d631625833d741b1a1b5dc5b4ed58931bba19c0df3dfffbe37c8d288501d3_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:973018e772a918fdf56c326a9a2dab6930d0495b8832d93a9ce38715bdd3a793_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3661729758bf85f23ea026ee63878c37e633a559e3a9cb62831c5756208849e0_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c958195cb7c571b2281e68812730e5bfdb56239dd78cd7eef68c78305df3a22_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e343a83ec73665ed07c5960878a1b523c2cec5d5f1c17bfbedda3fc1a1670f3f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0c937e3b9c64f9b162cfbe427f7302dae647ede0a521954c2dcda9ae5209c02f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8ac90dab1deddcca3eeba5fbe21393745a83241bf58c5e45346d1d8136bc766_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dd5bcce7eab9696f3df21db09e63df3a80ce8e5fa64120b0fcaf68abde0d0ba1_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:1d91f26a507a68b406bb35e5773a482ae91e395ee2076a8c1a518f20c5709d39_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:85a7cd5b497ecaa4050bd1a1452da303a188c8c39e647506a97cb51f77bd15ed_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ad57793f8387672543643510eb5ed7e7bbc3fff4b40b8f46c0133cbaba20fad3_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4394e75958311552877cfb76fc7b6e2fb8b2bce515c0e1caf4a8dd74c656b391_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4f0354935b9ed09306af1ed8484da9b36fe0bac08ffa846c8b8ea882fef672f5_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:881b3767f0cfe08cb5fac5fcb8869410c05978909ab3cf8e1c636ab3676c9fc8_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6d670d1f82894be7a953b784958929790702a922f13237cba2653bb85541d34_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d4ab8e4dbf191fb71d9b7457846e5544949d03c356c6c855f5490e819b50ab01_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:fc03767015d6a89e53ca40378638f2e392941b7ff2e3a820b9528d7fcd0e3db9_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:044dd53b4b98134210f70146352a200965479f3a585c025b4d754fe891ec9bc3_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:99c096b912ee9f55ad36d402a0e78ba2dfc4120313d3bdb9fc0254f3ef0bfebc_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c1481660a52b4d594368f1fe9b55646ac09d71ca8b6039e983752fa3185976bf_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2322949"
}
],
"notes": [
{
"category": "description",
"text": "A prototype pollution vulnerability was found in DOMPurify. This flaw allows a remote attacker to add or modify attributes of an object prototype. This issue can lead to the injection of malicious attributes used in other components or cause a crash by overriding existing attributes with ones of incompatible type.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "dompurify: DOMPurify vulnerable to tampering by prototype pollution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The prototype pollution vulnerability in DOMPurify is considered a high-severity issue because it allows attackers to modify the prototype of built-in JavaScript objects, potentially impacting the entire application. This could lead to security risks, such as overwriting methods on fundamental objects like `Object`, `Array`, or `Function`, allowing attackers to manipulate application behavior, bypass security controls, or cause application crashes. Given that DOMPurify is a core library for sanitizing user input, an attacker exploiting this vulnerability could gain control over how sanitized content is processed, leading to the execution of malicious scripts or triggering other unintended behaviors across the application.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:81b5d9d7c45c4a8609c777e658eb8898e655799c813049ea75b0ad235d6c6031_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:91807217f7a5d5a234fe52d22ab0efb5d1555ecbea6bf0e73ea22986f0ccd7b9_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:ae1ec07ca41d555e1979d5a78c2a5d73b1ba40deea93fd9c68480dd2a273107d_amd64"
],
"known_not_affected": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9178124bc5c25689fcc7f18e612324eb960a89cd9953e25ddcfb86901cef121f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:c4fb7a4e30d0e7e8849e37bc6109f23670036f33eea58f5d298b442ce1afb671_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:ee6981dd3ba39a27922af01c8b4daadbefe669bf749323c2f6c1b338130d51ca_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:7e8ecd268fc23e6012789bf37c79e3f32b2b97fb8680212de48c9d2b45ed6039_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:95cb6eda4d1ab5fc90ac93317051262c3f1fece5bc038ecee402d9637ac9065b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:d889a70c089484065a2ec82125046ab4a33b128f4dde1964cc079351870e9fb4_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:4841ffb3af288d62c7b55bc8aa0181a22f9115412412199d47ee867bc993dcb1_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:891a5bfabb3caa1500e010a5fa52cb8cb0ae5e891927f29482b60d0c5ff3a689_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:b0ad6462f9116dfef5d6f674abb40888fe0838f63ea63a910e28108fa9cfac96_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:1ca8319a9362df3b09515f3a721152af15068cb98596fabd202be639ec847cd8_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:7a5e9703c62f13b5b9541dacb86b864a02399a2facc5e77da50c990742fa48db_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b481c31ea787bb4817304023ab223996b5deaf01f0c80557d652ca2e76a3dfc5_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:16557a28d0f406947511e9c0ac45ee817ea140889bafcb904cac32bd8bd5e1f8_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:2fd7371cc9b6d31e893ccf947e1eb82dfdafe64cf52f5180fb56eda3b5f39c1e_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:f06e63143446f6adaa05e172e6badc0d1d5ed4c84e2d5d2557d6009f2f8fc020_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:138e5980154aaa0ac5e9298f784b526351c99704cf695ee431501323ca009ee3_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:825d631625833d741b1a1b5dc5b4ed58931bba19c0df3dfffbe37c8d288501d3_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:973018e772a918fdf56c326a9a2dab6930d0495b8832d93a9ce38715bdd3a793_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3661729758bf85f23ea026ee63878c37e633a559e3a9cb62831c5756208849e0_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c958195cb7c571b2281e68812730e5bfdb56239dd78cd7eef68c78305df3a22_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e343a83ec73665ed07c5960878a1b523c2cec5d5f1c17bfbedda3fc1a1670f3f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0c937e3b9c64f9b162cfbe427f7302dae647ede0a521954c2dcda9ae5209c02f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8ac90dab1deddcca3eeba5fbe21393745a83241bf58c5e45346d1d8136bc766_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dd5bcce7eab9696f3df21db09e63df3a80ce8e5fa64120b0fcaf68abde0d0ba1_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:1d91f26a507a68b406bb35e5773a482ae91e395ee2076a8c1a518f20c5709d39_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:85a7cd5b497ecaa4050bd1a1452da303a188c8c39e647506a97cb51f77bd15ed_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ad57793f8387672543643510eb5ed7e7bbc3fff4b40b8f46c0133cbaba20fad3_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4394e75958311552877cfb76fc7b6e2fb8b2bce515c0e1caf4a8dd74c656b391_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4f0354935b9ed09306af1ed8484da9b36fe0bac08ffa846c8b8ea882fef672f5_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:881b3767f0cfe08cb5fac5fcb8869410c05978909ab3cf8e1c636ab3676c9fc8_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6d670d1f82894be7a953b784958929790702a922f13237cba2653bb85541d34_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d4ab8e4dbf191fb71d9b7457846e5544949d03c356c6c855f5490e819b50ab01_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:fc03767015d6a89e53ca40378638f2e392941b7ff2e3a820b9528d7fcd0e3db9_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:044dd53b4b98134210f70146352a200965479f3a585c025b4d754fe891ec9bc3_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:99c096b912ee9f55ad36d402a0e78ba2dfc4120313d3bdb9fc0254f3ef0bfebc_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c1481660a52b4d594368f1fe9b55646ac09d71ca8b6039e983752fa3185976bf_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-48910"
},
{
"category": "external",
"summary": "RHBZ#2322949",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2322949"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-48910",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-48910"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-48910",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-48910"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/commit/d1dd0374caef2b4c56c3bd09fe1988c3479166dc",
"url": "https://github.com/cure53/DOMPurify/commit/d1dd0374caef2b4c56c3bd09fe1988c3479166dc"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/security/advisories/GHSA-p3vf-v8qc-cwcr",
"url": "https://github.com/cure53/DOMPurify/security/advisories/GHSA-p3vf-v8qc-cwcr"
}
],
"release_date": "2024-10-31T14:22:52.867000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-13T18:00:45+00:00",
"details": "If you are using an earlier version of RHACS 4.4, you are advised to upgrade to this patch release 4.4.6.",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:81b5d9d7c45c4a8609c777e658eb8898e655799c813049ea75b0ad235d6c6031_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:91807217f7a5d5a234fe52d22ab0efb5d1555ecbea6bf0e73ea22986f0ccd7b9_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:ae1ec07ca41d555e1979d5a78c2a5d73b1ba40deea93fd9c68480dd2a273107d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:9583"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9178124bc5c25689fcc7f18e612324eb960a89cd9953e25ddcfb86901cef121f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:c4fb7a4e30d0e7e8849e37bc6109f23670036f33eea58f5d298b442ce1afb671_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:ee6981dd3ba39a27922af01c8b4daadbefe669bf749323c2f6c1b338130d51ca_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:7e8ecd268fc23e6012789bf37c79e3f32b2b97fb8680212de48c9d2b45ed6039_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:95cb6eda4d1ab5fc90ac93317051262c3f1fece5bc038ecee402d9637ac9065b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:d889a70c089484065a2ec82125046ab4a33b128f4dde1964cc079351870e9fb4_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:4841ffb3af288d62c7b55bc8aa0181a22f9115412412199d47ee867bc993dcb1_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:891a5bfabb3caa1500e010a5fa52cb8cb0ae5e891927f29482b60d0c5ff3a689_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:b0ad6462f9116dfef5d6f674abb40888fe0838f63ea63a910e28108fa9cfac96_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:81b5d9d7c45c4a8609c777e658eb8898e655799c813049ea75b0ad235d6c6031_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:91807217f7a5d5a234fe52d22ab0efb5d1555ecbea6bf0e73ea22986f0ccd7b9_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:ae1ec07ca41d555e1979d5a78c2a5d73b1ba40deea93fd9c68480dd2a273107d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:1ca8319a9362df3b09515f3a721152af15068cb98596fabd202be639ec847cd8_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:7a5e9703c62f13b5b9541dacb86b864a02399a2facc5e77da50c990742fa48db_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b481c31ea787bb4817304023ab223996b5deaf01f0c80557d652ca2e76a3dfc5_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:16557a28d0f406947511e9c0ac45ee817ea140889bafcb904cac32bd8bd5e1f8_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:2fd7371cc9b6d31e893ccf947e1eb82dfdafe64cf52f5180fb56eda3b5f39c1e_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:f06e63143446f6adaa05e172e6badc0d1d5ed4c84e2d5d2557d6009f2f8fc020_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:138e5980154aaa0ac5e9298f784b526351c99704cf695ee431501323ca009ee3_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:825d631625833d741b1a1b5dc5b4ed58931bba19c0df3dfffbe37c8d288501d3_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:973018e772a918fdf56c326a9a2dab6930d0495b8832d93a9ce38715bdd3a793_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3661729758bf85f23ea026ee63878c37e633a559e3a9cb62831c5756208849e0_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c958195cb7c571b2281e68812730e5bfdb56239dd78cd7eef68c78305df3a22_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e343a83ec73665ed07c5960878a1b523c2cec5d5f1c17bfbedda3fc1a1670f3f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0c937e3b9c64f9b162cfbe427f7302dae647ede0a521954c2dcda9ae5209c02f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8ac90dab1deddcca3eeba5fbe21393745a83241bf58c5e45346d1d8136bc766_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dd5bcce7eab9696f3df21db09e63df3a80ce8e5fa64120b0fcaf68abde0d0ba1_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:1d91f26a507a68b406bb35e5773a482ae91e395ee2076a8c1a518f20c5709d39_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:85a7cd5b497ecaa4050bd1a1452da303a188c8c39e647506a97cb51f77bd15ed_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ad57793f8387672543643510eb5ed7e7bbc3fff4b40b8f46c0133cbaba20fad3_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4394e75958311552877cfb76fc7b6e2fb8b2bce515c0e1caf4a8dd74c656b391_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4f0354935b9ed09306af1ed8484da9b36fe0bac08ffa846c8b8ea882fef672f5_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:881b3767f0cfe08cb5fac5fcb8869410c05978909ab3cf8e1c636ab3676c9fc8_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6d670d1f82894be7a953b784958929790702a922f13237cba2653bb85541d34_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d4ab8e4dbf191fb71d9b7457846e5544949d03c356c6c855f5490e819b50ab01_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:fc03767015d6a89e53ca40378638f2e392941b7ff2e3a820b9528d7fcd0e3db9_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:044dd53b4b98134210f70146352a200965479f3a585c025b4d754fe891ec9bc3_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:99c096b912ee9f55ad36d402a0e78ba2dfc4120313d3bdb9fc0254f3ef0bfebc_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c1481660a52b4d594368f1fe9b55646ac09d71ca8b6039e983752fa3185976bf_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9178124bc5c25689fcc7f18e612324eb960a89cd9953e25ddcfb86901cef121f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:c4fb7a4e30d0e7e8849e37bc6109f23670036f33eea58f5d298b442ce1afb671_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-central-db-rhel8@sha256:ee6981dd3ba39a27922af01c8b4daadbefe669bf749323c2f6c1b338130d51ca_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:7e8ecd268fc23e6012789bf37c79e3f32b2b97fb8680212de48c9d2b45ed6039_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:95cb6eda4d1ab5fc90ac93317051262c3f1fece5bc038ecee402d9637ac9065b_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-rhel8@sha256:d889a70c089484065a2ec82125046ab4a33b128f4dde1964cc079351870e9fb4_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:4841ffb3af288d62c7b55bc8aa0181a22f9115412412199d47ee867bc993dcb1_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:891a5bfabb3caa1500e010a5fa52cb8cb0ae5e891927f29482b60d0c5ff3a689_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:b0ad6462f9116dfef5d6f674abb40888fe0838f63ea63a910e28108fa9cfac96_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:81b5d9d7c45c4a8609c777e658eb8898e655799c813049ea75b0ad235d6c6031_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:91807217f7a5d5a234fe52d22ab0efb5d1555ecbea6bf0e73ea22986f0ccd7b9_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-main-rhel8@sha256:ae1ec07ca41d555e1979d5a78c2a5d73b1ba40deea93fd9c68480dd2a273107d_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:1ca8319a9362df3b09515f3a721152af15068cb98596fabd202be639ec847cd8_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:7a5e9703c62f13b5b9541dacb86b864a02399a2facc5e77da50c990742fa48db_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-operator-bundle@sha256:b481c31ea787bb4817304023ab223996b5deaf01f0c80557d652ca2e76a3dfc5_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:16557a28d0f406947511e9c0ac45ee817ea140889bafcb904cac32bd8bd5e1f8_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:2fd7371cc9b6d31e893ccf947e1eb82dfdafe64cf52f5180fb56eda3b5f39c1e_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-rhel8-operator@sha256:f06e63143446f6adaa05e172e6badc0d1d5ed4c84e2d5d2557d6009f2f8fc020_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:138e5980154aaa0ac5e9298f784b526351c99704cf695ee431501323ca009ee3_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:825d631625833d741b1a1b5dc5b4ed58931bba19c0df3dfffbe37c8d288501d3_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:973018e772a918fdf56c326a9a2dab6930d0495b8832d93a9ce38715bdd3a793_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3661729758bf85f23ea026ee63878c37e633a559e3a9cb62831c5756208849e0_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:7c958195cb7c571b2281e68812730e5bfdb56239dd78cd7eef68c78305df3a22_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:e343a83ec73665ed07c5960878a1b523c2cec5d5f1c17bfbedda3fc1a1670f3f_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:0c937e3b9c64f9b162cfbe427f7302dae647ede0a521954c2dcda9ae5209c02f_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:c8ac90dab1deddcca3eeba5fbe21393745a83241bf58c5e45346d1d8136bc766_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:dd5bcce7eab9696f3df21db09e63df3a80ce8e5fa64120b0fcaf68abde0d0ba1_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:1d91f26a507a68b406bb35e5773a482ae91e395ee2076a8c1a518f20c5709d39_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:85a7cd5b497ecaa4050bd1a1452da303a188c8c39e647506a97cb51f77bd15ed_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-rhel8@sha256:ad57793f8387672543643510eb5ed7e7bbc3fff4b40b8f46c0133cbaba20fad3_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4394e75958311552877cfb76fc7b6e2fb8b2bce515c0e1caf4a8dd74c656b391_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:4f0354935b9ed09306af1ed8484da9b36fe0bac08ffa846c8b8ea882fef672f5_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:881b3767f0cfe08cb5fac5fcb8869410c05978909ab3cf8e1c636ab3676c9fc8_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:c6d670d1f82894be7a953b784958929790702a922f13237cba2653bb85541d34_s390x",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:d4ab8e4dbf191fb71d9b7457846e5544949d03c356c6c855f5490e819b50ab01_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:fc03767015d6a89e53ca40378638f2e392941b7ff2e3a820b9528d7fcd0e3db9_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:044dd53b4b98134210f70146352a200965479f3a585c025b4d754fe891ec9bc3_amd64",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:99c096b912ee9f55ad36d402a0e78ba2dfc4120313d3bdb9fc0254f3ef0bfebc_ppc64le",
"8Base-RHACS-4.4:advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c1481660a52b4d594368f1fe9b55646ac09d71ca8b6039e983752fa3185976bf_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "dompurify: DOMPurify vulnerable to tampering by prototype pollution"
}
]
}
RHSA-2024_9960
Vulnerability from csaf_redhat - Published: 2024-11-19 01:54 - Updated: 2024-12-18 04:19A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:64d89d0cb1770aa865a932be052bb03c4e4f6bb47dcc6991365b9b25558361b2_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:da2f9dbd22533067dcc2a635a3f2c441cb69a1acb4793fd80b004368dbc0e5ab_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:e28ec47df651730661f559629b8b7a33bfc704c69807b1b8280c258152f63b38_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:f3cca8a8c57093fc128d7731257396dda9ed179890d2f6712ed5834d04973659_arm64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:2bbe258bd894d2f1a7ae940fb0794e3e2da6d50b92535b02b653eea21e156ec4_s390x | — | ||
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:6818ab81497735d1ccaebd8814af9104260eb4c5ce484320c19b01d0bc2427d2_ppc64le | — | ||
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:8caa969bec4ef8787e0ca5530c491ddc91f3d1ed19ff20648e795432c0c50e67_amd64 | — | ||
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:d3d9f7acc10c5c86a4651eb6e3d7785d0c3b235c07937508f71cbc3cc71119c6_arm64 | — | ||
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:1e0cfc88f7d10b795f69b9328c8decb82cf578f6094a0028e582f643a76615b9_ppc64le | — | ||
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:1faadcb77447ca04952734f846cd04bbf688ef430b568b7c0fd0b4a9d57944e5_amd64 | — | ||
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:550a940f0243123a6ab9c3a2a34b9b8d314850646d3b73baf767ccfb958bc884_s390x | — | ||
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:96f253071d1ed16b7c858d1c42114691307a2faac72619ee32f5a1ff90db8d17_arm64 | — | ||
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:0ca0153fd4b04609f4ba5953de6f3e9e6c7f716324529ec386d741b51deef007_ppc64le | — | ||
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:753f1a59e04ed4b0d30791122d76065f3773ec3d26c39316655481f7834db982_s390x | — | ||
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:e197d60887b37e7aec407c9872ec545fe73901de58a4803e56630a2918213dca_arm64 | — | ||
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:fdd33c1ab911d0b8e38a8358813de8d49f2ff8dec77a5d2ed57e11b81da83562_amd64 | — | ||
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:31fae3bc4af8243f6b02235f746b309c5e5eaa6ef3138c1d23cb5add5f3820a0_arm64 | — | ||
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:5743d98dca1fd770c100db49d07841ea1aad5f28c85e3ac4d3fe8e4af816a039_s390x | — | ||
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:a7aacf39f3740e328f2c2c91a96d774af8af64a0c22583eff5e4f73310a0a365_ppc64le | — | ||
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:ae9c1ff570daf3f63b2c0624a83e6e577ee3476f812c149f0a56c67527b6a21a_amd64 | — | ||
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:3c3b4a09d8ccd72def3569c0e1f99be0b1ee452ad2db49ce46811fd6d394af89_arm64 | — | ||
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:4fcbd1b09c6673f364777d5970867a51e3510c3d8b12513b7807a025e913051d_s390x | — | ||
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:765e3bdb4fc1240d51adb92fcaa72c5e0dd89ca7668eeb7d6e61491c1ec89d6f_ppc64le | — | ||
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:9d76566fcc91da5abdbc401470ac50e339b4faa5613e9d75f431a1b289b91c3e_amd64 | — | ||
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:0c35864cbaa0f6bec4202004641cdff2b130592e2ce8c66f0179abff8b22d065_arm64 | — | ||
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:26ecf9b62abd992a138c0efdbac768af2994261506c87f45ef5c484dffcce943_ppc64le | — | ||
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:2824aa03cdaffe44f21e6f58b57e8cf650cb0e96e15b2fcc987e146678d521ed_amd64 | — | ||
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:cc47ecae2f0d0306f3fc1bfbc13104a99e9fcc093f8c2f05ea479f5a2f966eff_s390x | — | ||
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:426359cc8df7743269b5083bf218f28189d6a2736872d9afb3909d9e7c1c1861_amd64 | — | ||
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4f684ef7417ede239193b32be628a4e3ede4f238d01c457b0cb5283b4e17dd9c_ppc64le | — | ||
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:87e2c30f1b04741775e9b6d73e095585f78bdfd7ea8715cd5fdb1bc65e2bf3ad_arm64 | — | ||
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b324db4dd92975489a8ceba2d72ba694b6731782dece3d5df93297e23881011e_s390x | — | ||
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:193715bff5bd4bc93fbe8b7313225569ab4b2943d8003dd6d29ca74457621e9a_ppc64le | — | ||
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:71bb8e7d4c7e8f6622e958ec38303f1def3f4d4e36e545ce339dae128a6a4348_s390x | — | ||
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:9515898ce41f4f53ea69297ab578298ec70e7f4828bb7769a246f41af5cf5851_arm64 | — | ||
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a853fb4574549241c758e7736e67641e019c41c557d1f0afb2f054155fb84a55_amd64 | — | ||
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:172cc60b6553bfe1016150c87a32bf10f0b77237ca009db8d75c8c6497c82653_s390x | — | ||
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:4f60326e0beaaeb585eaae1b4a84d3710603372d8b1fcb89a741aef9ebafb71b_amd64 | — | ||
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d8fe9c10704991d25049ed7358bc188ea858ad16035d5eecdff119f9bda6c541_ppc64le | — | ||
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:e365760218025d9ce7dd9c5ad2534c4dae757b459749a6d199daae872b83baff_arm64 | — | ||
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:574b94fa671857552d1a413f84a7c9389543485276e224da4abc991e831ebfe4_s390x | — | ||
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:898d2f75a55aeea661ed8533b70a65ec430c05cd5aa3f834eaa2502dd7c6c149_ppc64le | — | ||
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:db259445df5ff6a5bd0faa9ed04e2d0efd61a9af703b2d48db1ab9bc115d7abb_arm64 | — | ||
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:dfb0c4c14278e05c9909d3d2dd76bf264008429e769bbbb18a52409fce7f4fce_amd64 | — |
A flaw was found in Go. The net/http module mishandles specific server responses from HTTP/1.1 client requests. This issue may render a connection invalid and cause a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:574b94fa671857552d1a413f84a7c9389543485276e224da4abc991e831ebfe4_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:898d2f75a55aeea661ed8533b70a65ec430c05cd5aa3f834eaa2502dd7c6c149_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:db259445df5ff6a5bd0faa9ed04e2d0efd61a9af703b2d48db1ab9bc115d7abb_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:dfb0c4c14278e05c9909d3d2dd76bf264008429e769bbbb18a52409fce7f4fce_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:2bbe258bd894d2f1a7ae940fb0794e3e2da6d50b92535b02b653eea21e156ec4_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:6818ab81497735d1ccaebd8814af9104260eb4c5ce484320c19b01d0bc2427d2_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:8caa969bec4ef8787e0ca5530c491ddc91f3d1ed19ff20648e795432c0c50e67_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:d3d9f7acc10c5c86a4651eb6e3d7785d0c3b235c07937508f71cbc3cc71119c6_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:1e0cfc88f7d10b795f69b9328c8decb82cf578f6094a0028e582f643a76615b9_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:1faadcb77447ca04952734f846cd04bbf688ef430b568b7c0fd0b4a9d57944e5_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:550a940f0243123a6ab9c3a2a34b9b8d314850646d3b73baf767ccfb958bc884_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:96f253071d1ed16b7c858d1c42114691307a2faac72619ee32f5a1ff90db8d17_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:0ca0153fd4b04609f4ba5953de6f3e9e6c7f716324529ec386d741b51deef007_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:753f1a59e04ed4b0d30791122d76065f3773ec3d26c39316655481f7834db982_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:e197d60887b37e7aec407c9872ec545fe73901de58a4803e56630a2918213dca_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:fdd33c1ab911d0b8e38a8358813de8d49f2ff8dec77a5d2ed57e11b81da83562_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:31fae3bc4af8243f6b02235f746b309c5e5eaa6ef3138c1d23cb5add5f3820a0_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:5743d98dca1fd770c100db49d07841ea1aad5f28c85e3ac4d3fe8e4af816a039_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:a7aacf39f3740e328f2c2c91a96d774af8af64a0c22583eff5e4f73310a0a365_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:ae9c1ff570daf3f63b2c0624a83e6e577ee3476f812c149f0a56c67527b6a21a_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:3c3b4a09d8ccd72def3569c0e1f99be0b1ee452ad2db49ce46811fd6d394af89_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:4fcbd1b09c6673f364777d5970867a51e3510c3d8b12513b7807a025e913051d_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:765e3bdb4fc1240d51adb92fcaa72c5e0dd89ca7668eeb7d6e61491c1ec89d6f_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:9d76566fcc91da5abdbc401470ac50e339b4faa5613e9d75f431a1b289b91c3e_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:0c35864cbaa0f6bec4202004641cdff2b130592e2ce8c66f0179abff8b22d065_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:26ecf9b62abd992a138c0efdbac768af2994261506c87f45ef5c484dffcce943_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:2824aa03cdaffe44f21e6f58b57e8cf650cb0e96e15b2fcc987e146678d521ed_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:cc47ecae2f0d0306f3fc1bfbc13104a99e9fcc093f8c2f05ea479f5a2f966eff_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:426359cc8df7743269b5083bf218f28189d6a2736872d9afb3909d9e7c1c1861_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4f684ef7417ede239193b32be628a4e3ede4f238d01c457b0cb5283b4e17dd9c_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:87e2c30f1b04741775e9b6d73e095585f78bdfd7ea8715cd5fdb1bc65e2bf3ad_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b324db4dd92975489a8ceba2d72ba694b6731782dece3d5df93297e23881011e_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:193715bff5bd4bc93fbe8b7313225569ab4b2943d8003dd6d29ca74457621e9a_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:71bb8e7d4c7e8f6622e958ec38303f1def3f4d4e36e545ce339dae128a6a4348_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:9515898ce41f4f53ea69297ab578298ec70e7f4828bb7769a246f41af5cf5851_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a853fb4574549241c758e7736e67641e019c41c557d1f0afb2f054155fb84a55_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:64d89d0cb1770aa865a932be052bb03c4e4f6bb47dcc6991365b9b25558361b2_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:da2f9dbd22533067dcc2a635a3f2c441cb69a1acb4793fd80b004368dbc0e5ab_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:e28ec47df651730661f559629b8b7a33bfc704c69807b1b8280c258152f63b38_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:f3cca8a8c57093fc128d7731257396dda9ed179890d2f6712ed5834d04973659_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:172cc60b6553bfe1016150c87a32bf10f0b77237ca009db8d75c8c6497c82653_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:4f60326e0beaaeb585eaae1b4a84d3710603372d8b1fcb89a741aef9ebafb71b_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d8fe9c10704991d25049ed7358bc188ea858ad16035d5eecdff119f9bda6c541_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:e365760218025d9ce7dd9c5ad2534c4dae757b459749a6d199daae872b83baff_arm64 | — |
Workaround
|
A flaw was found in the go/parser package of the Golang standard library. Calling any Parse functions on Go source code containing deeply nested literals can cause a panic due to stack exhaustion.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:574b94fa671857552d1a413f84a7c9389543485276e224da4abc991e831ebfe4_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:898d2f75a55aeea661ed8533b70a65ec430c05cd5aa3f834eaa2502dd7c6c149_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:db259445df5ff6a5bd0faa9ed04e2d0efd61a9af703b2d48db1ab9bc115d7abb_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:dfb0c4c14278e05c9909d3d2dd76bf264008429e769bbbb18a52409fce7f4fce_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:2bbe258bd894d2f1a7ae940fb0794e3e2da6d50b92535b02b653eea21e156ec4_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:6818ab81497735d1ccaebd8814af9104260eb4c5ce484320c19b01d0bc2427d2_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:8caa969bec4ef8787e0ca5530c491ddc91f3d1ed19ff20648e795432c0c50e67_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:d3d9f7acc10c5c86a4651eb6e3d7785d0c3b235c07937508f71cbc3cc71119c6_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:1e0cfc88f7d10b795f69b9328c8decb82cf578f6094a0028e582f643a76615b9_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:1faadcb77447ca04952734f846cd04bbf688ef430b568b7c0fd0b4a9d57944e5_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:550a940f0243123a6ab9c3a2a34b9b8d314850646d3b73baf767ccfb958bc884_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:96f253071d1ed16b7c858d1c42114691307a2faac72619ee32f5a1ff90db8d17_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:0ca0153fd4b04609f4ba5953de6f3e9e6c7f716324529ec386d741b51deef007_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:753f1a59e04ed4b0d30791122d76065f3773ec3d26c39316655481f7834db982_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:e197d60887b37e7aec407c9872ec545fe73901de58a4803e56630a2918213dca_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:fdd33c1ab911d0b8e38a8358813de8d49f2ff8dec77a5d2ed57e11b81da83562_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:31fae3bc4af8243f6b02235f746b309c5e5eaa6ef3138c1d23cb5add5f3820a0_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:5743d98dca1fd770c100db49d07841ea1aad5f28c85e3ac4d3fe8e4af816a039_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:a7aacf39f3740e328f2c2c91a96d774af8af64a0c22583eff5e4f73310a0a365_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:ae9c1ff570daf3f63b2c0624a83e6e577ee3476f812c149f0a56c67527b6a21a_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:3c3b4a09d8ccd72def3569c0e1f99be0b1ee452ad2db49ce46811fd6d394af89_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:4fcbd1b09c6673f364777d5970867a51e3510c3d8b12513b7807a025e913051d_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:765e3bdb4fc1240d51adb92fcaa72c5e0dd89ca7668eeb7d6e61491c1ec89d6f_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:9d76566fcc91da5abdbc401470ac50e339b4faa5613e9d75f431a1b289b91c3e_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:0c35864cbaa0f6bec4202004641cdff2b130592e2ce8c66f0179abff8b22d065_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:26ecf9b62abd992a138c0efdbac768af2994261506c87f45ef5c484dffcce943_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:2824aa03cdaffe44f21e6f58b57e8cf650cb0e96e15b2fcc987e146678d521ed_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:cc47ecae2f0d0306f3fc1bfbc13104a99e9fcc093f8c2f05ea479f5a2f966eff_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:426359cc8df7743269b5083bf218f28189d6a2736872d9afb3909d9e7c1c1861_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4f684ef7417ede239193b32be628a4e3ede4f238d01c457b0cb5283b4e17dd9c_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:87e2c30f1b04741775e9b6d73e095585f78bdfd7ea8715cd5fdb1bc65e2bf3ad_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b324db4dd92975489a8ceba2d72ba694b6731782dece3d5df93297e23881011e_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:193715bff5bd4bc93fbe8b7313225569ab4b2943d8003dd6d29ca74457621e9a_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:71bb8e7d4c7e8f6622e958ec38303f1def3f4d4e36e545ce339dae128a6a4348_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:9515898ce41f4f53ea69297ab578298ec70e7f4828bb7769a246f41af5cf5851_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a853fb4574549241c758e7736e67641e019c41c557d1f0afb2f054155fb84a55_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:64d89d0cb1770aa865a932be052bb03c4e4f6bb47dcc6991365b9b25558361b2_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:da2f9dbd22533067dcc2a635a3f2c441cb69a1acb4793fd80b004368dbc0e5ab_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:e28ec47df651730661f559629b8b7a33bfc704c69807b1b8280c258152f63b38_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:f3cca8a8c57093fc128d7731257396dda9ed179890d2f6712ed5834d04973659_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:172cc60b6553bfe1016150c87a32bf10f0b77237ca009db8d75c8c6497c82653_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:4f60326e0beaaeb585eaae1b4a84d3710603372d8b1fcb89a741aef9ebafb71b_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d8fe9c10704991d25049ed7358bc188ea858ad16035d5eecdff119f9bda6c541_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:e365760218025d9ce7dd9c5ad2534c4dae757b459749a6d199daae872b83baff_arm64 | — |
Workaround
|
A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:574b94fa671857552d1a413f84a7c9389543485276e224da4abc991e831ebfe4_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:898d2f75a55aeea661ed8533b70a65ec430c05cd5aa3f834eaa2502dd7c6c149_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:db259445df5ff6a5bd0faa9ed04e2d0efd61a9af703b2d48db1ab9bc115d7abb_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:dfb0c4c14278e05c9909d3d2dd76bf264008429e769bbbb18a52409fce7f4fce_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:2bbe258bd894d2f1a7ae940fb0794e3e2da6d50b92535b02b653eea21e156ec4_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:6818ab81497735d1ccaebd8814af9104260eb4c5ce484320c19b01d0bc2427d2_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:8caa969bec4ef8787e0ca5530c491ddc91f3d1ed19ff20648e795432c0c50e67_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:d3d9f7acc10c5c86a4651eb6e3d7785d0c3b235c07937508f71cbc3cc71119c6_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:1e0cfc88f7d10b795f69b9328c8decb82cf578f6094a0028e582f643a76615b9_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:1faadcb77447ca04952734f846cd04bbf688ef430b568b7c0fd0b4a9d57944e5_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:550a940f0243123a6ab9c3a2a34b9b8d314850646d3b73baf767ccfb958bc884_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:96f253071d1ed16b7c858d1c42114691307a2faac72619ee32f5a1ff90db8d17_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:0ca0153fd4b04609f4ba5953de6f3e9e6c7f716324529ec386d741b51deef007_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:753f1a59e04ed4b0d30791122d76065f3773ec3d26c39316655481f7834db982_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:e197d60887b37e7aec407c9872ec545fe73901de58a4803e56630a2918213dca_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:fdd33c1ab911d0b8e38a8358813de8d49f2ff8dec77a5d2ed57e11b81da83562_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:31fae3bc4af8243f6b02235f746b309c5e5eaa6ef3138c1d23cb5add5f3820a0_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:5743d98dca1fd770c100db49d07841ea1aad5f28c85e3ac4d3fe8e4af816a039_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:a7aacf39f3740e328f2c2c91a96d774af8af64a0c22583eff5e4f73310a0a365_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:ae9c1ff570daf3f63b2c0624a83e6e577ee3476f812c149f0a56c67527b6a21a_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:3c3b4a09d8ccd72def3569c0e1f99be0b1ee452ad2db49ce46811fd6d394af89_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:4fcbd1b09c6673f364777d5970867a51e3510c3d8b12513b7807a025e913051d_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:765e3bdb4fc1240d51adb92fcaa72c5e0dd89ca7668eeb7d6e61491c1ec89d6f_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:9d76566fcc91da5abdbc401470ac50e339b4faa5613e9d75f431a1b289b91c3e_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:0c35864cbaa0f6bec4202004641cdff2b130592e2ce8c66f0179abff8b22d065_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:26ecf9b62abd992a138c0efdbac768af2994261506c87f45ef5c484dffcce943_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:2824aa03cdaffe44f21e6f58b57e8cf650cb0e96e15b2fcc987e146678d521ed_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:cc47ecae2f0d0306f3fc1bfbc13104a99e9fcc093f8c2f05ea479f5a2f966eff_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:426359cc8df7743269b5083bf218f28189d6a2736872d9afb3909d9e7c1c1861_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4f684ef7417ede239193b32be628a4e3ede4f238d01c457b0cb5283b4e17dd9c_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:87e2c30f1b04741775e9b6d73e095585f78bdfd7ea8715cd5fdb1bc65e2bf3ad_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b324db4dd92975489a8ceba2d72ba694b6731782dece3d5df93297e23881011e_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:193715bff5bd4bc93fbe8b7313225569ab4b2943d8003dd6d29ca74457621e9a_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:71bb8e7d4c7e8f6622e958ec38303f1def3f4d4e36e545ce339dae128a6a4348_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:9515898ce41f4f53ea69297ab578298ec70e7f4828bb7769a246f41af5cf5851_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a853fb4574549241c758e7736e67641e019c41c557d1f0afb2f054155fb84a55_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:64d89d0cb1770aa865a932be052bb03c4e4f6bb47dcc6991365b9b25558361b2_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:da2f9dbd22533067dcc2a635a3f2c441cb69a1acb4793fd80b004368dbc0e5ab_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:e28ec47df651730661f559629b8b7a33bfc704c69807b1b8280c258152f63b38_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:f3cca8a8c57093fc128d7731257396dda9ed179890d2f6712ed5834d04973659_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:172cc60b6553bfe1016150c87a32bf10f0b77237ca009db8d75c8c6497c82653_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:4f60326e0beaaeb585eaae1b4a84d3710603372d8b1fcb89a741aef9ebafb71b_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d8fe9c10704991d25049ed7358bc188ea858ad16035d5eecdff119f9bda6c541_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:e365760218025d9ce7dd9c5ad2534c4dae757b459749a6d199daae872b83baff_arm64 | — |
Workaround
|
A flaw was found in the go/build/constraint package of the Golang standard library. Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:574b94fa671857552d1a413f84a7c9389543485276e224da4abc991e831ebfe4_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:898d2f75a55aeea661ed8533b70a65ec430c05cd5aa3f834eaa2502dd7c6c149_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:db259445df5ff6a5bd0faa9ed04e2d0efd61a9af703b2d48db1ab9bc115d7abb_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:dfb0c4c14278e05c9909d3d2dd76bf264008429e769bbbb18a52409fce7f4fce_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:2bbe258bd894d2f1a7ae940fb0794e3e2da6d50b92535b02b653eea21e156ec4_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:6818ab81497735d1ccaebd8814af9104260eb4c5ce484320c19b01d0bc2427d2_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:8caa969bec4ef8787e0ca5530c491ddc91f3d1ed19ff20648e795432c0c50e67_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:d3d9f7acc10c5c86a4651eb6e3d7785d0c3b235c07937508f71cbc3cc71119c6_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:1e0cfc88f7d10b795f69b9328c8decb82cf578f6094a0028e582f643a76615b9_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:1faadcb77447ca04952734f846cd04bbf688ef430b568b7c0fd0b4a9d57944e5_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:550a940f0243123a6ab9c3a2a34b9b8d314850646d3b73baf767ccfb958bc884_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:96f253071d1ed16b7c858d1c42114691307a2faac72619ee32f5a1ff90db8d17_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:0ca0153fd4b04609f4ba5953de6f3e9e6c7f716324529ec386d741b51deef007_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:753f1a59e04ed4b0d30791122d76065f3773ec3d26c39316655481f7834db982_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:e197d60887b37e7aec407c9872ec545fe73901de58a4803e56630a2918213dca_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:fdd33c1ab911d0b8e38a8358813de8d49f2ff8dec77a5d2ed57e11b81da83562_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:31fae3bc4af8243f6b02235f746b309c5e5eaa6ef3138c1d23cb5add5f3820a0_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:5743d98dca1fd770c100db49d07841ea1aad5f28c85e3ac4d3fe8e4af816a039_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:a7aacf39f3740e328f2c2c91a96d774af8af64a0c22583eff5e4f73310a0a365_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:ae9c1ff570daf3f63b2c0624a83e6e577ee3476f812c149f0a56c67527b6a21a_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:3c3b4a09d8ccd72def3569c0e1f99be0b1ee452ad2db49ce46811fd6d394af89_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:4fcbd1b09c6673f364777d5970867a51e3510c3d8b12513b7807a025e913051d_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:765e3bdb4fc1240d51adb92fcaa72c5e0dd89ca7668eeb7d6e61491c1ec89d6f_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:9d76566fcc91da5abdbc401470ac50e339b4faa5613e9d75f431a1b289b91c3e_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:0c35864cbaa0f6bec4202004641cdff2b130592e2ce8c66f0179abff8b22d065_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:26ecf9b62abd992a138c0efdbac768af2994261506c87f45ef5c484dffcce943_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:2824aa03cdaffe44f21e6f58b57e8cf650cb0e96e15b2fcc987e146678d521ed_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:cc47ecae2f0d0306f3fc1bfbc13104a99e9fcc093f8c2f05ea479f5a2f966eff_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:426359cc8df7743269b5083bf218f28189d6a2736872d9afb3909d9e7c1c1861_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4f684ef7417ede239193b32be628a4e3ede4f238d01c457b0cb5283b4e17dd9c_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:87e2c30f1b04741775e9b6d73e095585f78bdfd7ea8715cd5fdb1bc65e2bf3ad_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b324db4dd92975489a8ceba2d72ba694b6731782dece3d5df93297e23881011e_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:193715bff5bd4bc93fbe8b7313225569ab4b2943d8003dd6d29ca74457621e9a_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:71bb8e7d4c7e8f6622e958ec38303f1def3f4d4e36e545ce339dae128a6a4348_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:9515898ce41f4f53ea69297ab578298ec70e7f4828bb7769a246f41af5cf5851_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a853fb4574549241c758e7736e67641e019c41c557d1f0afb2f054155fb84a55_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:64d89d0cb1770aa865a932be052bb03c4e4f6bb47dcc6991365b9b25558361b2_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:da2f9dbd22533067dcc2a635a3f2c441cb69a1acb4793fd80b004368dbc0e5ab_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:e28ec47df651730661f559629b8b7a33bfc704c69807b1b8280c258152f63b38_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:f3cca8a8c57093fc128d7731257396dda9ed179890d2f6712ed5834d04973659_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:172cc60b6553bfe1016150c87a32bf10f0b77237ca009db8d75c8c6497c82653_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:4f60326e0beaaeb585eaae1b4a84d3710603372d8b1fcb89a741aef9ebafb71b_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d8fe9c10704991d25049ed7358bc188ea858ad16035d5eecdff119f9bda6c541_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:e365760218025d9ce7dd9c5ad2534c4dae757b459749a6d199daae872b83baff_arm64 | — |
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "OpenShift API for Data Protection (OADP) 1.3.4 is now available.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "OpenShift API for Data Protection (OADP) enables you to back up and restore application resources, persistent volume data, and internal container images to external backup storage. OADP enables both file system-based and snapshot-based backups for persistent volumes.\n\nSecurity Fix(es) from Bugzilla:\n\n* encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion (CVE-2024-34156)\n\n* containers/image: digest type does not guarantee valid type (CVE-2024-3727)\n\n* net/http: Denial of service due to improper 100-continue handling in net/http (CVE-2024-24791)\n\n* go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion (CVE-2024-34155)\n\n* go/build/constraint: golang: Calling Parse on a \"// +build\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion (CVE-2024-34158)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:9960",
"url": "https://access.redhat.com/errata/RHSA-2024:9960"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2274767",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2274767"
},
{
"category": "external",
"summary": "2295310",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295310"
},
{
"category": "external",
"summary": "2310527",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310527"
},
{
"category": "external",
"summary": "2310528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310528"
},
{
"category": "external",
"summary": "2310529",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310529"
},
{
"category": "external",
"summary": "OADP-2944",
"url": "https://issues.redhat.com/browse/OADP-2944"
},
{
"category": "external",
"summary": "OADP-3010",
"url": "https://issues.redhat.com/browse/OADP-3010"
},
{
"category": "external",
"summary": "OADP-3050",
"url": "https://issues.redhat.com/browse/OADP-3050"
},
{
"category": "external",
"summary": "OADP-3052",
"url": "https://issues.redhat.com/browse/OADP-3052"
},
{
"category": "external",
"summary": "OADP-3562",
"url": "https://issues.redhat.com/browse/OADP-3562"
},
{
"category": "external",
"summary": "OADP-3630",
"url": "https://issues.redhat.com/browse/OADP-3630"
},
{
"category": "external",
"summary": "OADP-4736",
"url": "https://issues.redhat.com/browse/OADP-4736"
},
{
"category": "external",
"summary": "OADP-4803",
"url": "https://issues.redhat.com/browse/OADP-4803"
},
{
"category": "external",
"summary": "OADP-5111",
"url": "https://issues.redhat.com/browse/OADP-5111"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_9960.json"
}
],
"title": "Red Hat Security Advisory: OpenShift API for Data Protection (OADP) 1.3.4 security and bug fix update",
"tracking": {
"current_release_date": "2024-12-18T04:19:05+00:00",
"generator": {
"date": "2024-12-18T04:19:05+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2024:9960",
"initial_release_date": "2024-11-19T01:54:11+00:00",
"revision_history": [
{
"date": "2024-11-19T01:54:11+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-11-19T01:54:11+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-18T04:19:05+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "9Base-OADP-1.3",
"product": {
"name": "9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_api_data_protection:1.3::el9"
}
}
}
],
"category": "product_family",
"name": "OpenShift API for Data Protection"
},
{
"branches": [
{
"category": "product_version",
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:6818ab81497735d1ccaebd8814af9104260eb4c5ce484320c19b01d0bc2427d2_ppc64le",
"product": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:6818ab81497735d1ccaebd8814af9104260eb4c5ce484320c19b01d0bc2427d2_ppc64le",
"product_id": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:6818ab81497735d1ccaebd8814af9104260eb4c5ce484320c19b01d0bc2427d2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-kubevirt-velero-plugin-rhel9@sha256:6818ab81497735d1ccaebd8814af9104260eb4c5ce484320c19b01d0bc2427d2?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9\u0026tag=1.3.4-7"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-mustgather-rhel9@sha256:1e0cfc88f7d10b795f69b9328c8decb82cf578f6094a0028e582f643a76615b9_ppc64le",
"product": {
"name": "oadp/oadp-mustgather-rhel9@sha256:1e0cfc88f7d10b795f69b9328c8decb82cf578f6094a0028e582f643a76615b9_ppc64le",
"product_id": "oadp/oadp-mustgather-rhel9@sha256:1e0cfc88f7d10b795f69b9328c8decb82cf578f6094a0028e582f643a76615b9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-mustgather-rhel9@sha256:1e0cfc88f7d10b795f69b9328c8decb82cf578f6094a0028e582f643a76615b9?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-mustgather-rhel9\u0026tag=1.3.4-16"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-operator-bundle@sha256:0ca0153fd4b04609f4ba5953de6f3e9e6c7f716324529ec386d741b51deef007_ppc64le",
"product": {
"name": "oadp/oadp-operator-bundle@sha256:0ca0153fd4b04609f4ba5953de6f3e9e6c7f716324529ec386d741b51deef007_ppc64le",
"product_id": "oadp/oadp-operator-bundle@sha256:0ca0153fd4b04609f4ba5953de6f3e9e6c7f716324529ec386d741b51deef007_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-operator-bundle@sha256:0ca0153fd4b04609f4ba5953de6f3e9e6c7f716324529ec386d741b51deef007?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-operator-bundle\u0026tag=1.3.4-20"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-rhel9-operator@sha256:a7aacf39f3740e328f2c2c91a96d774af8af64a0c22583eff5e4f73310a0a365_ppc64le",
"product": {
"name": "oadp/oadp-rhel9-operator@sha256:a7aacf39f3740e328f2c2c91a96d774af8af64a0c22583eff5e4f73310a0a365_ppc64le",
"product_id": "oadp/oadp-rhel9-operator@sha256:a7aacf39f3740e328f2c2c91a96d774af8af64a0c22583eff5e4f73310a0a365_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-rhel9-operator@sha256:a7aacf39f3740e328f2c2c91a96d774af8af64a0c22583eff5e4f73310a0a365?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-rhel9-operator\u0026tag=1.3.4-13"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-rhel9@sha256:898d2f75a55aeea661ed8533b70a65ec430c05cd5aa3f834eaa2502dd7c6c149_ppc64le",
"product": {
"name": "oadp/oadp-velero-rhel9@sha256:898d2f75a55aeea661ed8533b70a65ec430c05cd5aa3f834eaa2502dd7c6c149_ppc64le",
"product_id": "oadp/oadp-velero-rhel9@sha256:898d2f75a55aeea661ed8533b70a65ec430c05cd5aa3f834eaa2502dd7c6c149_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-rhel9@sha256:898d2f75a55aeea661ed8533b70a65ec430c05cd5aa3f834eaa2502dd7c6c149?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-rhel9\u0026tag=1.3.4-10"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-rhel9@sha256:e28ec47df651730661f559629b8b7a33bfc704c69807b1b8280c258152f63b38_ppc64le",
"product": {
"name": "oadp/oadp-velero-plugin-rhel9@sha256:e28ec47df651730661f559629b8b7a33bfc704c69807b1b8280c258152f63b38_ppc64le",
"product_id": "oadp/oadp-velero-plugin-rhel9@sha256:e28ec47df651730661f559629b8b7a33bfc704c69807b1b8280c258152f63b38_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-rhel9@sha256:e28ec47df651730661f559629b8b7a33bfc704c69807b1b8280c258152f63b38?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-rhel9\u0026tag=1.3.4-9"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:765e3bdb4fc1240d51adb92fcaa72c5e0dd89ca7668eeb7d6e61491c1ec89d6f_ppc64le",
"product": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:765e3bdb4fc1240d51adb92fcaa72c5e0dd89ca7668eeb7d6e61491c1ec89d6f_ppc64le",
"product_id": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:765e3bdb4fc1240d51adb92fcaa72c5e0dd89ca7668eeb7d6e61491c1ec89d6f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-aws-rhel9@sha256:765e3bdb4fc1240d51adb92fcaa72c5e0dd89ca7668eeb7d6e61491c1ec89d6f?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9\u0026tag=1.3.4-7"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:26ecf9b62abd992a138c0efdbac768af2994261506c87f45ef5c484dffcce943_ppc64le",
"product": {
"name": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:26ecf9b62abd992a138c0efdbac768af2994261506c87f45ef5c484dffcce943_ppc64le",
"product_id": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:26ecf9b62abd992a138c0efdbac768af2994261506c87f45ef5c484dffcce943_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-csi-rhel9@sha256:26ecf9b62abd992a138c0efdbac768af2994261506c87f45ef5c484dffcce943?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-csi-rhel9\u0026tag=1.3.4-7"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4f684ef7417ede239193b32be628a4e3ede4f238d01c457b0cb5283b4e17dd9c_ppc64le",
"product": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4f684ef7417ede239193b32be628a4e3ede4f238d01c457b0cb5283b4e17dd9c_ppc64le",
"product_id": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4f684ef7417ede239193b32be628a4e3ede4f238d01c457b0cb5283b4e17dd9c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-gcp-rhel9@sha256:4f684ef7417ede239193b32be628a4e3ede4f238d01c457b0cb5283b4e17dd9c?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9\u0026tag=1.3.4-7"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:193715bff5bd4bc93fbe8b7313225569ab4b2943d8003dd6d29ca74457621e9a_ppc64le",
"product": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:193715bff5bd4bc93fbe8b7313225569ab4b2943d8003dd6d29ca74457621e9a_ppc64le",
"product_id": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:193715bff5bd4bc93fbe8b7313225569ab4b2943d8003dd6d29ca74457621e9a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:193715bff5bd4bc93fbe8b7313225569ab4b2943d8003dd6d29ca74457621e9a?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9\u0026tag=1.3.4-7"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d8fe9c10704991d25049ed7358bc188ea858ad16035d5eecdff119f9bda6c541_ppc64le",
"product": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d8fe9c10704991d25049ed7358bc188ea858ad16035d5eecdff119f9bda6c541_ppc64le",
"product_id": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d8fe9c10704991d25049ed7358bc188ea858ad16035d5eecdff119f9bda6c541_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-restic-restore-helper-rhel9@sha256:d8fe9c10704991d25049ed7358bc188ea858ad16035d5eecdff119f9bda6c541?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-restic-restore-helper-rhel9\u0026tag=1.3.4-10"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:8caa969bec4ef8787e0ca5530c491ddc91f3d1ed19ff20648e795432c0c50e67_amd64",
"product": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:8caa969bec4ef8787e0ca5530c491ddc91f3d1ed19ff20648e795432c0c50e67_amd64",
"product_id": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:8caa969bec4ef8787e0ca5530c491ddc91f3d1ed19ff20648e795432c0c50e67_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-kubevirt-velero-plugin-rhel9@sha256:8caa969bec4ef8787e0ca5530c491ddc91f3d1ed19ff20648e795432c0c50e67?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9\u0026tag=1.3.4-7"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-mustgather-rhel9@sha256:1faadcb77447ca04952734f846cd04bbf688ef430b568b7c0fd0b4a9d57944e5_amd64",
"product": {
"name": "oadp/oadp-mustgather-rhel9@sha256:1faadcb77447ca04952734f846cd04bbf688ef430b568b7c0fd0b4a9d57944e5_amd64",
"product_id": "oadp/oadp-mustgather-rhel9@sha256:1faadcb77447ca04952734f846cd04bbf688ef430b568b7c0fd0b4a9d57944e5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-mustgather-rhel9@sha256:1faadcb77447ca04952734f846cd04bbf688ef430b568b7c0fd0b4a9d57944e5?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-mustgather-rhel9\u0026tag=1.3.4-16"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-operator-bundle@sha256:fdd33c1ab911d0b8e38a8358813de8d49f2ff8dec77a5d2ed57e11b81da83562_amd64",
"product": {
"name": "oadp/oadp-operator-bundle@sha256:fdd33c1ab911d0b8e38a8358813de8d49f2ff8dec77a5d2ed57e11b81da83562_amd64",
"product_id": "oadp/oadp-operator-bundle@sha256:fdd33c1ab911d0b8e38a8358813de8d49f2ff8dec77a5d2ed57e11b81da83562_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-operator-bundle@sha256:fdd33c1ab911d0b8e38a8358813de8d49f2ff8dec77a5d2ed57e11b81da83562?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-operator-bundle\u0026tag=1.3.4-20"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-rhel9-operator@sha256:ae9c1ff570daf3f63b2c0624a83e6e577ee3476f812c149f0a56c67527b6a21a_amd64",
"product": {
"name": "oadp/oadp-rhel9-operator@sha256:ae9c1ff570daf3f63b2c0624a83e6e577ee3476f812c149f0a56c67527b6a21a_amd64",
"product_id": "oadp/oadp-rhel9-operator@sha256:ae9c1ff570daf3f63b2c0624a83e6e577ee3476f812c149f0a56c67527b6a21a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-rhel9-operator@sha256:ae9c1ff570daf3f63b2c0624a83e6e577ee3476f812c149f0a56c67527b6a21a?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-rhel9-operator\u0026tag=1.3.4-13"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-rhel9@sha256:dfb0c4c14278e05c9909d3d2dd76bf264008429e769bbbb18a52409fce7f4fce_amd64",
"product": {
"name": "oadp/oadp-velero-rhel9@sha256:dfb0c4c14278e05c9909d3d2dd76bf264008429e769bbbb18a52409fce7f4fce_amd64",
"product_id": "oadp/oadp-velero-rhel9@sha256:dfb0c4c14278e05c9909d3d2dd76bf264008429e769bbbb18a52409fce7f4fce_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-rhel9@sha256:dfb0c4c14278e05c9909d3d2dd76bf264008429e769bbbb18a52409fce7f4fce?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-rhel9\u0026tag=1.3.4-10"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-rhel9@sha256:64d89d0cb1770aa865a932be052bb03c4e4f6bb47dcc6991365b9b25558361b2_amd64",
"product": {
"name": "oadp/oadp-velero-plugin-rhel9@sha256:64d89d0cb1770aa865a932be052bb03c4e4f6bb47dcc6991365b9b25558361b2_amd64",
"product_id": "oadp/oadp-velero-plugin-rhel9@sha256:64d89d0cb1770aa865a932be052bb03c4e4f6bb47dcc6991365b9b25558361b2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-rhel9@sha256:64d89d0cb1770aa865a932be052bb03c4e4f6bb47dcc6991365b9b25558361b2?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-rhel9\u0026tag=1.3.4-9"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:9d76566fcc91da5abdbc401470ac50e339b4faa5613e9d75f431a1b289b91c3e_amd64",
"product": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:9d76566fcc91da5abdbc401470ac50e339b4faa5613e9d75f431a1b289b91c3e_amd64",
"product_id": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:9d76566fcc91da5abdbc401470ac50e339b4faa5613e9d75f431a1b289b91c3e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-aws-rhel9@sha256:9d76566fcc91da5abdbc401470ac50e339b4faa5613e9d75f431a1b289b91c3e?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9\u0026tag=1.3.4-7"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:2824aa03cdaffe44f21e6f58b57e8cf650cb0e96e15b2fcc987e146678d521ed_amd64",
"product": {
"name": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:2824aa03cdaffe44f21e6f58b57e8cf650cb0e96e15b2fcc987e146678d521ed_amd64",
"product_id": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:2824aa03cdaffe44f21e6f58b57e8cf650cb0e96e15b2fcc987e146678d521ed_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-csi-rhel9@sha256:2824aa03cdaffe44f21e6f58b57e8cf650cb0e96e15b2fcc987e146678d521ed?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-csi-rhel9\u0026tag=1.3.4-7"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:426359cc8df7743269b5083bf218f28189d6a2736872d9afb3909d9e7c1c1861_amd64",
"product": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:426359cc8df7743269b5083bf218f28189d6a2736872d9afb3909d9e7c1c1861_amd64",
"product_id": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:426359cc8df7743269b5083bf218f28189d6a2736872d9afb3909d9e7c1c1861_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-gcp-rhel9@sha256:426359cc8df7743269b5083bf218f28189d6a2736872d9afb3909d9e7c1c1861?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9\u0026tag=1.3.4-7"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a853fb4574549241c758e7736e67641e019c41c557d1f0afb2f054155fb84a55_amd64",
"product": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a853fb4574549241c758e7736e67641e019c41c557d1f0afb2f054155fb84a55_amd64",
"product_id": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a853fb4574549241c758e7736e67641e019c41c557d1f0afb2f054155fb84a55_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a853fb4574549241c758e7736e67641e019c41c557d1f0afb2f054155fb84a55?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9\u0026tag=1.3.4-7"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:4f60326e0beaaeb585eaae1b4a84d3710603372d8b1fcb89a741aef9ebafb71b_amd64",
"product": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:4f60326e0beaaeb585eaae1b4a84d3710603372d8b1fcb89a741aef9ebafb71b_amd64",
"product_id": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:4f60326e0beaaeb585eaae1b4a84d3710603372d8b1fcb89a741aef9ebafb71b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-restic-restore-helper-rhel9@sha256:4f60326e0beaaeb585eaae1b4a84d3710603372d8b1fcb89a741aef9ebafb71b?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-restic-restore-helper-rhel9\u0026tag=1.3.4-10"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:2bbe258bd894d2f1a7ae940fb0794e3e2da6d50b92535b02b653eea21e156ec4_s390x",
"product": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:2bbe258bd894d2f1a7ae940fb0794e3e2da6d50b92535b02b653eea21e156ec4_s390x",
"product_id": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:2bbe258bd894d2f1a7ae940fb0794e3e2da6d50b92535b02b653eea21e156ec4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-kubevirt-velero-plugin-rhel9@sha256:2bbe258bd894d2f1a7ae940fb0794e3e2da6d50b92535b02b653eea21e156ec4?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9\u0026tag=1.3.4-7"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-mustgather-rhel9@sha256:550a940f0243123a6ab9c3a2a34b9b8d314850646d3b73baf767ccfb958bc884_s390x",
"product": {
"name": "oadp/oadp-mustgather-rhel9@sha256:550a940f0243123a6ab9c3a2a34b9b8d314850646d3b73baf767ccfb958bc884_s390x",
"product_id": "oadp/oadp-mustgather-rhel9@sha256:550a940f0243123a6ab9c3a2a34b9b8d314850646d3b73baf767ccfb958bc884_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-mustgather-rhel9@sha256:550a940f0243123a6ab9c3a2a34b9b8d314850646d3b73baf767ccfb958bc884?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-mustgather-rhel9\u0026tag=1.3.4-16"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-operator-bundle@sha256:753f1a59e04ed4b0d30791122d76065f3773ec3d26c39316655481f7834db982_s390x",
"product": {
"name": "oadp/oadp-operator-bundle@sha256:753f1a59e04ed4b0d30791122d76065f3773ec3d26c39316655481f7834db982_s390x",
"product_id": "oadp/oadp-operator-bundle@sha256:753f1a59e04ed4b0d30791122d76065f3773ec3d26c39316655481f7834db982_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-operator-bundle@sha256:753f1a59e04ed4b0d30791122d76065f3773ec3d26c39316655481f7834db982?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-operator-bundle\u0026tag=1.3.4-20"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-rhel9-operator@sha256:5743d98dca1fd770c100db49d07841ea1aad5f28c85e3ac4d3fe8e4af816a039_s390x",
"product": {
"name": "oadp/oadp-rhel9-operator@sha256:5743d98dca1fd770c100db49d07841ea1aad5f28c85e3ac4d3fe8e4af816a039_s390x",
"product_id": "oadp/oadp-rhel9-operator@sha256:5743d98dca1fd770c100db49d07841ea1aad5f28c85e3ac4d3fe8e4af816a039_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-rhel9-operator@sha256:5743d98dca1fd770c100db49d07841ea1aad5f28c85e3ac4d3fe8e4af816a039?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-rhel9-operator\u0026tag=1.3.4-13"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-rhel9@sha256:574b94fa671857552d1a413f84a7c9389543485276e224da4abc991e831ebfe4_s390x",
"product": {
"name": "oadp/oadp-velero-rhel9@sha256:574b94fa671857552d1a413f84a7c9389543485276e224da4abc991e831ebfe4_s390x",
"product_id": "oadp/oadp-velero-rhel9@sha256:574b94fa671857552d1a413f84a7c9389543485276e224da4abc991e831ebfe4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-rhel9@sha256:574b94fa671857552d1a413f84a7c9389543485276e224da4abc991e831ebfe4?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-rhel9\u0026tag=1.3.4-10"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-rhel9@sha256:da2f9dbd22533067dcc2a635a3f2c441cb69a1acb4793fd80b004368dbc0e5ab_s390x",
"product": {
"name": "oadp/oadp-velero-plugin-rhel9@sha256:da2f9dbd22533067dcc2a635a3f2c441cb69a1acb4793fd80b004368dbc0e5ab_s390x",
"product_id": "oadp/oadp-velero-plugin-rhel9@sha256:da2f9dbd22533067dcc2a635a3f2c441cb69a1acb4793fd80b004368dbc0e5ab_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-rhel9@sha256:da2f9dbd22533067dcc2a635a3f2c441cb69a1acb4793fd80b004368dbc0e5ab?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-rhel9\u0026tag=1.3.4-9"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:4fcbd1b09c6673f364777d5970867a51e3510c3d8b12513b7807a025e913051d_s390x",
"product": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:4fcbd1b09c6673f364777d5970867a51e3510c3d8b12513b7807a025e913051d_s390x",
"product_id": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:4fcbd1b09c6673f364777d5970867a51e3510c3d8b12513b7807a025e913051d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-aws-rhel9@sha256:4fcbd1b09c6673f364777d5970867a51e3510c3d8b12513b7807a025e913051d?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9\u0026tag=1.3.4-7"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:cc47ecae2f0d0306f3fc1bfbc13104a99e9fcc093f8c2f05ea479f5a2f966eff_s390x",
"product": {
"name": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:cc47ecae2f0d0306f3fc1bfbc13104a99e9fcc093f8c2f05ea479f5a2f966eff_s390x",
"product_id": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:cc47ecae2f0d0306f3fc1bfbc13104a99e9fcc093f8c2f05ea479f5a2f966eff_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-csi-rhel9@sha256:cc47ecae2f0d0306f3fc1bfbc13104a99e9fcc093f8c2f05ea479f5a2f966eff?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-csi-rhel9\u0026tag=1.3.4-7"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b324db4dd92975489a8ceba2d72ba694b6731782dece3d5df93297e23881011e_s390x",
"product": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b324db4dd92975489a8ceba2d72ba694b6731782dece3d5df93297e23881011e_s390x",
"product_id": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b324db4dd92975489a8ceba2d72ba694b6731782dece3d5df93297e23881011e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-gcp-rhel9@sha256:b324db4dd92975489a8ceba2d72ba694b6731782dece3d5df93297e23881011e?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9\u0026tag=1.3.4-7"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:71bb8e7d4c7e8f6622e958ec38303f1def3f4d4e36e545ce339dae128a6a4348_s390x",
"product": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:71bb8e7d4c7e8f6622e958ec38303f1def3f4d4e36e545ce339dae128a6a4348_s390x",
"product_id": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:71bb8e7d4c7e8f6622e958ec38303f1def3f4d4e36e545ce339dae128a6a4348_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:71bb8e7d4c7e8f6622e958ec38303f1def3f4d4e36e545ce339dae128a6a4348?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9\u0026tag=1.3.4-7"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:172cc60b6553bfe1016150c87a32bf10f0b77237ca009db8d75c8c6497c82653_s390x",
"product": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:172cc60b6553bfe1016150c87a32bf10f0b77237ca009db8d75c8c6497c82653_s390x",
"product_id": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:172cc60b6553bfe1016150c87a32bf10f0b77237ca009db8d75c8c6497c82653_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-restic-restore-helper-rhel9@sha256:172cc60b6553bfe1016150c87a32bf10f0b77237ca009db8d75c8c6497c82653?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-restic-restore-helper-rhel9\u0026tag=1.3.4-10"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:d3d9f7acc10c5c86a4651eb6e3d7785d0c3b235c07937508f71cbc3cc71119c6_arm64",
"product": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:d3d9f7acc10c5c86a4651eb6e3d7785d0c3b235c07937508f71cbc3cc71119c6_arm64",
"product_id": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:d3d9f7acc10c5c86a4651eb6e3d7785d0c3b235c07937508f71cbc3cc71119c6_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-kubevirt-velero-plugin-rhel9@sha256:d3d9f7acc10c5c86a4651eb6e3d7785d0c3b235c07937508f71cbc3cc71119c6?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9\u0026tag=1.3.4-7"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-mustgather-rhel9@sha256:96f253071d1ed16b7c858d1c42114691307a2faac72619ee32f5a1ff90db8d17_arm64",
"product": {
"name": "oadp/oadp-mustgather-rhel9@sha256:96f253071d1ed16b7c858d1c42114691307a2faac72619ee32f5a1ff90db8d17_arm64",
"product_id": "oadp/oadp-mustgather-rhel9@sha256:96f253071d1ed16b7c858d1c42114691307a2faac72619ee32f5a1ff90db8d17_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-mustgather-rhel9@sha256:96f253071d1ed16b7c858d1c42114691307a2faac72619ee32f5a1ff90db8d17?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-mustgather-rhel9\u0026tag=1.3.4-16"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-operator-bundle@sha256:e197d60887b37e7aec407c9872ec545fe73901de58a4803e56630a2918213dca_arm64",
"product": {
"name": "oadp/oadp-operator-bundle@sha256:e197d60887b37e7aec407c9872ec545fe73901de58a4803e56630a2918213dca_arm64",
"product_id": "oadp/oadp-operator-bundle@sha256:e197d60887b37e7aec407c9872ec545fe73901de58a4803e56630a2918213dca_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-operator-bundle@sha256:e197d60887b37e7aec407c9872ec545fe73901de58a4803e56630a2918213dca?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-operator-bundle\u0026tag=1.3.4-20"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-rhel9-operator@sha256:31fae3bc4af8243f6b02235f746b309c5e5eaa6ef3138c1d23cb5add5f3820a0_arm64",
"product": {
"name": "oadp/oadp-rhel9-operator@sha256:31fae3bc4af8243f6b02235f746b309c5e5eaa6ef3138c1d23cb5add5f3820a0_arm64",
"product_id": "oadp/oadp-rhel9-operator@sha256:31fae3bc4af8243f6b02235f746b309c5e5eaa6ef3138c1d23cb5add5f3820a0_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-rhel9-operator@sha256:31fae3bc4af8243f6b02235f746b309c5e5eaa6ef3138c1d23cb5add5f3820a0?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-rhel9-operator\u0026tag=1.3.4-13"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-rhel9@sha256:db259445df5ff6a5bd0faa9ed04e2d0efd61a9af703b2d48db1ab9bc115d7abb_arm64",
"product": {
"name": "oadp/oadp-velero-rhel9@sha256:db259445df5ff6a5bd0faa9ed04e2d0efd61a9af703b2d48db1ab9bc115d7abb_arm64",
"product_id": "oadp/oadp-velero-rhel9@sha256:db259445df5ff6a5bd0faa9ed04e2d0efd61a9af703b2d48db1ab9bc115d7abb_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-rhel9@sha256:db259445df5ff6a5bd0faa9ed04e2d0efd61a9af703b2d48db1ab9bc115d7abb?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-rhel9\u0026tag=1.3.4-10"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-rhel9@sha256:f3cca8a8c57093fc128d7731257396dda9ed179890d2f6712ed5834d04973659_arm64",
"product": {
"name": "oadp/oadp-velero-plugin-rhel9@sha256:f3cca8a8c57093fc128d7731257396dda9ed179890d2f6712ed5834d04973659_arm64",
"product_id": "oadp/oadp-velero-plugin-rhel9@sha256:f3cca8a8c57093fc128d7731257396dda9ed179890d2f6712ed5834d04973659_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-rhel9@sha256:f3cca8a8c57093fc128d7731257396dda9ed179890d2f6712ed5834d04973659?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-rhel9\u0026tag=1.3.4-9"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:3c3b4a09d8ccd72def3569c0e1f99be0b1ee452ad2db49ce46811fd6d394af89_arm64",
"product": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:3c3b4a09d8ccd72def3569c0e1f99be0b1ee452ad2db49ce46811fd6d394af89_arm64",
"product_id": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:3c3b4a09d8ccd72def3569c0e1f99be0b1ee452ad2db49ce46811fd6d394af89_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-aws-rhel9@sha256:3c3b4a09d8ccd72def3569c0e1f99be0b1ee452ad2db49ce46811fd6d394af89?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9\u0026tag=1.3.4-7"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:0c35864cbaa0f6bec4202004641cdff2b130592e2ce8c66f0179abff8b22d065_arm64",
"product": {
"name": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:0c35864cbaa0f6bec4202004641cdff2b130592e2ce8c66f0179abff8b22d065_arm64",
"product_id": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:0c35864cbaa0f6bec4202004641cdff2b130592e2ce8c66f0179abff8b22d065_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-csi-rhel9@sha256:0c35864cbaa0f6bec4202004641cdff2b130592e2ce8c66f0179abff8b22d065?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-csi-rhel9\u0026tag=1.3.4-7"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:87e2c30f1b04741775e9b6d73e095585f78bdfd7ea8715cd5fdb1bc65e2bf3ad_arm64",
"product": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:87e2c30f1b04741775e9b6d73e095585f78bdfd7ea8715cd5fdb1bc65e2bf3ad_arm64",
"product_id": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:87e2c30f1b04741775e9b6d73e095585f78bdfd7ea8715cd5fdb1bc65e2bf3ad_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-gcp-rhel9@sha256:87e2c30f1b04741775e9b6d73e095585f78bdfd7ea8715cd5fdb1bc65e2bf3ad?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9\u0026tag=1.3.4-7"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:9515898ce41f4f53ea69297ab578298ec70e7f4828bb7769a246f41af5cf5851_arm64",
"product": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:9515898ce41f4f53ea69297ab578298ec70e7f4828bb7769a246f41af5cf5851_arm64",
"product_id": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:9515898ce41f4f53ea69297ab578298ec70e7f4828bb7769a246f41af5cf5851_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:9515898ce41f4f53ea69297ab578298ec70e7f4828bb7769a246f41af5cf5851?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9\u0026tag=1.3.4-7"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:e365760218025d9ce7dd9c5ad2534c4dae757b459749a6d199daae872b83baff_arm64",
"product": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:e365760218025d9ce7dd9c5ad2534c4dae757b459749a6d199daae872b83baff_arm64",
"product_id": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:e365760218025d9ce7dd9c5ad2534c4dae757b459749a6d199daae872b83baff_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-restic-restore-helper-rhel9@sha256:e365760218025d9ce7dd9c5ad2534c4dae757b459749a6d199daae872b83baff?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-restic-restore-helper-rhel9\u0026tag=1.3.4-10"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:2bbe258bd894d2f1a7ae940fb0794e3e2da6d50b92535b02b653eea21e156ec4_s390x as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:2bbe258bd894d2f1a7ae940fb0794e3e2da6d50b92535b02b653eea21e156ec4_s390x"
},
"product_reference": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:2bbe258bd894d2f1a7ae940fb0794e3e2da6d50b92535b02b653eea21e156ec4_s390x",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:6818ab81497735d1ccaebd8814af9104260eb4c5ce484320c19b01d0bc2427d2_ppc64le as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:6818ab81497735d1ccaebd8814af9104260eb4c5ce484320c19b01d0bc2427d2_ppc64le"
},
"product_reference": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:6818ab81497735d1ccaebd8814af9104260eb4c5ce484320c19b01d0bc2427d2_ppc64le",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:8caa969bec4ef8787e0ca5530c491ddc91f3d1ed19ff20648e795432c0c50e67_amd64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:8caa969bec4ef8787e0ca5530c491ddc91f3d1ed19ff20648e795432c0c50e67_amd64"
},
"product_reference": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:8caa969bec4ef8787e0ca5530c491ddc91f3d1ed19ff20648e795432c0c50e67_amd64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:d3d9f7acc10c5c86a4651eb6e3d7785d0c3b235c07937508f71cbc3cc71119c6_arm64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:d3d9f7acc10c5c86a4651eb6e3d7785d0c3b235c07937508f71cbc3cc71119c6_arm64"
},
"product_reference": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:d3d9f7acc10c5c86a4651eb6e3d7785d0c3b235c07937508f71cbc3cc71119c6_arm64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-mustgather-rhel9@sha256:1e0cfc88f7d10b795f69b9328c8decb82cf578f6094a0028e582f643a76615b9_ppc64le as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:1e0cfc88f7d10b795f69b9328c8decb82cf578f6094a0028e582f643a76615b9_ppc64le"
},
"product_reference": "oadp/oadp-mustgather-rhel9@sha256:1e0cfc88f7d10b795f69b9328c8decb82cf578f6094a0028e582f643a76615b9_ppc64le",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-mustgather-rhel9@sha256:1faadcb77447ca04952734f846cd04bbf688ef430b568b7c0fd0b4a9d57944e5_amd64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:1faadcb77447ca04952734f846cd04bbf688ef430b568b7c0fd0b4a9d57944e5_amd64"
},
"product_reference": "oadp/oadp-mustgather-rhel9@sha256:1faadcb77447ca04952734f846cd04bbf688ef430b568b7c0fd0b4a9d57944e5_amd64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-mustgather-rhel9@sha256:550a940f0243123a6ab9c3a2a34b9b8d314850646d3b73baf767ccfb958bc884_s390x as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:550a940f0243123a6ab9c3a2a34b9b8d314850646d3b73baf767ccfb958bc884_s390x"
},
"product_reference": "oadp/oadp-mustgather-rhel9@sha256:550a940f0243123a6ab9c3a2a34b9b8d314850646d3b73baf767ccfb958bc884_s390x",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-mustgather-rhel9@sha256:96f253071d1ed16b7c858d1c42114691307a2faac72619ee32f5a1ff90db8d17_arm64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:96f253071d1ed16b7c858d1c42114691307a2faac72619ee32f5a1ff90db8d17_arm64"
},
"product_reference": "oadp/oadp-mustgather-rhel9@sha256:96f253071d1ed16b7c858d1c42114691307a2faac72619ee32f5a1ff90db8d17_arm64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-operator-bundle@sha256:0ca0153fd4b04609f4ba5953de6f3e9e6c7f716324529ec386d741b51deef007_ppc64le as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:0ca0153fd4b04609f4ba5953de6f3e9e6c7f716324529ec386d741b51deef007_ppc64le"
},
"product_reference": "oadp/oadp-operator-bundle@sha256:0ca0153fd4b04609f4ba5953de6f3e9e6c7f716324529ec386d741b51deef007_ppc64le",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-operator-bundle@sha256:753f1a59e04ed4b0d30791122d76065f3773ec3d26c39316655481f7834db982_s390x as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:753f1a59e04ed4b0d30791122d76065f3773ec3d26c39316655481f7834db982_s390x"
},
"product_reference": "oadp/oadp-operator-bundle@sha256:753f1a59e04ed4b0d30791122d76065f3773ec3d26c39316655481f7834db982_s390x",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-operator-bundle@sha256:e197d60887b37e7aec407c9872ec545fe73901de58a4803e56630a2918213dca_arm64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:e197d60887b37e7aec407c9872ec545fe73901de58a4803e56630a2918213dca_arm64"
},
"product_reference": "oadp/oadp-operator-bundle@sha256:e197d60887b37e7aec407c9872ec545fe73901de58a4803e56630a2918213dca_arm64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-operator-bundle@sha256:fdd33c1ab911d0b8e38a8358813de8d49f2ff8dec77a5d2ed57e11b81da83562_amd64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:fdd33c1ab911d0b8e38a8358813de8d49f2ff8dec77a5d2ed57e11b81da83562_amd64"
},
"product_reference": "oadp/oadp-operator-bundle@sha256:fdd33c1ab911d0b8e38a8358813de8d49f2ff8dec77a5d2ed57e11b81da83562_amd64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-rhel9-operator@sha256:31fae3bc4af8243f6b02235f746b309c5e5eaa6ef3138c1d23cb5add5f3820a0_arm64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:31fae3bc4af8243f6b02235f746b309c5e5eaa6ef3138c1d23cb5add5f3820a0_arm64"
},
"product_reference": "oadp/oadp-rhel9-operator@sha256:31fae3bc4af8243f6b02235f746b309c5e5eaa6ef3138c1d23cb5add5f3820a0_arm64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-rhel9-operator@sha256:5743d98dca1fd770c100db49d07841ea1aad5f28c85e3ac4d3fe8e4af816a039_s390x as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:5743d98dca1fd770c100db49d07841ea1aad5f28c85e3ac4d3fe8e4af816a039_s390x"
},
"product_reference": "oadp/oadp-rhel9-operator@sha256:5743d98dca1fd770c100db49d07841ea1aad5f28c85e3ac4d3fe8e4af816a039_s390x",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-rhel9-operator@sha256:a7aacf39f3740e328f2c2c91a96d774af8af64a0c22583eff5e4f73310a0a365_ppc64le as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:a7aacf39f3740e328f2c2c91a96d774af8af64a0c22583eff5e4f73310a0a365_ppc64le"
},
"product_reference": "oadp/oadp-rhel9-operator@sha256:a7aacf39f3740e328f2c2c91a96d774af8af64a0c22583eff5e4f73310a0a365_ppc64le",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-rhel9-operator@sha256:ae9c1ff570daf3f63b2c0624a83e6e577ee3476f812c149f0a56c67527b6a21a_amd64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:ae9c1ff570daf3f63b2c0624a83e6e577ee3476f812c149f0a56c67527b6a21a_amd64"
},
"product_reference": "oadp/oadp-rhel9-operator@sha256:ae9c1ff570daf3f63b2c0624a83e6e577ee3476f812c149f0a56c67527b6a21a_amd64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:3c3b4a09d8ccd72def3569c0e1f99be0b1ee452ad2db49ce46811fd6d394af89_arm64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:3c3b4a09d8ccd72def3569c0e1f99be0b1ee452ad2db49ce46811fd6d394af89_arm64"
},
"product_reference": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:3c3b4a09d8ccd72def3569c0e1f99be0b1ee452ad2db49ce46811fd6d394af89_arm64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:4fcbd1b09c6673f364777d5970867a51e3510c3d8b12513b7807a025e913051d_s390x as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:4fcbd1b09c6673f364777d5970867a51e3510c3d8b12513b7807a025e913051d_s390x"
},
"product_reference": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:4fcbd1b09c6673f364777d5970867a51e3510c3d8b12513b7807a025e913051d_s390x",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:765e3bdb4fc1240d51adb92fcaa72c5e0dd89ca7668eeb7d6e61491c1ec89d6f_ppc64le as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:765e3bdb4fc1240d51adb92fcaa72c5e0dd89ca7668eeb7d6e61491c1ec89d6f_ppc64le"
},
"product_reference": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:765e3bdb4fc1240d51adb92fcaa72c5e0dd89ca7668eeb7d6e61491c1ec89d6f_ppc64le",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:9d76566fcc91da5abdbc401470ac50e339b4faa5613e9d75f431a1b289b91c3e_amd64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:9d76566fcc91da5abdbc401470ac50e339b4faa5613e9d75f431a1b289b91c3e_amd64"
},
"product_reference": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:9d76566fcc91da5abdbc401470ac50e339b4faa5613e9d75f431a1b289b91c3e_amd64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:0c35864cbaa0f6bec4202004641cdff2b130592e2ce8c66f0179abff8b22d065_arm64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:0c35864cbaa0f6bec4202004641cdff2b130592e2ce8c66f0179abff8b22d065_arm64"
},
"product_reference": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:0c35864cbaa0f6bec4202004641cdff2b130592e2ce8c66f0179abff8b22d065_arm64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:26ecf9b62abd992a138c0efdbac768af2994261506c87f45ef5c484dffcce943_ppc64le as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:26ecf9b62abd992a138c0efdbac768af2994261506c87f45ef5c484dffcce943_ppc64le"
},
"product_reference": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:26ecf9b62abd992a138c0efdbac768af2994261506c87f45ef5c484dffcce943_ppc64le",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:2824aa03cdaffe44f21e6f58b57e8cf650cb0e96e15b2fcc987e146678d521ed_amd64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:2824aa03cdaffe44f21e6f58b57e8cf650cb0e96e15b2fcc987e146678d521ed_amd64"
},
"product_reference": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:2824aa03cdaffe44f21e6f58b57e8cf650cb0e96e15b2fcc987e146678d521ed_amd64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:cc47ecae2f0d0306f3fc1bfbc13104a99e9fcc093f8c2f05ea479f5a2f966eff_s390x as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:cc47ecae2f0d0306f3fc1bfbc13104a99e9fcc093f8c2f05ea479f5a2f966eff_s390x"
},
"product_reference": "oadp/oadp-velero-plugin-for-csi-rhel9@sha256:cc47ecae2f0d0306f3fc1bfbc13104a99e9fcc093f8c2f05ea479f5a2f966eff_s390x",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:426359cc8df7743269b5083bf218f28189d6a2736872d9afb3909d9e7c1c1861_amd64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:426359cc8df7743269b5083bf218f28189d6a2736872d9afb3909d9e7c1c1861_amd64"
},
"product_reference": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:426359cc8df7743269b5083bf218f28189d6a2736872d9afb3909d9e7c1c1861_amd64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4f684ef7417ede239193b32be628a4e3ede4f238d01c457b0cb5283b4e17dd9c_ppc64le as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4f684ef7417ede239193b32be628a4e3ede4f238d01c457b0cb5283b4e17dd9c_ppc64le"
},
"product_reference": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4f684ef7417ede239193b32be628a4e3ede4f238d01c457b0cb5283b4e17dd9c_ppc64le",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:87e2c30f1b04741775e9b6d73e095585f78bdfd7ea8715cd5fdb1bc65e2bf3ad_arm64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:87e2c30f1b04741775e9b6d73e095585f78bdfd7ea8715cd5fdb1bc65e2bf3ad_arm64"
},
"product_reference": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:87e2c30f1b04741775e9b6d73e095585f78bdfd7ea8715cd5fdb1bc65e2bf3ad_arm64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b324db4dd92975489a8ceba2d72ba694b6731782dece3d5df93297e23881011e_s390x as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b324db4dd92975489a8ceba2d72ba694b6731782dece3d5df93297e23881011e_s390x"
},
"product_reference": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b324db4dd92975489a8ceba2d72ba694b6731782dece3d5df93297e23881011e_s390x",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:193715bff5bd4bc93fbe8b7313225569ab4b2943d8003dd6d29ca74457621e9a_ppc64le as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:193715bff5bd4bc93fbe8b7313225569ab4b2943d8003dd6d29ca74457621e9a_ppc64le"
},
"product_reference": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:193715bff5bd4bc93fbe8b7313225569ab4b2943d8003dd6d29ca74457621e9a_ppc64le",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:71bb8e7d4c7e8f6622e958ec38303f1def3f4d4e36e545ce339dae128a6a4348_s390x as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:71bb8e7d4c7e8f6622e958ec38303f1def3f4d4e36e545ce339dae128a6a4348_s390x"
},
"product_reference": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:71bb8e7d4c7e8f6622e958ec38303f1def3f4d4e36e545ce339dae128a6a4348_s390x",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:9515898ce41f4f53ea69297ab578298ec70e7f4828bb7769a246f41af5cf5851_arm64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:9515898ce41f4f53ea69297ab578298ec70e7f4828bb7769a246f41af5cf5851_arm64"
},
"product_reference": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:9515898ce41f4f53ea69297ab578298ec70e7f4828bb7769a246f41af5cf5851_arm64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a853fb4574549241c758e7736e67641e019c41c557d1f0afb2f054155fb84a55_amd64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a853fb4574549241c758e7736e67641e019c41c557d1f0afb2f054155fb84a55_amd64"
},
"product_reference": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a853fb4574549241c758e7736e67641e019c41c557d1f0afb2f054155fb84a55_amd64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-rhel9@sha256:64d89d0cb1770aa865a932be052bb03c4e4f6bb47dcc6991365b9b25558361b2_amd64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:64d89d0cb1770aa865a932be052bb03c4e4f6bb47dcc6991365b9b25558361b2_amd64"
},
"product_reference": "oadp/oadp-velero-plugin-rhel9@sha256:64d89d0cb1770aa865a932be052bb03c4e4f6bb47dcc6991365b9b25558361b2_amd64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-rhel9@sha256:da2f9dbd22533067dcc2a635a3f2c441cb69a1acb4793fd80b004368dbc0e5ab_s390x as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:da2f9dbd22533067dcc2a635a3f2c441cb69a1acb4793fd80b004368dbc0e5ab_s390x"
},
"product_reference": "oadp/oadp-velero-plugin-rhel9@sha256:da2f9dbd22533067dcc2a635a3f2c441cb69a1acb4793fd80b004368dbc0e5ab_s390x",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-rhel9@sha256:e28ec47df651730661f559629b8b7a33bfc704c69807b1b8280c258152f63b38_ppc64le as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:e28ec47df651730661f559629b8b7a33bfc704c69807b1b8280c258152f63b38_ppc64le"
},
"product_reference": "oadp/oadp-velero-plugin-rhel9@sha256:e28ec47df651730661f559629b8b7a33bfc704c69807b1b8280c258152f63b38_ppc64le",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-rhel9@sha256:f3cca8a8c57093fc128d7731257396dda9ed179890d2f6712ed5834d04973659_arm64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:f3cca8a8c57093fc128d7731257396dda9ed179890d2f6712ed5834d04973659_arm64"
},
"product_reference": "oadp/oadp-velero-plugin-rhel9@sha256:f3cca8a8c57093fc128d7731257396dda9ed179890d2f6712ed5834d04973659_arm64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:172cc60b6553bfe1016150c87a32bf10f0b77237ca009db8d75c8c6497c82653_s390x as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:172cc60b6553bfe1016150c87a32bf10f0b77237ca009db8d75c8c6497c82653_s390x"
},
"product_reference": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:172cc60b6553bfe1016150c87a32bf10f0b77237ca009db8d75c8c6497c82653_s390x",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:4f60326e0beaaeb585eaae1b4a84d3710603372d8b1fcb89a741aef9ebafb71b_amd64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:4f60326e0beaaeb585eaae1b4a84d3710603372d8b1fcb89a741aef9ebafb71b_amd64"
},
"product_reference": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:4f60326e0beaaeb585eaae1b4a84d3710603372d8b1fcb89a741aef9ebafb71b_amd64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d8fe9c10704991d25049ed7358bc188ea858ad16035d5eecdff119f9bda6c541_ppc64le as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d8fe9c10704991d25049ed7358bc188ea858ad16035d5eecdff119f9bda6c541_ppc64le"
},
"product_reference": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d8fe9c10704991d25049ed7358bc188ea858ad16035d5eecdff119f9bda6c541_ppc64le",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:e365760218025d9ce7dd9c5ad2534c4dae757b459749a6d199daae872b83baff_arm64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:e365760218025d9ce7dd9c5ad2534c4dae757b459749a6d199daae872b83baff_arm64"
},
"product_reference": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:e365760218025d9ce7dd9c5ad2534c4dae757b459749a6d199daae872b83baff_arm64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-rhel9@sha256:574b94fa671857552d1a413f84a7c9389543485276e224da4abc991e831ebfe4_s390x as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:574b94fa671857552d1a413f84a7c9389543485276e224da4abc991e831ebfe4_s390x"
},
"product_reference": "oadp/oadp-velero-rhel9@sha256:574b94fa671857552d1a413f84a7c9389543485276e224da4abc991e831ebfe4_s390x",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-rhel9@sha256:898d2f75a55aeea661ed8533b70a65ec430c05cd5aa3f834eaa2502dd7c6c149_ppc64le as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:898d2f75a55aeea661ed8533b70a65ec430c05cd5aa3f834eaa2502dd7c6c149_ppc64le"
},
"product_reference": "oadp/oadp-velero-rhel9@sha256:898d2f75a55aeea661ed8533b70a65ec430c05cd5aa3f834eaa2502dd7c6c149_ppc64le",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-rhel9@sha256:db259445df5ff6a5bd0faa9ed04e2d0efd61a9af703b2d48db1ab9bc115d7abb_arm64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:db259445df5ff6a5bd0faa9ed04e2d0efd61a9af703b2d48db1ab9bc115d7abb_arm64"
},
"product_reference": "oadp/oadp-velero-rhel9@sha256:db259445df5ff6a5bd0faa9ed04e2d0efd61a9af703b2d48db1ab9bc115d7abb_arm64",
"relates_to_product_reference": "9Base-OADP-1.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-rhel9@sha256:dfb0c4c14278e05c9909d3d2dd76bf264008429e769bbbb18a52409fce7f4fce_amd64 as a component of 9Base-OADP-1.3",
"product_id": "9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:dfb0c4c14278e05c9909d3d2dd76bf264008429e769bbbb18a52409fce7f4fce_amd64"
},
"product_reference": "oadp/oadp-velero-rhel9@sha256:dfb0c4c14278e05c9909d3d2dd76bf264008429e769bbbb18a52409fce7f4fce_amd64",
"relates_to_product_reference": "9Base-OADP-1.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-3727",
"cwe": {
"id": "CWE-354",
"name": "Improper Validation of Integrity Check Value"
},
"discovery_date": "2024-04-12T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:2bbe258bd894d2f1a7ae940fb0794e3e2da6d50b92535b02b653eea21e156ec4_s390x",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:6818ab81497735d1ccaebd8814af9104260eb4c5ce484320c19b01d0bc2427d2_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:8caa969bec4ef8787e0ca5530c491ddc91f3d1ed19ff20648e795432c0c50e67_amd64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:d3d9f7acc10c5c86a4651eb6e3d7785d0c3b235c07937508f71cbc3cc71119c6_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:1e0cfc88f7d10b795f69b9328c8decb82cf578f6094a0028e582f643a76615b9_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:1faadcb77447ca04952734f846cd04bbf688ef430b568b7c0fd0b4a9d57944e5_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:550a940f0243123a6ab9c3a2a34b9b8d314850646d3b73baf767ccfb958bc884_s390x",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:96f253071d1ed16b7c858d1c42114691307a2faac72619ee32f5a1ff90db8d17_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:0ca0153fd4b04609f4ba5953de6f3e9e6c7f716324529ec386d741b51deef007_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:753f1a59e04ed4b0d30791122d76065f3773ec3d26c39316655481f7834db982_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:e197d60887b37e7aec407c9872ec545fe73901de58a4803e56630a2918213dca_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:fdd33c1ab911d0b8e38a8358813de8d49f2ff8dec77a5d2ed57e11b81da83562_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:31fae3bc4af8243f6b02235f746b309c5e5eaa6ef3138c1d23cb5add5f3820a0_arm64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:5743d98dca1fd770c100db49d07841ea1aad5f28c85e3ac4d3fe8e4af816a039_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:a7aacf39f3740e328f2c2c91a96d774af8af64a0c22583eff5e4f73310a0a365_ppc64le",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:ae9c1ff570daf3f63b2c0624a83e6e577ee3476f812c149f0a56c67527b6a21a_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:3c3b4a09d8ccd72def3569c0e1f99be0b1ee452ad2db49ce46811fd6d394af89_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:4fcbd1b09c6673f364777d5970867a51e3510c3d8b12513b7807a025e913051d_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:765e3bdb4fc1240d51adb92fcaa72c5e0dd89ca7668eeb7d6e61491c1ec89d6f_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:9d76566fcc91da5abdbc401470ac50e339b4faa5613e9d75f431a1b289b91c3e_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:0c35864cbaa0f6bec4202004641cdff2b130592e2ce8c66f0179abff8b22d065_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:26ecf9b62abd992a138c0efdbac768af2994261506c87f45ef5c484dffcce943_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:2824aa03cdaffe44f21e6f58b57e8cf650cb0e96e15b2fcc987e146678d521ed_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:cc47ecae2f0d0306f3fc1bfbc13104a99e9fcc093f8c2f05ea479f5a2f966eff_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:426359cc8df7743269b5083bf218f28189d6a2736872d9afb3909d9e7c1c1861_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4f684ef7417ede239193b32be628a4e3ede4f238d01c457b0cb5283b4e17dd9c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:87e2c30f1b04741775e9b6d73e095585f78bdfd7ea8715cd5fdb1bc65e2bf3ad_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b324db4dd92975489a8ceba2d72ba694b6731782dece3d5df93297e23881011e_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:193715bff5bd4bc93fbe8b7313225569ab4b2943d8003dd6d29ca74457621e9a_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:71bb8e7d4c7e8f6622e958ec38303f1def3f4d4e36e545ce339dae128a6a4348_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:9515898ce41f4f53ea69297ab578298ec70e7f4828bb7769a246f41af5cf5851_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a853fb4574549241c758e7736e67641e019c41c557d1f0afb2f054155fb84a55_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:172cc60b6553bfe1016150c87a32bf10f0b77237ca009db8d75c8c6497c82653_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:4f60326e0beaaeb585eaae1b4a84d3710603372d8b1fcb89a741aef9ebafb71b_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d8fe9c10704991d25049ed7358bc188ea858ad16035d5eecdff119f9bda6c541_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:e365760218025d9ce7dd9c5ad2534c4dae757b459749a6d199daae872b83baff_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:574b94fa671857552d1a413f84a7c9389543485276e224da4abc991e831ebfe4_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:898d2f75a55aeea661ed8533b70a65ec430c05cd5aa3f834eaa2502dd7c6c149_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:db259445df5ff6a5bd0faa9ed04e2d0efd61a9af703b2d48db1ab9bc115d7abb_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:dfb0c4c14278e05c9909d3d2dd76bf264008429e769bbbb18a52409fce7f4fce_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2274767"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "containers/image: digest type does not guarantee valid type",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Some conditions are necessary for this attack to occur, such as the attacker being able to upload malicious images to the registry and persuade a victim to pull them. Hence, the severity of this flaw was rated as Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:64d89d0cb1770aa865a932be052bb03c4e4f6bb47dcc6991365b9b25558361b2_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:da2f9dbd22533067dcc2a635a3f2c441cb69a1acb4793fd80b004368dbc0e5ab_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:e28ec47df651730661f559629b8b7a33bfc704c69807b1b8280c258152f63b38_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:f3cca8a8c57093fc128d7731257396dda9ed179890d2f6712ed5834d04973659_arm64"
],
"known_not_affected": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:2bbe258bd894d2f1a7ae940fb0794e3e2da6d50b92535b02b653eea21e156ec4_s390x",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:6818ab81497735d1ccaebd8814af9104260eb4c5ce484320c19b01d0bc2427d2_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:8caa969bec4ef8787e0ca5530c491ddc91f3d1ed19ff20648e795432c0c50e67_amd64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:d3d9f7acc10c5c86a4651eb6e3d7785d0c3b235c07937508f71cbc3cc71119c6_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:1e0cfc88f7d10b795f69b9328c8decb82cf578f6094a0028e582f643a76615b9_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:1faadcb77447ca04952734f846cd04bbf688ef430b568b7c0fd0b4a9d57944e5_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:550a940f0243123a6ab9c3a2a34b9b8d314850646d3b73baf767ccfb958bc884_s390x",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:96f253071d1ed16b7c858d1c42114691307a2faac72619ee32f5a1ff90db8d17_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:0ca0153fd4b04609f4ba5953de6f3e9e6c7f716324529ec386d741b51deef007_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:753f1a59e04ed4b0d30791122d76065f3773ec3d26c39316655481f7834db982_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:e197d60887b37e7aec407c9872ec545fe73901de58a4803e56630a2918213dca_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:fdd33c1ab911d0b8e38a8358813de8d49f2ff8dec77a5d2ed57e11b81da83562_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:31fae3bc4af8243f6b02235f746b309c5e5eaa6ef3138c1d23cb5add5f3820a0_arm64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:5743d98dca1fd770c100db49d07841ea1aad5f28c85e3ac4d3fe8e4af816a039_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:a7aacf39f3740e328f2c2c91a96d774af8af64a0c22583eff5e4f73310a0a365_ppc64le",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:ae9c1ff570daf3f63b2c0624a83e6e577ee3476f812c149f0a56c67527b6a21a_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:3c3b4a09d8ccd72def3569c0e1f99be0b1ee452ad2db49ce46811fd6d394af89_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:4fcbd1b09c6673f364777d5970867a51e3510c3d8b12513b7807a025e913051d_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:765e3bdb4fc1240d51adb92fcaa72c5e0dd89ca7668eeb7d6e61491c1ec89d6f_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:9d76566fcc91da5abdbc401470ac50e339b4faa5613e9d75f431a1b289b91c3e_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:0c35864cbaa0f6bec4202004641cdff2b130592e2ce8c66f0179abff8b22d065_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:26ecf9b62abd992a138c0efdbac768af2994261506c87f45ef5c484dffcce943_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:2824aa03cdaffe44f21e6f58b57e8cf650cb0e96e15b2fcc987e146678d521ed_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:cc47ecae2f0d0306f3fc1bfbc13104a99e9fcc093f8c2f05ea479f5a2f966eff_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:426359cc8df7743269b5083bf218f28189d6a2736872d9afb3909d9e7c1c1861_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4f684ef7417ede239193b32be628a4e3ede4f238d01c457b0cb5283b4e17dd9c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:87e2c30f1b04741775e9b6d73e095585f78bdfd7ea8715cd5fdb1bc65e2bf3ad_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b324db4dd92975489a8ceba2d72ba694b6731782dece3d5df93297e23881011e_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:193715bff5bd4bc93fbe8b7313225569ab4b2943d8003dd6d29ca74457621e9a_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:71bb8e7d4c7e8f6622e958ec38303f1def3f4d4e36e545ce339dae128a6a4348_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:9515898ce41f4f53ea69297ab578298ec70e7f4828bb7769a246f41af5cf5851_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a853fb4574549241c758e7736e67641e019c41c557d1f0afb2f054155fb84a55_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:172cc60b6553bfe1016150c87a32bf10f0b77237ca009db8d75c8c6497c82653_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:4f60326e0beaaeb585eaae1b4a84d3710603372d8b1fcb89a741aef9ebafb71b_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d8fe9c10704991d25049ed7358bc188ea858ad16035d5eecdff119f9bda6c541_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:e365760218025d9ce7dd9c5ad2534c4dae757b459749a6d199daae872b83baff_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:574b94fa671857552d1a413f84a7c9389543485276e224da4abc991e831ebfe4_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:898d2f75a55aeea661ed8533b70a65ec430c05cd5aa3f834eaa2502dd7c6c149_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:db259445df5ff6a5bd0faa9ed04e2d0efd61a9af703b2d48db1ab9bc115d7abb_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:dfb0c4c14278e05c9909d3d2dd76bf264008429e769bbbb18a52409fce7f4fce_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-3727"
},
{
"category": "external",
"summary": "RHBZ#2274767",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2274767"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-3727",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3727"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-3727",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-3727"
}
],
"release_date": "2024-05-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-19T01:54:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:64d89d0cb1770aa865a932be052bb03c4e4f6bb47dcc6991365b9b25558361b2_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:da2f9dbd22533067dcc2a635a3f2c441cb69a1acb4793fd80b004368dbc0e5ab_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:e28ec47df651730661f559629b8b7a33bfc704c69807b1b8280c258152f63b38_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:f3cca8a8c57093fc128d7731257396dda9ed179890d2f6712ed5834d04973659_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:9960"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:2bbe258bd894d2f1a7ae940fb0794e3e2da6d50b92535b02b653eea21e156ec4_s390x",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:6818ab81497735d1ccaebd8814af9104260eb4c5ce484320c19b01d0bc2427d2_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:8caa969bec4ef8787e0ca5530c491ddc91f3d1ed19ff20648e795432c0c50e67_amd64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:d3d9f7acc10c5c86a4651eb6e3d7785d0c3b235c07937508f71cbc3cc71119c6_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:1e0cfc88f7d10b795f69b9328c8decb82cf578f6094a0028e582f643a76615b9_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:1faadcb77447ca04952734f846cd04bbf688ef430b568b7c0fd0b4a9d57944e5_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:550a940f0243123a6ab9c3a2a34b9b8d314850646d3b73baf767ccfb958bc884_s390x",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:96f253071d1ed16b7c858d1c42114691307a2faac72619ee32f5a1ff90db8d17_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:0ca0153fd4b04609f4ba5953de6f3e9e6c7f716324529ec386d741b51deef007_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:753f1a59e04ed4b0d30791122d76065f3773ec3d26c39316655481f7834db982_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:e197d60887b37e7aec407c9872ec545fe73901de58a4803e56630a2918213dca_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:fdd33c1ab911d0b8e38a8358813de8d49f2ff8dec77a5d2ed57e11b81da83562_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:31fae3bc4af8243f6b02235f746b309c5e5eaa6ef3138c1d23cb5add5f3820a0_arm64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:5743d98dca1fd770c100db49d07841ea1aad5f28c85e3ac4d3fe8e4af816a039_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:a7aacf39f3740e328f2c2c91a96d774af8af64a0c22583eff5e4f73310a0a365_ppc64le",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:ae9c1ff570daf3f63b2c0624a83e6e577ee3476f812c149f0a56c67527b6a21a_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:3c3b4a09d8ccd72def3569c0e1f99be0b1ee452ad2db49ce46811fd6d394af89_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:4fcbd1b09c6673f364777d5970867a51e3510c3d8b12513b7807a025e913051d_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:765e3bdb4fc1240d51adb92fcaa72c5e0dd89ca7668eeb7d6e61491c1ec89d6f_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:9d76566fcc91da5abdbc401470ac50e339b4faa5613e9d75f431a1b289b91c3e_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:0c35864cbaa0f6bec4202004641cdff2b130592e2ce8c66f0179abff8b22d065_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:26ecf9b62abd992a138c0efdbac768af2994261506c87f45ef5c484dffcce943_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:2824aa03cdaffe44f21e6f58b57e8cf650cb0e96e15b2fcc987e146678d521ed_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:cc47ecae2f0d0306f3fc1bfbc13104a99e9fcc093f8c2f05ea479f5a2f966eff_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:426359cc8df7743269b5083bf218f28189d6a2736872d9afb3909d9e7c1c1861_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4f684ef7417ede239193b32be628a4e3ede4f238d01c457b0cb5283b4e17dd9c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:87e2c30f1b04741775e9b6d73e095585f78bdfd7ea8715cd5fdb1bc65e2bf3ad_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b324db4dd92975489a8ceba2d72ba694b6731782dece3d5df93297e23881011e_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:193715bff5bd4bc93fbe8b7313225569ab4b2943d8003dd6d29ca74457621e9a_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:71bb8e7d4c7e8f6622e958ec38303f1def3f4d4e36e545ce339dae128a6a4348_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:9515898ce41f4f53ea69297ab578298ec70e7f4828bb7769a246f41af5cf5851_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a853fb4574549241c758e7736e67641e019c41c557d1f0afb2f054155fb84a55_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:64d89d0cb1770aa865a932be052bb03c4e4f6bb47dcc6991365b9b25558361b2_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:da2f9dbd22533067dcc2a635a3f2c441cb69a1acb4793fd80b004368dbc0e5ab_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:e28ec47df651730661f559629b8b7a33bfc704c69807b1b8280c258152f63b38_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:f3cca8a8c57093fc128d7731257396dda9ed179890d2f6712ed5834d04973659_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:172cc60b6553bfe1016150c87a32bf10f0b77237ca009db8d75c8c6497c82653_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:4f60326e0beaaeb585eaae1b4a84d3710603372d8b1fcb89a741aef9ebafb71b_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d8fe9c10704991d25049ed7358bc188ea858ad16035d5eecdff119f9bda6c541_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:e365760218025d9ce7dd9c5ad2534c4dae757b459749a6d199daae872b83baff_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:574b94fa671857552d1a413f84a7c9389543485276e224da4abc991e831ebfe4_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:898d2f75a55aeea661ed8533b70a65ec430c05cd5aa3f834eaa2502dd7c6c149_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:db259445df5ff6a5bd0faa9ed04e2d0efd61a9af703b2d48db1ab9bc115d7abb_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:dfb0c4c14278e05c9909d3d2dd76bf264008429e769bbbb18a52409fce7f4fce_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "containers/image: digest type does not guarantee valid type"
},
{
"cve": "CVE-2024-24791",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2024-07-02T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:2bbe258bd894d2f1a7ae940fb0794e3e2da6d50b92535b02b653eea21e156ec4_s390x",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:6818ab81497735d1ccaebd8814af9104260eb4c5ce484320c19b01d0bc2427d2_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:8caa969bec4ef8787e0ca5530c491ddc91f3d1ed19ff20648e795432c0c50e67_amd64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:d3d9f7acc10c5c86a4651eb6e3d7785d0c3b235c07937508f71cbc3cc71119c6_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:1e0cfc88f7d10b795f69b9328c8decb82cf578f6094a0028e582f643a76615b9_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:1faadcb77447ca04952734f846cd04bbf688ef430b568b7c0fd0b4a9d57944e5_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:550a940f0243123a6ab9c3a2a34b9b8d314850646d3b73baf767ccfb958bc884_s390x",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:96f253071d1ed16b7c858d1c42114691307a2faac72619ee32f5a1ff90db8d17_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:0ca0153fd4b04609f4ba5953de6f3e9e6c7f716324529ec386d741b51deef007_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:753f1a59e04ed4b0d30791122d76065f3773ec3d26c39316655481f7834db982_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:e197d60887b37e7aec407c9872ec545fe73901de58a4803e56630a2918213dca_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:fdd33c1ab911d0b8e38a8358813de8d49f2ff8dec77a5d2ed57e11b81da83562_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:31fae3bc4af8243f6b02235f746b309c5e5eaa6ef3138c1d23cb5add5f3820a0_arm64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:5743d98dca1fd770c100db49d07841ea1aad5f28c85e3ac4d3fe8e4af816a039_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:a7aacf39f3740e328f2c2c91a96d774af8af64a0c22583eff5e4f73310a0a365_ppc64le",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:ae9c1ff570daf3f63b2c0624a83e6e577ee3476f812c149f0a56c67527b6a21a_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:3c3b4a09d8ccd72def3569c0e1f99be0b1ee452ad2db49ce46811fd6d394af89_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:4fcbd1b09c6673f364777d5970867a51e3510c3d8b12513b7807a025e913051d_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:765e3bdb4fc1240d51adb92fcaa72c5e0dd89ca7668eeb7d6e61491c1ec89d6f_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:9d76566fcc91da5abdbc401470ac50e339b4faa5613e9d75f431a1b289b91c3e_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:0c35864cbaa0f6bec4202004641cdff2b130592e2ce8c66f0179abff8b22d065_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:26ecf9b62abd992a138c0efdbac768af2994261506c87f45ef5c484dffcce943_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:2824aa03cdaffe44f21e6f58b57e8cf650cb0e96e15b2fcc987e146678d521ed_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:cc47ecae2f0d0306f3fc1bfbc13104a99e9fcc093f8c2f05ea479f5a2f966eff_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:426359cc8df7743269b5083bf218f28189d6a2736872d9afb3909d9e7c1c1861_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4f684ef7417ede239193b32be628a4e3ede4f238d01c457b0cb5283b4e17dd9c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:87e2c30f1b04741775e9b6d73e095585f78bdfd7ea8715cd5fdb1bc65e2bf3ad_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b324db4dd92975489a8ceba2d72ba694b6731782dece3d5df93297e23881011e_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:193715bff5bd4bc93fbe8b7313225569ab4b2943d8003dd6d29ca74457621e9a_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:71bb8e7d4c7e8f6622e958ec38303f1def3f4d4e36e545ce339dae128a6a4348_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:9515898ce41f4f53ea69297ab578298ec70e7f4828bb7769a246f41af5cf5851_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a853fb4574549241c758e7736e67641e019c41c557d1f0afb2f054155fb84a55_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:64d89d0cb1770aa865a932be052bb03c4e4f6bb47dcc6991365b9b25558361b2_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:da2f9dbd22533067dcc2a635a3f2c441cb69a1acb4793fd80b004368dbc0e5ab_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:e28ec47df651730661f559629b8b7a33bfc704c69807b1b8280c258152f63b38_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:f3cca8a8c57093fc128d7731257396dda9ed179890d2f6712ed5834d04973659_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:172cc60b6553bfe1016150c87a32bf10f0b77237ca009db8d75c8c6497c82653_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:4f60326e0beaaeb585eaae1b4a84d3710603372d8b1fcb89a741aef9ebafb71b_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d8fe9c10704991d25049ed7358bc188ea858ad16035d5eecdff119f9bda6c541_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:e365760218025d9ce7dd9c5ad2534c4dae757b459749a6d199daae872b83baff_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2295310"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go. The net/http module mishandles specific server responses from HTTP/1.1 client requests. This issue may render a connection invalid and cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/http: Denial of service due to improper 100-continue handling in net/http",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "An attacker would need to control a malicious server and induce a client to connect to it, requiring some amount of preparation outside of the attacker\u0027s control. This reduces the severity score of this flaw to Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:574b94fa671857552d1a413f84a7c9389543485276e224da4abc991e831ebfe4_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:898d2f75a55aeea661ed8533b70a65ec430c05cd5aa3f834eaa2502dd7c6c149_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:db259445df5ff6a5bd0faa9ed04e2d0efd61a9af703b2d48db1ab9bc115d7abb_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:dfb0c4c14278e05c9909d3d2dd76bf264008429e769bbbb18a52409fce7f4fce_amd64"
],
"known_not_affected": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:2bbe258bd894d2f1a7ae940fb0794e3e2da6d50b92535b02b653eea21e156ec4_s390x",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:6818ab81497735d1ccaebd8814af9104260eb4c5ce484320c19b01d0bc2427d2_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:8caa969bec4ef8787e0ca5530c491ddc91f3d1ed19ff20648e795432c0c50e67_amd64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:d3d9f7acc10c5c86a4651eb6e3d7785d0c3b235c07937508f71cbc3cc71119c6_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:1e0cfc88f7d10b795f69b9328c8decb82cf578f6094a0028e582f643a76615b9_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:1faadcb77447ca04952734f846cd04bbf688ef430b568b7c0fd0b4a9d57944e5_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:550a940f0243123a6ab9c3a2a34b9b8d314850646d3b73baf767ccfb958bc884_s390x",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:96f253071d1ed16b7c858d1c42114691307a2faac72619ee32f5a1ff90db8d17_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:0ca0153fd4b04609f4ba5953de6f3e9e6c7f716324529ec386d741b51deef007_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:753f1a59e04ed4b0d30791122d76065f3773ec3d26c39316655481f7834db982_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:e197d60887b37e7aec407c9872ec545fe73901de58a4803e56630a2918213dca_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:fdd33c1ab911d0b8e38a8358813de8d49f2ff8dec77a5d2ed57e11b81da83562_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:31fae3bc4af8243f6b02235f746b309c5e5eaa6ef3138c1d23cb5add5f3820a0_arm64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:5743d98dca1fd770c100db49d07841ea1aad5f28c85e3ac4d3fe8e4af816a039_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:a7aacf39f3740e328f2c2c91a96d774af8af64a0c22583eff5e4f73310a0a365_ppc64le",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:ae9c1ff570daf3f63b2c0624a83e6e577ee3476f812c149f0a56c67527b6a21a_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:3c3b4a09d8ccd72def3569c0e1f99be0b1ee452ad2db49ce46811fd6d394af89_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:4fcbd1b09c6673f364777d5970867a51e3510c3d8b12513b7807a025e913051d_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:765e3bdb4fc1240d51adb92fcaa72c5e0dd89ca7668eeb7d6e61491c1ec89d6f_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:9d76566fcc91da5abdbc401470ac50e339b4faa5613e9d75f431a1b289b91c3e_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:0c35864cbaa0f6bec4202004641cdff2b130592e2ce8c66f0179abff8b22d065_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:26ecf9b62abd992a138c0efdbac768af2994261506c87f45ef5c484dffcce943_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:2824aa03cdaffe44f21e6f58b57e8cf650cb0e96e15b2fcc987e146678d521ed_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:cc47ecae2f0d0306f3fc1bfbc13104a99e9fcc093f8c2f05ea479f5a2f966eff_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:426359cc8df7743269b5083bf218f28189d6a2736872d9afb3909d9e7c1c1861_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4f684ef7417ede239193b32be628a4e3ede4f238d01c457b0cb5283b4e17dd9c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:87e2c30f1b04741775e9b6d73e095585f78bdfd7ea8715cd5fdb1bc65e2bf3ad_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b324db4dd92975489a8ceba2d72ba694b6731782dece3d5df93297e23881011e_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:193715bff5bd4bc93fbe8b7313225569ab4b2943d8003dd6d29ca74457621e9a_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:71bb8e7d4c7e8f6622e958ec38303f1def3f4d4e36e545ce339dae128a6a4348_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:9515898ce41f4f53ea69297ab578298ec70e7f4828bb7769a246f41af5cf5851_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a853fb4574549241c758e7736e67641e019c41c557d1f0afb2f054155fb84a55_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:64d89d0cb1770aa865a932be052bb03c4e4f6bb47dcc6991365b9b25558361b2_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:da2f9dbd22533067dcc2a635a3f2c441cb69a1acb4793fd80b004368dbc0e5ab_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:e28ec47df651730661f559629b8b7a33bfc704c69807b1b8280c258152f63b38_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:f3cca8a8c57093fc128d7731257396dda9ed179890d2f6712ed5834d04973659_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:172cc60b6553bfe1016150c87a32bf10f0b77237ca009db8d75c8c6497c82653_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:4f60326e0beaaeb585eaae1b4a84d3710603372d8b1fcb89a741aef9ebafb71b_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d8fe9c10704991d25049ed7358bc188ea858ad16035d5eecdff119f9bda6c541_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:e365760218025d9ce7dd9c5ad2534c4dae757b459749a6d199daae872b83baff_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-24791"
},
{
"category": "external",
"summary": "RHBZ#2295310",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295310"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-24791",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24791"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24791",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24791"
},
{
"category": "external",
"summary": "https://go.dev/cl/591255",
"url": "https://go.dev/cl/591255"
},
{
"category": "external",
"summary": "https://go.dev/issue/67555",
"url": "https://go.dev/issue/67555"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ",
"url": "https://groups.google.com/g/golang-dev/c/t0rK-qHBqzY/m/6MMoAZkMAgAJ"
}
],
"release_date": "2024-07-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-19T01:54:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:574b94fa671857552d1a413f84a7c9389543485276e224da4abc991e831ebfe4_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:898d2f75a55aeea661ed8533b70a65ec430c05cd5aa3f834eaa2502dd7c6c149_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:db259445df5ff6a5bd0faa9ed04e2d0efd61a9af703b2d48db1ab9bc115d7abb_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:dfb0c4c14278e05c9909d3d2dd76bf264008429e769bbbb18a52409fce7f4fce_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:9960"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:2bbe258bd894d2f1a7ae940fb0794e3e2da6d50b92535b02b653eea21e156ec4_s390x",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:6818ab81497735d1ccaebd8814af9104260eb4c5ce484320c19b01d0bc2427d2_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:8caa969bec4ef8787e0ca5530c491ddc91f3d1ed19ff20648e795432c0c50e67_amd64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:d3d9f7acc10c5c86a4651eb6e3d7785d0c3b235c07937508f71cbc3cc71119c6_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:1e0cfc88f7d10b795f69b9328c8decb82cf578f6094a0028e582f643a76615b9_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:1faadcb77447ca04952734f846cd04bbf688ef430b568b7c0fd0b4a9d57944e5_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:550a940f0243123a6ab9c3a2a34b9b8d314850646d3b73baf767ccfb958bc884_s390x",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:96f253071d1ed16b7c858d1c42114691307a2faac72619ee32f5a1ff90db8d17_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:0ca0153fd4b04609f4ba5953de6f3e9e6c7f716324529ec386d741b51deef007_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:753f1a59e04ed4b0d30791122d76065f3773ec3d26c39316655481f7834db982_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:e197d60887b37e7aec407c9872ec545fe73901de58a4803e56630a2918213dca_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:fdd33c1ab911d0b8e38a8358813de8d49f2ff8dec77a5d2ed57e11b81da83562_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:31fae3bc4af8243f6b02235f746b309c5e5eaa6ef3138c1d23cb5add5f3820a0_arm64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:5743d98dca1fd770c100db49d07841ea1aad5f28c85e3ac4d3fe8e4af816a039_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:a7aacf39f3740e328f2c2c91a96d774af8af64a0c22583eff5e4f73310a0a365_ppc64le",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:ae9c1ff570daf3f63b2c0624a83e6e577ee3476f812c149f0a56c67527b6a21a_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:3c3b4a09d8ccd72def3569c0e1f99be0b1ee452ad2db49ce46811fd6d394af89_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:4fcbd1b09c6673f364777d5970867a51e3510c3d8b12513b7807a025e913051d_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:765e3bdb4fc1240d51adb92fcaa72c5e0dd89ca7668eeb7d6e61491c1ec89d6f_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:9d76566fcc91da5abdbc401470ac50e339b4faa5613e9d75f431a1b289b91c3e_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:0c35864cbaa0f6bec4202004641cdff2b130592e2ce8c66f0179abff8b22d065_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:26ecf9b62abd992a138c0efdbac768af2994261506c87f45ef5c484dffcce943_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:2824aa03cdaffe44f21e6f58b57e8cf650cb0e96e15b2fcc987e146678d521ed_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:cc47ecae2f0d0306f3fc1bfbc13104a99e9fcc093f8c2f05ea479f5a2f966eff_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:426359cc8df7743269b5083bf218f28189d6a2736872d9afb3909d9e7c1c1861_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4f684ef7417ede239193b32be628a4e3ede4f238d01c457b0cb5283b4e17dd9c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:87e2c30f1b04741775e9b6d73e095585f78bdfd7ea8715cd5fdb1bc65e2bf3ad_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b324db4dd92975489a8ceba2d72ba694b6731782dece3d5df93297e23881011e_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:193715bff5bd4bc93fbe8b7313225569ab4b2943d8003dd6d29ca74457621e9a_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:71bb8e7d4c7e8f6622e958ec38303f1def3f4d4e36e545ce339dae128a6a4348_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:9515898ce41f4f53ea69297ab578298ec70e7f4828bb7769a246f41af5cf5851_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a853fb4574549241c758e7736e67641e019c41c557d1f0afb2f054155fb84a55_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:64d89d0cb1770aa865a932be052bb03c4e4f6bb47dcc6991365b9b25558361b2_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:da2f9dbd22533067dcc2a635a3f2c441cb69a1acb4793fd80b004368dbc0e5ab_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:e28ec47df651730661f559629b8b7a33bfc704c69807b1b8280c258152f63b38_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:f3cca8a8c57093fc128d7731257396dda9ed179890d2f6712ed5834d04973659_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:172cc60b6553bfe1016150c87a32bf10f0b77237ca009db8d75c8c6497c82653_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:4f60326e0beaaeb585eaae1b4a84d3710603372d8b1fcb89a741aef9ebafb71b_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d8fe9c10704991d25049ed7358bc188ea858ad16035d5eecdff119f9bda6c541_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:e365760218025d9ce7dd9c5ad2534c4dae757b459749a6d199daae872b83baff_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:574b94fa671857552d1a413f84a7c9389543485276e224da4abc991e831ebfe4_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:898d2f75a55aeea661ed8533b70a65ec430c05cd5aa3f834eaa2502dd7c6c149_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:db259445df5ff6a5bd0faa9ed04e2d0efd61a9af703b2d48db1ab9bc115d7abb_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:dfb0c4c14278e05c9909d3d2dd76bf264008429e769bbbb18a52409fce7f4fce_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:2bbe258bd894d2f1a7ae940fb0794e3e2da6d50b92535b02b653eea21e156ec4_s390x",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:6818ab81497735d1ccaebd8814af9104260eb4c5ce484320c19b01d0bc2427d2_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:8caa969bec4ef8787e0ca5530c491ddc91f3d1ed19ff20648e795432c0c50e67_amd64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:d3d9f7acc10c5c86a4651eb6e3d7785d0c3b235c07937508f71cbc3cc71119c6_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:1e0cfc88f7d10b795f69b9328c8decb82cf578f6094a0028e582f643a76615b9_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:1faadcb77447ca04952734f846cd04bbf688ef430b568b7c0fd0b4a9d57944e5_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:550a940f0243123a6ab9c3a2a34b9b8d314850646d3b73baf767ccfb958bc884_s390x",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:96f253071d1ed16b7c858d1c42114691307a2faac72619ee32f5a1ff90db8d17_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:0ca0153fd4b04609f4ba5953de6f3e9e6c7f716324529ec386d741b51deef007_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:753f1a59e04ed4b0d30791122d76065f3773ec3d26c39316655481f7834db982_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:e197d60887b37e7aec407c9872ec545fe73901de58a4803e56630a2918213dca_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:fdd33c1ab911d0b8e38a8358813de8d49f2ff8dec77a5d2ed57e11b81da83562_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:31fae3bc4af8243f6b02235f746b309c5e5eaa6ef3138c1d23cb5add5f3820a0_arm64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:5743d98dca1fd770c100db49d07841ea1aad5f28c85e3ac4d3fe8e4af816a039_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:a7aacf39f3740e328f2c2c91a96d774af8af64a0c22583eff5e4f73310a0a365_ppc64le",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:ae9c1ff570daf3f63b2c0624a83e6e577ee3476f812c149f0a56c67527b6a21a_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:3c3b4a09d8ccd72def3569c0e1f99be0b1ee452ad2db49ce46811fd6d394af89_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:4fcbd1b09c6673f364777d5970867a51e3510c3d8b12513b7807a025e913051d_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:765e3bdb4fc1240d51adb92fcaa72c5e0dd89ca7668eeb7d6e61491c1ec89d6f_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:9d76566fcc91da5abdbc401470ac50e339b4faa5613e9d75f431a1b289b91c3e_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:0c35864cbaa0f6bec4202004641cdff2b130592e2ce8c66f0179abff8b22d065_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:26ecf9b62abd992a138c0efdbac768af2994261506c87f45ef5c484dffcce943_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:2824aa03cdaffe44f21e6f58b57e8cf650cb0e96e15b2fcc987e146678d521ed_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:cc47ecae2f0d0306f3fc1bfbc13104a99e9fcc093f8c2f05ea479f5a2f966eff_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:426359cc8df7743269b5083bf218f28189d6a2736872d9afb3909d9e7c1c1861_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4f684ef7417ede239193b32be628a4e3ede4f238d01c457b0cb5283b4e17dd9c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:87e2c30f1b04741775e9b6d73e095585f78bdfd7ea8715cd5fdb1bc65e2bf3ad_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b324db4dd92975489a8ceba2d72ba694b6731782dece3d5df93297e23881011e_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:193715bff5bd4bc93fbe8b7313225569ab4b2943d8003dd6d29ca74457621e9a_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:71bb8e7d4c7e8f6622e958ec38303f1def3f4d4e36e545ce339dae128a6a4348_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:9515898ce41f4f53ea69297ab578298ec70e7f4828bb7769a246f41af5cf5851_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a853fb4574549241c758e7736e67641e019c41c557d1f0afb2f054155fb84a55_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:64d89d0cb1770aa865a932be052bb03c4e4f6bb47dcc6991365b9b25558361b2_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:da2f9dbd22533067dcc2a635a3f2c441cb69a1acb4793fd80b004368dbc0e5ab_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:e28ec47df651730661f559629b8b7a33bfc704c69807b1b8280c258152f63b38_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:f3cca8a8c57093fc128d7731257396dda9ed179890d2f6712ed5834d04973659_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:172cc60b6553bfe1016150c87a32bf10f0b77237ca009db8d75c8c6497c82653_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:4f60326e0beaaeb585eaae1b4a84d3710603372d8b1fcb89a741aef9ebafb71b_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d8fe9c10704991d25049ed7358bc188ea858ad16035d5eecdff119f9bda6c541_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:e365760218025d9ce7dd9c5ad2534c4dae757b459749a6d199daae872b83baff_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:574b94fa671857552d1a413f84a7c9389543485276e224da4abc991e831ebfe4_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:898d2f75a55aeea661ed8533b70a65ec430c05cd5aa3f834eaa2502dd7c6c149_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:db259445df5ff6a5bd0faa9ed04e2d0efd61a9af703b2d48db1ab9bc115d7abb_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:dfb0c4c14278e05c9909d3d2dd76bf264008429e769bbbb18a52409fce7f4fce_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "net/http: Denial of service due to improper 100-continue handling in net/http"
},
{
"cve": "CVE-2024-34155",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2024-09-06T21:20:06.929766+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:2bbe258bd894d2f1a7ae940fb0794e3e2da6d50b92535b02b653eea21e156ec4_s390x",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:6818ab81497735d1ccaebd8814af9104260eb4c5ce484320c19b01d0bc2427d2_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:8caa969bec4ef8787e0ca5530c491ddc91f3d1ed19ff20648e795432c0c50e67_amd64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:d3d9f7acc10c5c86a4651eb6e3d7785d0c3b235c07937508f71cbc3cc71119c6_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:1e0cfc88f7d10b795f69b9328c8decb82cf578f6094a0028e582f643a76615b9_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:1faadcb77447ca04952734f846cd04bbf688ef430b568b7c0fd0b4a9d57944e5_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:550a940f0243123a6ab9c3a2a34b9b8d314850646d3b73baf767ccfb958bc884_s390x",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:96f253071d1ed16b7c858d1c42114691307a2faac72619ee32f5a1ff90db8d17_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:0ca0153fd4b04609f4ba5953de6f3e9e6c7f716324529ec386d741b51deef007_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:753f1a59e04ed4b0d30791122d76065f3773ec3d26c39316655481f7834db982_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:e197d60887b37e7aec407c9872ec545fe73901de58a4803e56630a2918213dca_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:fdd33c1ab911d0b8e38a8358813de8d49f2ff8dec77a5d2ed57e11b81da83562_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:31fae3bc4af8243f6b02235f746b309c5e5eaa6ef3138c1d23cb5add5f3820a0_arm64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:5743d98dca1fd770c100db49d07841ea1aad5f28c85e3ac4d3fe8e4af816a039_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:a7aacf39f3740e328f2c2c91a96d774af8af64a0c22583eff5e4f73310a0a365_ppc64le",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:ae9c1ff570daf3f63b2c0624a83e6e577ee3476f812c149f0a56c67527b6a21a_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:3c3b4a09d8ccd72def3569c0e1f99be0b1ee452ad2db49ce46811fd6d394af89_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:4fcbd1b09c6673f364777d5970867a51e3510c3d8b12513b7807a025e913051d_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:765e3bdb4fc1240d51adb92fcaa72c5e0dd89ca7668eeb7d6e61491c1ec89d6f_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:9d76566fcc91da5abdbc401470ac50e339b4faa5613e9d75f431a1b289b91c3e_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:0c35864cbaa0f6bec4202004641cdff2b130592e2ce8c66f0179abff8b22d065_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:26ecf9b62abd992a138c0efdbac768af2994261506c87f45ef5c484dffcce943_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:2824aa03cdaffe44f21e6f58b57e8cf650cb0e96e15b2fcc987e146678d521ed_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:cc47ecae2f0d0306f3fc1bfbc13104a99e9fcc093f8c2f05ea479f5a2f966eff_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:426359cc8df7743269b5083bf218f28189d6a2736872d9afb3909d9e7c1c1861_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4f684ef7417ede239193b32be628a4e3ede4f238d01c457b0cb5283b4e17dd9c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:87e2c30f1b04741775e9b6d73e095585f78bdfd7ea8715cd5fdb1bc65e2bf3ad_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b324db4dd92975489a8ceba2d72ba694b6731782dece3d5df93297e23881011e_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:193715bff5bd4bc93fbe8b7313225569ab4b2943d8003dd6d29ca74457621e9a_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:71bb8e7d4c7e8f6622e958ec38303f1def3f4d4e36e545ce339dae128a6a4348_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:9515898ce41f4f53ea69297ab578298ec70e7f4828bb7769a246f41af5cf5851_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a853fb4574549241c758e7736e67641e019c41c557d1f0afb2f054155fb84a55_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:64d89d0cb1770aa865a932be052bb03c4e4f6bb47dcc6991365b9b25558361b2_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:da2f9dbd22533067dcc2a635a3f2c441cb69a1acb4793fd80b004368dbc0e5ab_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:e28ec47df651730661f559629b8b7a33bfc704c69807b1b8280c258152f63b38_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:f3cca8a8c57093fc128d7731257396dda9ed179890d2f6712ed5834d04973659_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:172cc60b6553bfe1016150c87a32bf10f0b77237ca009db8d75c8c6497c82653_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:4f60326e0beaaeb585eaae1b4a84d3710603372d8b1fcb89a741aef9ebafb71b_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d8fe9c10704991d25049ed7358bc188ea858ad16035d5eecdff119f9bda6c541_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:e365760218025d9ce7dd9c5ad2534c4dae757b459749a6d199daae872b83baff_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310527"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the go/parser package of the Golang standard library. Calling any Parse functions on Go source code containing deeply nested literals can cause a panic due to stack exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:574b94fa671857552d1a413f84a7c9389543485276e224da4abc991e831ebfe4_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:898d2f75a55aeea661ed8533b70a65ec430c05cd5aa3f834eaa2502dd7c6c149_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:db259445df5ff6a5bd0faa9ed04e2d0efd61a9af703b2d48db1ab9bc115d7abb_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:dfb0c4c14278e05c9909d3d2dd76bf264008429e769bbbb18a52409fce7f4fce_amd64"
],
"known_not_affected": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:2bbe258bd894d2f1a7ae940fb0794e3e2da6d50b92535b02b653eea21e156ec4_s390x",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:6818ab81497735d1ccaebd8814af9104260eb4c5ce484320c19b01d0bc2427d2_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:8caa969bec4ef8787e0ca5530c491ddc91f3d1ed19ff20648e795432c0c50e67_amd64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:d3d9f7acc10c5c86a4651eb6e3d7785d0c3b235c07937508f71cbc3cc71119c6_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:1e0cfc88f7d10b795f69b9328c8decb82cf578f6094a0028e582f643a76615b9_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:1faadcb77447ca04952734f846cd04bbf688ef430b568b7c0fd0b4a9d57944e5_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:550a940f0243123a6ab9c3a2a34b9b8d314850646d3b73baf767ccfb958bc884_s390x",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:96f253071d1ed16b7c858d1c42114691307a2faac72619ee32f5a1ff90db8d17_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:0ca0153fd4b04609f4ba5953de6f3e9e6c7f716324529ec386d741b51deef007_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:753f1a59e04ed4b0d30791122d76065f3773ec3d26c39316655481f7834db982_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:e197d60887b37e7aec407c9872ec545fe73901de58a4803e56630a2918213dca_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:fdd33c1ab911d0b8e38a8358813de8d49f2ff8dec77a5d2ed57e11b81da83562_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:31fae3bc4af8243f6b02235f746b309c5e5eaa6ef3138c1d23cb5add5f3820a0_arm64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:5743d98dca1fd770c100db49d07841ea1aad5f28c85e3ac4d3fe8e4af816a039_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:a7aacf39f3740e328f2c2c91a96d774af8af64a0c22583eff5e4f73310a0a365_ppc64le",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:ae9c1ff570daf3f63b2c0624a83e6e577ee3476f812c149f0a56c67527b6a21a_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:3c3b4a09d8ccd72def3569c0e1f99be0b1ee452ad2db49ce46811fd6d394af89_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:4fcbd1b09c6673f364777d5970867a51e3510c3d8b12513b7807a025e913051d_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:765e3bdb4fc1240d51adb92fcaa72c5e0dd89ca7668eeb7d6e61491c1ec89d6f_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:9d76566fcc91da5abdbc401470ac50e339b4faa5613e9d75f431a1b289b91c3e_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:0c35864cbaa0f6bec4202004641cdff2b130592e2ce8c66f0179abff8b22d065_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:26ecf9b62abd992a138c0efdbac768af2994261506c87f45ef5c484dffcce943_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:2824aa03cdaffe44f21e6f58b57e8cf650cb0e96e15b2fcc987e146678d521ed_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:cc47ecae2f0d0306f3fc1bfbc13104a99e9fcc093f8c2f05ea479f5a2f966eff_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:426359cc8df7743269b5083bf218f28189d6a2736872d9afb3909d9e7c1c1861_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4f684ef7417ede239193b32be628a4e3ede4f238d01c457b0cb5283b4e17dd9c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:87e2c30f1b04741775e9b6d73e095585f78bdfd7ea8715cd5fdb1bc65e2bf3ad_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b324db4dd92975489a8ceba2d72ba694b6731782dece3d5df93297e23881011e_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:193715bff5bd4bc93fbe8b7313225569ab4b2943d8003dd6d29ca74457621e9a_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:71bb8e7d4c7e8f6622e958ec38303f1def3f4d4e36e545ce339dae128a6a4348_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:9515898ce41f4f53ea69297ab578298ec70e7f4828bb7769a246f41af5cf5851_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a853fb4574549241c758e7736e67641e019c41c557d1f0afb2f054155fb84a55_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:64d89d0cb1770aa865a932be052bb03c4e4f6bb47dcc6991365b9b25558361b2_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:da2f9dbd22533067dcc2a635a3f2c441cb69a1acb4793fd80b004368dbc0e5ab_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:e28ec47df651730661f559629b8b7a33bfc704c69807b1b8280c258152f63b38_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:f3cca8a8c57093fc128d7731257396dda9ed179890d2f6712ed5834d04973659_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:172cc60b6553bfe1016150c87a32bf10f0b77237ca009db8d75c8c6497c82653_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:4f60326e0beaaeb585eaae1b4a84d3710603372d8b1fcb89a741aef9ebafb71b_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d8fe9c10704991d25049ed7358bc188ea858ad16035d5eecdff119f9bda6c541_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:e365760218025d9ce7dd9c5ad2534c4dae757b459749a6d199daae872b83baff_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-34155"
},
{
"category": "external",
"summary": "RHBZ#2310527",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310527"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-34155",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34155"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-34155",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34155"
},
{
"category": "external",
"summary": "https://go.dev/cl/611238",
"url": "https://go.dev/cl/611238"
},
{
"category": "external",
"summary": "https://go.dev/issue/69138",
"url": "https://go.dev/issue/69138"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk",
"url": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3105",
"url": "https://pkg.go.dev/vuln/GO-2024-3105"
}
],
"release_date": "2024-09-06T21:15:11.947000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-19T01:54:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:574b94fa671857552d1a413f84a7c9389543485276e224da4abc991e831ebfe4_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:898d2f75a55aeea661ed8533b70a65ec430c05cd5aa3f834eaa2502dd7c6c149_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:db259445df5ff6a5bd0faa9ed04e2d0efd61a9af703b2d48db1ab9bc115d7abb_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:dfb0c4c14278e05c9909d3d2dd76bf264008429e769bbbb18a52409fce7f4fce_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:9960"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:2bbe258bd894d2f1a7ae940fb0794e3e2da6d50b92535b02b653eea21e156ec4_s390x",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:6818ab81497735d1ccaebd8814af9104260eb4c5ce484320c19b01d0bc2427d2_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:8caa969bec4ef8787e0ca5530c491ddc91f3d1ed19ff20648e795432c0c50e67_amd64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:d3d9f7acc10c5c86a4651eb6e3d7785d0c3b235c07937508f71cbc3cc71119c6_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:1e0cfc88f7d10b795f69b9328c8decb82cf578f6094a0028e582f643a76615b9_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:1faadcb77447ca04952734f846cd04bbf688ef430b568b7c0fd0b4a9d57944e5_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:550a940f0243123a6ab9c3a2a34b9b8d314850646d3b73baf767ccfb958bc884_s390x",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:96f253071d1ed16b7c858d1c42114691307a2faac72619ee32f5a1ff90db8d17_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:0ca0153fd4b04609f4ba5953de6f3e9e6c7f716324529ec386d741b51deef007_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:753f1a59e04ed4b0d30791122d76065f3773ec3d26c39316655481f7834db982_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:e197d60887b37e7aec407c9872ec545fe73901de58a4803e56630a2918213dca_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:fdd33c1ab911d0b8e38a8358813de8d49f2ff8dec77a5d2ed57e11b81da83562_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:31fae3bc4af8243f6b02235f746b309c5e5eaa6ef3138c1d23cb5add5f3820a0_arm64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:5743d98dca1fd770c100db49d07841ea1aad5f28c85e3ac4d3fe8e4af816a039_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:a7aacf39f3740e328f2c2c91a96d774af8af64a0c22583eff5e4f73310a0a365_ppc64le",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:ae9c1ff570daf3f63b2c0624a83e6e577ee3476f812c149f0a56c67527b6a21a_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:3c3b4a09d8ccd72def3569c0e1f99be0b1ee452ad2db49ce46811fd6d394af89_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:4fcbd1b09c6673f364777d5970867a51e3510c3d8b12513b7807a025e913051d_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:765e3bdb4fc1240d51adb92fcaa72c5e0dd89ca7668eeb7d6e61491c1ec89d6f_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:9d76566fcc91da5abdbc401470ac50e339b4faa5613e9d75f431a1b289b91c3e_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:0c35864cbaa0f6bec4202004641cdff2b130592e2ce8c66f0179abff8b22d065_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:26ecf9b62abd992a138c0efdbac768af2994261506c87f45ef5c484dffcce943_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:2824aa03cdaffe44f21e6f58b57e8cf650cb0e96e15b2fcc987e146678d521ed_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:cc47ecae2f0d0306f3fc1bfbc13104a99e9fcc093f8c2f05ea479f5a2f966eff_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:426359cc8df7743269b5083bf218f28189d6a2736872d9afb3909d9e7c1c1861_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4f684ef7417ede239193b32be628a4e3ede4f238d01c457b0cb5283b4e17dd9c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:87e2c30f1b04741775e9b6d73e095585f78bdfd7ea8715cd5fdb1bc65e2bf3ad_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b324db4dd92975489a8ceba2d72ba694b6731782dece3d5df93297e23881011e_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:193715bff5bd4bc93fbe8b7313225569ab4b2943d8003dd6d29ca74457621e9a_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:71bb8e7d4c7e8f6622e958ec38303f1def3f4d4e36e545ce339dae128a6a4348_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:9515898ce41f4f53ea69297ab578298ec70e7f4828bb7769a246f41af5cf5851_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a853fb4574549241c758e7736e67641e019c41c557d1f0afb2f054155fb84a55_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:64d89d0cb1770aa865a932be052bb03c4e4f6bb47dcc6991365b9b25558361b2_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:da2f9dbd22533067dcc2a635a3f2c441cb69a1acb4793fd80b004368dbc0e5ab_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:e28ec47df651730661f559629b8b7a33bfc704c69807b1b8280c258152f63b38_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:f3cca8a8c57093fc128d7731257396dda9ed179890d2f6712ed5834d04973659_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:172cc60b6553bfe1016150c87a32bf10f0b77237ca009db8d75c8c6497c82653_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:4f60326e0beaaeb585eaae1b4a84d3710603372d8b1fcb89a741aef9ebafb71b_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d8fe9c10704991d25049ed7358bc188ea858ad16035d5eecdff119f9bda6c541_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:e365760218025d9ce7dd9c5ad2534c4dae757b459749a6d199daae872b83baff_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:574b94fa671857552d1a413f84a7c9389543485276e224da4abc991e831ebfe4_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:898d2f75a55aeea661ed8533b70a65ec430c05cd5aa3f834eaa2502dd7c6c149_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:db259445df5ff6a5bd0faa9ed04e2d0efd61a9af703b2d48db1ab9bc115d7abb_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:dfb0c4c14278e05c9909d3d2dd76bf264008429e769bbbb18a52409fce7f4fce_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:2bbe258bd894d2f1a7ae940fb0794e3e2da6d50b92535b02b653eea21e156ec4_s390x",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:6818ab81497735d1ccaebd8814af9104260eb4c5ce484320c19b01d0bc2427d2_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:8caa969bec4ef8787e0ca5530c491ddc91f3d1ed19ff20648e795432c0c50e67_amd64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:d3d9f7acc10c5c86a4651eb6e3d7785d0c3b235c07937508f71cbc3cc71119c6_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:1e0cfc88f7d10b795f69b9328c8decb82cf578f6094a0028e582f643a76615b9_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:1faadcb77447ca04952734f846cd04bbf688ef430b568b7c0fd0b4a9d57944e5_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:550a940f0243123a6ab9c3a2a34b9b8d314850646d3b73baf767ccfb958bc884_s390x",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:96f253071d1ed16b7c858d1c42114691307a2faac72619ee32f5a1ff90db8d17_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:0ca0153fd4b04609f4ba5953de6f3e9e6c7f716324529ec386d741b51deef007_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:753f1a59e04ed4b0d30791122d76065f3773ec3d26c39316655481f7834db982_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:e197d60887b37e7aec407c9872ec545fe73901de58a4803e56630a2918213dca_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:fdd33c1ab911d0b8e38a8358813de8d49f2ff8dec77a5d2ed57e11b81da83562_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:31fae3bc4af8243f6b02235f746b309c5e5eaa6ef3138c1d23cb5add5f3820a0_arm64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:5743d98dca1fd770c100db49d07841ea1aad5f28c85e3ac4d3fe8e4af816a039_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:a7aacf39f3740e328f2c2c91a96d774af8af64a0c22583eff5e4f73310a0a365_ppc64le",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:ae9c1ff570daf3f63b2c0624a83e6e577ee3476f812c149f0a56c67527b6a21a_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:3c3b4a09d8ccd72def3569c0e1f99be0b1ee452ad2db49ce46811fd6d394af89_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:4fcbd1b09c6673f364777d5970867a51e3510c3d8b12513b7807a025e913051d_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:765e3bdb4fc1240d51adb92fcaa72c5e0dd89ca7668eeb7d6e61491c1ec89d6f_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:9d76566fcc91da5abdbc401470ac50e339b4faa5613e9d75f431a1b289b91c3e_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:0c35864cbaa0f6bec4202004641cdff2b130592e2ce8c66f0179abff8b22d065_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:26ecf9b62abd992a138c0efdbac768af2994261506c87f45ef5c484dffcce943_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:2824aa03cdaffe44f21e6f58b57e8cf650cb0e96e15b2fcc987e146678d521ed_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:cc47ecae2f0d0306f3fc1bfbc13104a99e9fcc093f8c2f05ea479f5a2f966eff_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:426359cc8df7743269b5083bf218f28189d6a2736872d9afb3909d9e7c1c1861_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4f684ef7417ede239193b32be628a4e3ede4f238d01c457b0cb5283b4e17dd9c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:87e2c30f1b04741775e9b6d73e095585f78bdfd7ea8715cd5fdb1bc65e2bf3ad_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b324db4dd92975489a8ceba2d72ba694b6731782dece3d5df93297e23881011e_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:193715bff5bd4bc93fbe8b7313225569ab4b2943d8003dd6d29ca74457621e9a_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:71bb8e7d4c7e8f6622e958ec38303f1def3f4d4e36e545ce339dae128a6a4348_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:9515898ce41f4f53ea69297ab578298ec70e7f4828bb7769a246f41af5cf5851_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a853fb4574549241c758e7736e67641e019c41c557d1f0afb2f054155fb84a55_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:64d89d0cb1770aa865a932be052bb03c4e4f6bb47dcc6991365b9b25558361b2_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:da2f9dbd22533067dcc2a635a3f2c441cb69a1acb4793fd80b004368dbc0e5ab_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:e28ec47df651730661f559629b8b7a33bfc704c69807b1b8280c258152f63b38_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:f3cca8a8c57093fc128d7731257396dda9ed179890d2f6712ed5834d04973659_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:172cc60b6553bfe1016150c87a32bf10f0b77237ca009db8d75c8c6497c82653_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:4f60326e0beaaeb585eaae1b4a84d3710603372d8b1fcb89a741aef9ebafb71b_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d8fe9c10704991d25049ed7358bc188ea858ad16035d5eecdff119f9bda6c541_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:e365760218025d9ce7dd9c5ad2534c4dae757b459749a6d199daae872b83baff_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:574b94fa671857552d1a413f84a7c9389543485276e224da4abc991e831ebfe4_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:898d2f75a55aeea661ed8533b70a65ec430c05cd5aa3f834eaa2502dd7c6c149_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:db259445df5ff6a5bd0faa9ed04e2d0efd61a9af703b2d48db1ab9bc115d7abb_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:dfb0c4c14278e05c9909d3d2dd76bf264008429e769bbbb18a52409fce7f4fce_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion"
},
{
"cve": "CVE-2024-34156",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2024-09-06T21:20:09.377905+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:2bbe258bd894d2f1a7ae940fb0794e3e2da6d50b92535b02b653eea21e156ec4_s390x",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:6818ab81497735d1ccaebd8814af9104260eb4c5ce484320c19b01d0bc2427d2_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:8caa969bec4ef8787e0ca5530c491ddc91f3d1ed19ff20648e795432c0c50e67_amd64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:d3d9f7acc10c5c86a4651eb6e3d7785d0c3b235c07937508f71cbc3cc71119c6_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:1e0cfc88f7d10b795f69b9328c8decb82cf578f6094a0028e582f643a76615b9_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:1faadcb77447ca04952734f846cd04bbf688ef430b568b7c0fd0b4a9d57944e5_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:550a940f0243123a6ab9c3a2a34b9b8d314850646d3b73baf767ccfb958bc884_s390x",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:96f253071d1ed16b7c858d1c42114691307a2faac72619ee32f5a1ff90db8d17_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:0ca0153fd4b04609f4ba5953de6f3e9e6c7f716324529ec386d741b51deef007_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:753f1a59e04ed4b0d30791122d76065f3773ec3d26c39316655481f7834db982_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:e197d60887b37e7aec407c9872ec545fe73901de58a4803e56630a2918213dca_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:fdd33c1ab911d0b8e38a8358813de8d49f2ff8dec77a5d2ed57e11b81da83562_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:31fae3bc4af8243f6b02235f746b309c5e5eaa6ef3138c1d23cb5add5f3820a0_arm64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:5743d98dca1fd770c100db49d07841ea1aad5f28c85e3ac4d3fe8e4af816a039_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:a7aacf39f3740e328f2c2c91a96d774af8af64a0c22583eff5e4f73310a0a365_ppc64le",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:ae9c1ff570daf3f63b2c0624a83e6e577ee3476f812c149f0a56c67527b6a21a_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:3c3b4a09d8ccd72def3569c0e1f99be0b1ee452ad2db49ce46811fd6d394af89_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:4fcbd1b09c6673f364777d5970867a51e3510c3d8b12513b7807a025e913051d_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:765e3bdb4fc1240d51adb92fcaa72c5e0dd89ca7668eeb7d6e61491c1ec89d6f_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:9d76566fcc91da5abdbc401470ac50e339b4faa5613e9d75f431a1b289b91c3e_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:0c35864cbaa0f6bec4202004641cdff2b130592e2ce8c66f0179abff8b22d065_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:26ecf9b62abd992a138c0efdbac768af2994261506c87f45ef5c484dffcce943_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:2824aa03cdaffe44f21e6f58b57e8cf650cb0e96e15b2fcc987e146678d521ed_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:cc47ecae2f0d0306f3fc1bfbc13104a99e9fcc093f8c2f05ea479f5a2f966eff_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:426359cc8df7743269b5083bf218f28189d6a2736872d9afb3909d9e7c1c1861_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4f684ef7417ede239193b32be628a4e3ede4f238d01c457b0cb5283b4e17dd9c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:87e2c30f1b04741775e9b6d73e095585f78bdfd7ea8715cd5fdb1bc65e2bf3ad_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b324db4dd92975489a8ceba2d72ba694b6731782dece3d5df93297e23881011e_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:193715bff5bd4bc93fbe8b7313225569ab4b2943d8003dd6d29ca74457621e9a_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:71bb8e7d4c7e8f6622e958ec38303f1def3f4d4e36e545ce339dae128a6a4348_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:9515898ce41f4f53ea69297ab578298ec70e7f4828bb7769a246f41af5cf5851_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a853fb4574549241c758e7736e67641e019c41c557d1f0afb2f054155fb84a55_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:64d89d0cb1770aa865a932be052bb03c4e4f6bb47dcc6991365b9b25558361b2_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:da2f9dbd22533067dcc2a635a3f2c441cb69a1acb4793fd80b004368dbc0e5ab_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:e28ec47df651730661f559629b8b7a33bfc704c69807b1b8280c258152f63b38_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:f3cca8a8c57093fc128d7731257396dda9ed179890d2f6712ed5834d04973659_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:172cc60b6553bfe1016150c87a32bf10f0b77237ca009db8d75c8c6497c82653_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:4f60326e0beaaeb585eaae1b4a84d3710603372d8b1fcb89a741aef9ebafb71b_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d8fe9c10704991d25049ed7358bc188ea858ad16035d5eecdff119f9bda6c541_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:e365760218025d9ce7dd9c5ad2534c4dae757b459749a6d199daae872b83baff_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310528"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in Go\u0027s `encoding/gob` package is of high severity because it exposes applications to potential Denial of Service (DoS) attacks through stack exhaustion. Since `gob` relies on recursive function calls to decode nested structures, an attacker could exploit this by sending crafted messages with excessively deep nesting, causing the application to panic due to stack overflow. This risk is particularly important in scenarios where untrusted or external input is processed, as it can lead to system unavailability or crashes, undermining the reliability and availability of services.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:574b94fa671857552d1a413f84a7c9389543485276e224da4abc991e831ebfe4_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:898d2f75a55aeea661ed8533b70a65ec430c05cd5aa3f834eaa2502dd7c6c149_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:db259445df5ff6a5bd0faa9ed04e2d0efd61a9af703b2d48db1ab9bc115d7abb_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:dfb0c4c14278e05c9909d3d2dd76bf264008429e769bbbb18a52409fce7f4fce_amd64"
],
"known_not_affected": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:2bbe258bd894d2f1a7ae940fb0794e3e2da6d50b92535b02b653eea21e156ec4_s390x",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:6818ab81497735d1ccaebd8814af9104260eb4c5ce484320c19b01d0bc2427d2_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:8caa969bec4ef8787e0ca5530c491ddc91f3d1ed19ff20648e795432c0c50e67_amd64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:d3d9f7acc10c5c86a4651eb6e3d7785d0c3b235c07937508f71cbc3cc71119c6_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:1e0cfc88f7d10b795f69b9328c8decb82cf578f6094a0028e582f643a76615b9_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:1faadcb77447ca04952734f846cd04bbf688ef430b568b7c0fd0b4a9d57944e5_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:550a940f0243123a6ab9c3a2a34b9b8d314850646d3b73baf767ccfb958bc884_s390x",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:96f253071d1ed16b7c858d1c42114691307a2faac72619ee32f5a1ff90db8d17_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:0ca0153fd4b04609f4ba5953de6f3e9e6c7f716324529ec386d741b51deef007_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:753f1a59e04ed4b0d30791122d76065f3773ec3d26c39316655481f7834db982_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:e197d60887b37e7aec407c9872ec545fe73901de58a4803e56630a2918213dca_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:fdd33c1ab911d0b8e38a8358813de8d49f2ff8dec77a5d2ed57e11b81da83562_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:31fae3bc4af8243f6b02235f746b309c5e5eaa6ef3138c1d23cb5add5f3820a0_arm64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:5743d98dca1fd770c100db49d07841ea1aad5f28c85e3ac4d3fe8e4af816a039_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:a7aacf39f3740e328f2c2c91a96d774af8af64a0c22583eff5e4f73310a0a365_ppc64le",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:ae9c1ff570daf3f63b2c0624a83e6e577ee3476f812c149f0a56c67527b6a21a_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:3c3b4a09d8ccd72def3569c0e1f99be0b1ee452ad2db49ce46811fd6d394af89_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:4fcbd1b09c6673f364777d5970867a51e3510c3d8b12513b7807a025e913051d_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:765e3bdb4fc1240d51adb92fcaa72c5e0dd89ca7668eeb7d6e61491c1ec89d6f_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:9d76566fcc91da5abdbc401470ac50e339b4faa5613e9d75f431a1b289b91c3e_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:0c35864cbaa0f6bec4202004641cdff2b130592e2ce8c66f0179abff8b22d065_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:26ecf9b62abd992a138c0efdbac768af2994261506c87f45ef5c484dffcce943_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:2824aa03cdaffe44f21e6f58b57e8cf650cb0e96e15b2fcc987e146678d521ed_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:cc47ecae2f0d0306f3fc1bfbc13104a99e9fcc093f8c2f05ea479f5a2f966eff_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:426359cc8df7743269b5083bf218f28189d6a2736872d9afb3909d9e7c1c1861_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4f684ef7417ede239193b32be628a4e3ede4f238d01c457b0cb5283b4e17dd9c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:87e2c30f1b04741775e9b6d73e095585f78bdfd7ea8715cd5fdb1bc65e2bf3ad_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b324db4dd92975489a8ceba2d72ba694b6731782dece3d5df93297e23881011e_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:193715bff5bd4bc93fbe8b7313225569ab4b2943d8003dd6d29ca74457621e9a_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:71bb8e7d4c7e8f6622e958ec38303f1def3f4d4e36e545ce339dae128a6a4348_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:9515898ce41f4f53ea69297ab578298ec70e7f4828bb7769a246f41af5cf5851_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a853fb4574549241c758e7736e67641e019c41c557d1f0afb2f054155fb84a55_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:64d89d0cb1770aa865a932be052bb03c4e4f6bb47dcc6991365b9b25558361b2_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:da2f9dbd22533067dcc2a635a3f2c441cb69a1acb4793fd80b004368dbc0e5ab_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:e28ec47df651730661f559629b8b7a33bfc704c69807b1b8280c258152f63b38_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:f3cca8a8c57093fc128d7731257396dda9ed179890d2f6712ed5834d04973659_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:172cc60b6553bfe1016150c87a32bf10f0b77237ca009db8d75c8c6497c82653_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:4f60326e0beaaeb585eaae1b4a84d3710603372d8b1fcb89a741aef9ebafb71b_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d8fe9c10704991d25049ed7358bc188ea858ad16035d5eecdff119f9bda6c541_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:e365760218025d9ce7dd9c5ad2534c4dae757b459749a6d199daae872b83baff_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-34156"
},
{
"category": "external",
"summary": "RHBZ#2310528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310528"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-34156",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34156"
},
{
"category": "external",
"summary": "https://go.dev/cl/611239",
"url": "https://go.dev/cl/611239"
},
{
"category": "external",
"summary": "https://go.dev/issue/69139",
"url": "https://go.dev/issue/69139"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk",
"url": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3106",
"url": "https://pkg.go.dev/vuln/GO-2024-3106"
}
],
"release_date": "2024-09-06T21:15:12.020000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-19T01:54:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:574b94fa671857552d1a413f84a7c9389543485276e224da4abc991e831ebfe4_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:898d2f75a55aeea661ed8533b70a65ec430c05cd5aa3f834eaa2502dd7c6c149_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:db259445df5ff6a5bd0faa9ed04e2d0efd61a9af703b2d48db1ab9bc115d7abb_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:dfb0c4c14278e05c9909d3d2dd76bf264008429e769bbbb18a52409fce7f4fce_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:9960"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:2bbe258bd894d2f1a7ae940fb0794e3e2da6d50b92535b02b653eea21e156ec4_s390x",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:6818ab81497735d1ccaebd8814af9104260eb4c5ce484320c19b01d0bc2427d2_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:8caa969bec4ef8787e0ca5530c491ddc91f3d1ed19ff20648e795432c0c50e67_amd64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:d3d9f7acc10c5c86a4651eb6e3d7785d0c3b235c07937508f71cbc3cc71119c6_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:1e0cfc88f7d10b795f69b9328c8decb82cf578f6094a0028e582f643a76615b9_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:1faadcb77447ca04952734f846cd04bbf688ef430b568b7c0fd0b4a9d57944e5_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:550a940f0243123a6ab9c3a2a34b9b8d314850646d3b73baf767ccfb958bc884_s390x",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:96f253071d1ed16b7c858d1c42114691307a2faac72619ee32f5a1ff90db8d17_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:0ca0153fd4b04609f4ba5953de6f3e9e6c7f716324529ec386d741b51deef007_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:753f1a59e04ed4b0d30791122d76065f3773ec3d26c39316655481f7834db982_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:e197d60887b37e7aec407c9872ec545fe73901de58a4803e56630a2918213dca_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:fdd33c1ab911d0b8e38a8358813de8d49f2ff8dec77a5d2ed57e11b81da83562_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:31fae3bc4af8243f6b02235f746b309c5e5eaa6ef3138c1d23cb5add5f3820a0_arm64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:5743d98dca1fd770c100db49d07841ea1aad5f28c85e3ac4d3fe8e4af816a039_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:a7aacf39f3740e328f2c2c91a96d774af8af64a0c22583eff5e4f73310a0a365_ppc64le",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:ae9c1ff570daf3f63b2c0624a83e6e577ee3476f812c149f0a56c67527b6a21a_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:3c3b4a09d8ccd72def3569c0e1f99be0b1ee452ad2db49ce46811fd6d394af89_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:4fcbd1b09c6673f364777d5970867a51e3510c3d8b12513b7807a025e913051d_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:765e3bdb4fc1240d51adb92fcaa72c5e0dd89ca7668eeb7d6e61491c1ec89d6f_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:9d76566fcc91da5abdbc401470ac50e339b4faa5613e9d75f431a1b289b91c3e_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:0c35864cbaa0f6bec4202004641cdff2b130592e2ce8c66f0179abff8b22d065_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:26ecf9b62abd992a138c0efdbac768af2994261506c87f45ef5c484dffcce943_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:2824aa03cdaffe44f21e6f58b57e8cf650cb0e96e15b2fcc987e146678d521ed_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:cc47ecae2f0d0306f3fc1bfbc13104a99e9fcc093f8c2f05ea479f5a2f966eff_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:426359cc8df7743269b5083bf218f28189d6a2736872d9afb3909d9e7c1c1861_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4f684ef7417ede239193b32be628a4e3ede4f238d01c457b0cb5283b4e17dd9c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:87e2c30f1b04741775e9b6d73e095585f78bdfd7ea8715cd5fdb1bc65e2bf3ad_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b324db4dd92975489a8ceba2d72ba694b6731782dece3d5df93297e23881011e_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:193715bff5bd4bc93fbe8b7313225569ab4b2943d8003dd6d29ca74457621e9a_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:71bb8e7d4c7e8f6622e958ec38303f1def3f4d4e36e545ce339dae128a6a4348_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:9515898ce41f4f53ea69297ab578298ec70e7f4828bb7769a246f41af5cf5851_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a853fb4574549241c758e7736e67641e019c41c557d1f0afb2f054155fb84a55_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:64d89d0cb1770aa865a932be052bb03c4e4f6bb47dcc6991365b9b25558361b2_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:da2f9dbd22533067dcc2a635a3f2c441cb69a1acb4793fd80b004368dbc0e5ab_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:e28ec47df651730661f559629b8b7a33bfc704c69807b1b8280c258152f63b38_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:f3cca8a8c57093fc128d7731257396dda9ed179890d2f6712ed5834d04973659_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:172cc60b6553bfe1016150c87a32bf10f0b77237ca009db8d75c8c6497c82653_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:4f60326e0beaaeb585eaae1b4a84d3710603372d8b1fcb89a741aef9ebafb71b_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d8fe9c10704991d25049ed7358bc188ea858ad16035d5eecdff119f9bda6c541_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:e365760218025d9ce7dd9c5ad2534c4dae757b459749a6d199daae872b83baff_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:574b94fa671857552d1a413f84a7c9389543485276e224da4abc991e831ebfe4_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:898d2f75a55aeea661ed8533b70a65ec430c05cd5aa3f834eaa2502dd7c6c149_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:db259445df5ff6a5bd0faa9ed04e2d0efd61a9af703b2d48db1ab9bc115d7abb_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:dfb0c4c14278e05c9909d3d2dd76bf264008429e769bbbb18a52409fce7f4fce_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:2bbe258bd894d2f1a7ae940fb0794e3e2da6d50b92535b02b653eea21e156ec4_s390x",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:6818ab81497735d1ccaebd8814af9104260eb4c5ce484320c19b01d0bc2427d2_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:8caa969bec4ef8787e0ca5530c491ddc91f3d1ed19ff20648e795432c0c50e67_amd64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:d3d9f7acc10c5c86a4651eb6e3d7785d0c3b235c07937508f71cbc3cc71119c6_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:1e0cfc88f7d10b795f69b9328c8decb82cf578f6094a0028e582f643a76615b9_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:1faadcb77447ca04952734f846cd04bbf688ef430b568b7c0fd0b4a9d57944e5_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:550a940f0243123a6ab9c3a2a34b9b8d314850646d3b73baf767ccfb958bc884_s390x",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:96f253071d1ed16b7c858d1c42114691307a2faac72619ee32f5a1ff90db8d17_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:0ca0153fd4b04609f4ba5953de6f3e9e6c7f716324529ec386d741b51deef007_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:753f1a59e04ed4b0d30791122d76065f3773ec3d26c39316655481f7834db982_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:e197d60887b37e7aec407c9872ec545fe73901de58a4803e56630a2918213dca_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:fdd33c1ab911d0b8e38a8358813de8d49f2ff8dec77a5d2ed57e11b81da83562_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:31fae3bc4af8243f6b02235f746b309c5e5eaa6ef3138c1d23cb5add5f3820a0_arm64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:5743d98dca1fd770c100db49d07841ea1aad5f28c85e3ac4d3fe8e4af816a039_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:a7aacf39f3740e328f2c2c91a96d774af8af64a0c22583eff5e4f73310a0a365_ppc64le",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:ae9c1ff570daf3f63b2c0624a83e6e577ee3476f812c149f0a56c67527b6a21a_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:3c3b4a09d8ccd72def3569c0e1f99be0b1ee452ad2db49ce46811fd6d394af89_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:4fcbd1b09c6673f364777d5970867a51e3510c3d8b12513b7807a025e913051d_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:765e3bdb4fc1240d51adb92fcaa72c5e0dd89ca7668eeb7d6e61491c1ec89d6f_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:9d76566fcc91da5abdbc401470ac50e339b4faa5613e9d75f431a1b289b91c3e_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:0c35864cbaa0f6bec4202004641cdff2b130592e2ce8c66f0179abff8b22d065_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:26ecf9b62abd992a138c0efdbac768af2994261506c87f45ef5c484dffcce943_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:2824aa03cdaffe44f21e6f58b57e8cf650cb0e96e15b2fcc987e146678d521ed_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:cc47ecae2f0d0306f3fc1bfbc13104a99e9fcc093f8c2f05ea479f5a2f966eff_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:426359cc8df7743269b5083bf218f28189d6a2736872d9afb3909d9e7c1c1861_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4f684ef7417ede239193b32be628a4e3ede4f238d01c457b0cb5283b4e17dd9c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:87e2c30f1b04741775e9b6d73e095585f78bdfd7ea8715cd5fdb1bc65e2bf3ad_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b324db4dd92975489a8ceba2d72ba694b6731782dece3d5df93297e23881011e_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:193715bff5bd4bc93fbe8b7313225569ab4b2943d8003dd6d29ca74457621e9a_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:71bb8e7d4c7e8f6622e958ec38303f1def3f4d4e36e545ce339dae128a6a4348_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:9515898ce41f4f53ea69297ab578298ec70e7f4828bb7769a246f41af5cf5851_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a853fb4574549241c758e7736e67641e019c41c557d1f0afb2f054155fb84a55_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:64d89d0cb1770aa865a932be052bb03c4e4f6bb47dcc6991365b9b25558361b2_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:da2f9dbd22533067dcc2a635a3f2c441cb69a1acb4793fd80b004368dbc0e5ab_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:e28ec47df651730661f559629b8b7a33bfc704c69807b1b8280c258152f63b38_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:f3cca8a8c57093fc128d7731257396dda9ed179890d2f6712ed5834d04973659_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:172cc60b6553bfe1016150c87a32bf10f0b77237ca009db8d75c8c6497c82653_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:4f60326e0beaaeb585eaae1b4a84d3710603372d8b1fcb89a741aef9ebafb71b_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d8fe9c10704991d25049ed7358bc188ea858ad16035d5eecdff119f9bda6c541_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:e365760218025d9ce7dd9c5ad2534c4dae757b459749a6d199daae872b83baff_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:574b94fa671857552d1a413f84a7c9389543485276e224da4abc991e831ebfe4_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:898d2f75a55aeea661ed8533b70a65ec430c05cd5aa3f834eaa2502dd7c6c149_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:db259445df5ff6a5bd0faa9ed04e2d0efd61a9af703b2d48db1ab9bc115d7abb_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:dfb0c4c14278e05c9909d3d2dd76bf264008429e769bbbb18a52409fce7f4fce_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion"
},
{
"cve": "CVE-2024-34158",
"cwe": {
"id": "CWE-1325",
"name": "Improperly Controlled Sequential Memory Allocation"
},
"discovery_date": "2024-09-06T21:20:12.126400+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:2bbe258bd894d2f1a7ae940fb0794e3e2da6d50b92535b02b653eea21e156ec4_s390x",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:6818ab81497735d1ccaebd8814af9104260eb4c5ce484320c19b01d0bc2427d2_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:8caa969bec4ef8787e0ca5530c491ddc91f3d1ed19ff20648e795432c0c50e67_amd64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:d3d9f7acc10c5c86a4651eb6e3d7785d0c3b235c07937508f71cbc3cc71119c6_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:1e0cfc88f7d10b795f69b9328c8decb82cf578f6094a0028e582f643a76615b9_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:1faadcb77447ca04952734f846cd04bbf688ef430b568b7c0fd0b4a9d57944e5_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:550a940f0243123a6ab9c3a2a34b9b8d314850646d3b73baf767ccfb958bc884_s390x",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:96f253071d1ed16b7c858d1c42114691307a2faac72619ee32f5a1ff90db8d17_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:0ca0153fd4b04609f4ba5953de6f3e9e6c7f716324529ec386d741b51deef007_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:753f1a59e04ed4b0d30791122d76065f3773ec3d26c39316655481f7834db982_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:e197d60887b37e7aec407c9872ec545fe73901de58a4803e56630a2918213dca_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:fdd33c1ab911d0b8e38a8358813de8d49f2ff8dec77a5d2ed57e11b81da83562_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:31fae3bc4af8243f6b02235f746b309c5e5eaa6ef3138c1d23cb5add5f3820a0_arm64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:5743d98dca1fd770c100db49d07841ea1aad5f28c85e3ac4d3fe8e4af816a039_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:a7aacf39f3740e328f2c2c91a96d774af8af64a0c22583eff5e4f73310a0a365_ppc64le",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:ae9c1ff570daf3f63b2c0624a83e6e577ee3476f812c149f0a56c67527b6a21a_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:3c3b4a09d8ccd72def3569c0e1f99be0b1ee452ad2db49ce46811fd6d394af89_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:4fcbd1b09c6673f364777d5970867a51e3510c3d8b12513b7807a025e913051d_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:765e3bdb4fc1240d51adb92fcaa72c5e0dd89ca7668eeb7d6e61491c1ec89d6f_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:9d76566fcc91da5abdbc401470ac50e339b4faa5613e9d75f431a1b289b91c3e_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:0c35864cbaa0f6bec4202004641cdff2b130592e2ce8c66f0179abff8b22d065_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:26ecf9b62abd992a138c0efdbac768af2994261506c87f45ef5c484dffcce943_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:2824aa03cdaffe44f21e6f58b57e8cf650cb0e96e15b2fcc987e146678d521ed_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:cc47ecae2f0d0306f3fc1bfbc13104a99e9fcc093f8c2f05ea479f5a2f966eff_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:426359cc8df7743269b5083bf218f28189d6a2736872d9afb3909d9e7c1c1861_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4f684ef7417ede239193b32be628a4e3ede4f238d01c457b0cb5283b4e17dd9c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:87e2c30f1b04741775e9b6d73e095585f78bdfd7ea8715cd5fdb1bc65e2bf3ad_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b324db4dd92975489a8ceba2d72ba694b6731782dece3d5df93297e23881011e_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:193715bff5bd4bc93fbe8b7313225569ab4b2943d8003dd6d29ca74457621e9a_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:71bb8e7d4c7e8f6622e958ec38303f1def3f4d4e36e545ce339dae128a6a4348_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:9515898ce41f4f53ea69297ab578298ec70e7f4828bb7769a246f41af5cf5851_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a853fb4574549241c758e7736e67641e019c41c557d1f0afb2f054155fb84a55_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:64d89d0cb1770aa865a932be052bb03c4e4f6bb47dcc6991365b9b25558361b2_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:da2f9dbd22533067dcc2a635a3f2c441cb69a1acb4793fd80b004368dbc0e5ab_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:e28ec47df651730661f559629b8b7a33bfc704c69807b1b8280c258152f63b38_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:f3cca8a8c57093fc128d7731257396dda9ed179890d2f6712ed5834d04973659_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:172cc60b6553bfe1016150c87a32bf10f0b77237ca009db8d75c8c6497c82653_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:4f60326e0beaaeb585eaae1b4a84d3710603372d8b1fcb89a741aef9ebafb71b_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d8fe9c10704991d25049ed7358bc188ea858ad16035d5eecdff119f9bda6c541_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:e365760218025d9ce7dd9c5ad2534c4dae757b459749a6d199daae872b83baff_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310529"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the go/build/constraint package of the Golang standard library. Calling Parse on a \"// +build\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "go/build/constraint: golang: Calling Parse on a \"// +build\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:574b94fa671857552d1a413f84a7c9389543485276e224da4abc991e831ebfe4_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:898d2f75a55aeea661ed8533b70a65ec430c05cd5aa3f834eaa2502dd7c6c149_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:db259445df5ff6a5bd0faa9ed04e2d0efd61a9af703b2d48db1ab9bc115d7abb_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:dfb0c4c14278e05c9909d3d2dd76bf264008429e769bbbb18a52409fce7f4fce_amd64"
],
"known_not_affected": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:2bbe258bd894d2f1a7ae940fb0794e3e2da6d50b92535b02b653eea21e156ec4_s390x",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:6818ab81497735d1ccaebd8814af9104260eb4c5ce484320c19b01d0bc2427d2_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:8caa969bec4ef8787e0ca5530c491ddc91f3d1ed19ff20648e795432c0c50e67_amd64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:d3d9f7acc10c5c86a4651eb6e3d7785d0c3b235c07937508f71cbc3cc71119c6_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:1e0cfc88f7d10b795f69b9328c8decb82cf578f6094a0028e582f643a76615b9_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:1faadcb77447ca04952734f846cd04bbf688ef430b568b7c0fd0b4a9d57944e5_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:550a940f0243123a6ab9c3a2a34b9b8d314850646d3b73baf767ccfb958bc884_s390x",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:96f253071d1ed16b7c858d1c42114691307a2faac72619ee32f5a1ff90db8d17_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:0ca0153fd4b04609f4ba5953de6f3e9e6c7f716324529ec386d741b51deef007_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:753f1a59e04ed4b0d30791122d76065f3773ec3d26c39316655481f7834db982_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:e197d60887b37e7aec407c9872ec545fe73901de58a4803e56630a2918213dca_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:fdd33c1ab911d0b8e38a8358813de8d49f2ff8dec77a5d2ed57e11b81da83562_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:31fae3bc4af8243f6b02235f746b309c5e5eaa6ef3138c1d23cb5add5f3820a0_arm64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:5743d98dca1fd770c100db49d07841ea1aad5f28c85e3ac4d3fe8e4af816a039_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:a7aacf39f3740e328f2c2c91a96d774af8af64a0c22583eff5e4f73310a0a365_ppc64le",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:ae9c1ff570daf3f63b2c0624a83e6e577ee3476f812c149f0a56c67527b6a21a_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:3c3b4a09d8ccd72def3569c0e1f99be0b1ee452ad2db49ce46811fd6d394af89_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:4fcbd1b09c6673f364777d5970867a51e3510c3d8b12513b7807a025e913051d_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:765e3bdb4fc1240d51adb92fcaa72c5e0dd89ca7668eeb7d6e61491c1ec89d6f_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:9d76566fcc91da5abdbc401470ac50e339b4faa5613e9d75f431a1b289b91c3e_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:0c35864cbaa0f6bec4202004641cdff2b130592e2ce8c66f0179abff8b22d065_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:26ecf9b62abd992a138c0efdbac768af2994261506c87f45ef5c484dffcce943_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:2824aa03cdaffe44f21e6f58b57e8cf650cb0e96e15b2fcc987e146678d521ed_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:cc47ecae2f0d0306f3fc1bfbc13104a99e9fcc093f8c2f05ea479f5a2f966eff_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:426359cc8df7743269b5083bf218f28189d6a2736872d9afb3909d9e7c1c1861_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4f684ef7417ede239193b32be628a4e3ede4f238d01c457b0cb5283b4e17dd9c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:87e2c30f1b04741775e9b6d73e095585f78bdfd7ea8715cd5fdb1bc65e2bf3ad_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b324db4dd92975489a8ceba2d72ba694b6731782dece3d5df93297e23881011e_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:193715bff5bd4bc93fbe8b7313225569ab4b2943d8003dd6d29ca74457621e9a_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:71bb8e7d4c7e8f6622e958ec38303f1def3f4d4e36e545ce339dae128a6a4348_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:9515898ce41f4f53ea69297ab578298ec70e7f4828bb7769a246f41af5cf5851_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a853fb4574549241c758e7736e67641e019c41c557d1f0afb2f054155fb84a55_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:64d89d0cb1770aa865a932be052bb03c4e4f6bb47dcc6991365b9b25558361b2_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:da2f9dbd22533067dcc2a635a3f2c441cb69a1acb4793fd80b004368dbc0e5ab_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:e28ec47df651730661f559629b8b7a33bfc704c69807b1b8280c258152f63b38_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:f3cca8a8c57093fc128d7731257396dda9ed179890d2f6712ed5834d04973659_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:172cc60b6553bfe1016150c87a32bf10f0b77237ca009db8d75c8c6497c82653_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:4f60326e0beaaeb585eaae1b4a84d3710603372d8b1fcb89a741aef9ebafb71b_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d8fe9c10704991d25049ed7358bc188ea858ad16035d5eecdff119f9bda6c541_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:e365760218025d9ce7dd9c5ad2534c4dae757b459749a6d199daae872b83baff_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-34158"
},
{
"category": "external",
"summary": "RHBZ#2310529",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310529"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-34158",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34158"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-34158",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34158"
},
{
"category": "external",
"summary": "https://go.dev/cl/611240",
"url": "https://go.dev/cl/611240"
},
{
"category": "external",
"summary": "https://go.dev/issue/69141",
"url": "https://go.dev/issue/69141"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk",
"url": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3107",
"url": "https://pkg.go.dev/vuln/GO-2024-3107"
}
],
"release_date": "2024-09-06T21:15:12.083000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-11-19T01:54:11+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:574b94fa671857552d1a413f84a7c9389543485276e224da4abc991e831ebfe4_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:898d2f75a55aeea661ed8533b70a65ec430c05cd5aa3f834eaa2502dd7c6c149_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:db259445df5ff6a5bd0faa9ed04e2d0efd61a9af703b2d48db1ab9bc115d7abb_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:dfb0c4c14278e05c9909d3d2dd76bf264008429e769bbbb18a52409fce7f4fce_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:9960"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:2bbe258bd894d2f1a7ae940fb0794e3e2da6d50b92535b02b653eea21e156ec4_s390x",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:6818ab81497735d1ccaebd8814af9104260eb4c5ce484320c19b01d0bc2427d2_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:8caa969bec4ef8787e0ca5530c491ddc91f3d1ed19ff20648e795432c0c50e67_amd64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:d3d9f7acc10c5c86a4651eb6e3d7785d0c3b235c07937508f71cbc3cc71119c6_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:1e0cfc88f7d10b795f69b9328c8decb82cf578f6094a0028e582f643a76615b9_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:1faadcb77447ca04952734f846cd04bbf688ef430b568b7c0fd0b4a9d57944e5_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:550a940f0243123a6ab9c3a2a34b9b8d314850646d3b73baf767ccfb958bc884_s390x",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:96f253071d1ed16b7c858d1c42114691307a2faac72619ee32f5a1ff90db8d17_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:0ca0153fd4b04609f4ba5953de6f3e9e6c7f716324529ec386d741b51deef007_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:753f1a59e04ed4b0d30791122d76065f3773ec3d26c39316655481f7834db982_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:e197d60887b37e7aec407c9872ec545fe73901de58a4803e56630a2918213dca_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:fdd33c1ab911d0b8e38a8358813de8d49f2ff8dec77a5d2ed57e11b81da83562_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:31fae3bc4af8243f6b02235f746b309c5e5eaa6ef3138c1d23cb5add5f3820a0_arm64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:5743d98dca1fd770c100db49d07841ea1aad5f28c85e3ac4d3fe8e4af816a039_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:a7aacf39f3740e328f2c2c91a96d774af8af64a0c22583eff5e4f73310a0a365_ppc64le",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:ae9c1ff570daf3f63b2c0624a83e6e577ee3476f812c149f0a56c67527b6a21a_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:3c3b4a09d8ccd72def3569c0e1f99be0b1ee452ad2db49ce46811fd6d394af89_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:4fcbd1b09c6673f364777d5970867a51e3510c3d8b12513b7807a025e913051d_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:765e3bdb4fc1240d51adb92fcaa72c5e0dd89ca7668eeb7d6e61491c1ec89d6f_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:9d76566fcc91da5abdbc401470ac50e339b4faa5613e9d75f431a1b289b91c3e_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:0c35864cbaa0f6bec4202004641cdff2b130592e2ce8c66f0179abff8b22d065_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:26ecf9b62abd992a138c0efdbac768af2994261506c87f45ef5c484dffcce943_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:2824aa03cdaffe44f21e6f58b57e8cf650cb0e96e15b2fcc987e146678d521ed_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:cc47ecae2f0d0306f3fc1bfbc13104a99e9fcc093f8c2f05ea479f5a2f966eff_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:426359cc8df7743269b5083bf218f28189d6a2736872d9afb3909d9e7c1c1861_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4f684ef7417ede239193b32be628a4e3ede4f238d01c457b0cb5283b4e17dd9c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:87e2c30f1b04741775e9b6d73e095585f78bdfd7ea8715cd5fdb1bc65e2bf3ad_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b324db4dd92975489a8ceba2d72ba694b6731782dece3d5df93297e23881011e_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:193715bff5bd4bc93fbe8b7313225569ab4b2943d8003dd6d29ca74457621e9a_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:71bb8e7d4c7e8f6622e958ec38303f1def3f4d4e36e545ce339dae128a6a4348_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:9515898ce41f4f53ea69297ab578298ec70e7f4828bb7769a246f41af5cf5851_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a853fb4574549241c758e7736e67641e019c41c557d1f0afb2f054155fb84a55_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:64d89d0cb1770aa865a932be052bb03c4e4f6bb47dcc6991365b9b25558361b2_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:da2f9dbd22533067dcc2a635a3f2c441cb69a1acb4793fd80b004368dbc0e5ab_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:e28ec47df651730661f559629b8b7a33bfc704c69807b1b8280c258152f63b38_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:f3cca8a8c57093fc128d7731257396dda9ed179890d2f6712ed5834d04973659_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:172cc60b6553bfe1016150c87a32bf10f0b77237ca009db8d75c8c6497c82653_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:4f60326e0beaaeb585eaae1b4a84d3710603372d8b1fcb89a741aef9ebafb71b_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d8fe9c10704991d25049ed7358bc188ea858ad16035d5eecdff119f9bda6c541_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:e365760218025d9ce7dd9c5ad2534c4dae757b459749a6d199daae872b83baff_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:574b94fa671857552d1a413f84a7c9389543485276e224da4abc991e831ebfe4_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:898d2f75a55aeea661ed8533b70a65ec430c05cd5aa3f834eaa2502dd7c6c149_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:db259445df5ff6a5bd0faa9ed04e2d0efd61a9af703b2d48db1ab9bc115d7abb_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:dfb0c4c14278e05c9909d3d2dd76bf264008429e769bbbb18a52409fce7f4fce_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:2bbe258bd894d2f1a7ae940fb0794e3e2da6d50b92535b02b653eea21e156ec4_s390x",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:6818ab81497735d1ccaebd8814af9104260eb4c5ce484320c19b01d0bc2427d2_ppc64le",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:8caa969bec4ef8787e0ca5530c491ddc91f3d1ed19ff20648e795432c0c50e67_amd64",
"9Base-OADP-1.3:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:d3d9f7acc10c5c86a4651eb6e3d7785d0c3b235c07937508f71cbc3cc71119c6_arm64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:1e0cfc88f7d10b795f69b9328c8decb82cf578f6094a0028e582f643a76615b9_ppc64le",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:1faadcb77447ca04952734f846cd04bbf688ef430b568b7c0fd0b4a9d57944e5_amd64",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:550a940f0243123a6ab9c3a2a34b9b8d314850646d3b73baf767ccfb958bc884_s390x",
"9Base-OADP-1.3:oadp/oadp-mustgather-rhel9@sha256:96f253071d1ed16b7c858d1c42114691307a2faac72619ee32f5a1ff90db8d17_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:0ca0153fd4b04609f4ba5953de6f3e9e6c7f716324529ec386d741b51deef007_ppc64le",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:753f1a59e04ed4b0d30791122d76065f3773ec3d26c39316655481f7834db982_s390x",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:e197d60887b37e7aec407c9872ec545fe73901de58a4803e56630a2918213dca_arm64",
"9Base-OADP-1.3:oadp/oadp-operator-bundle@sha256:fdd33c1ab911d0b8e38a8358813de8d49f2ff8dec77a5d2ed57e11b81da83562_amd64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:31fae3bc4af8243f6b02235f746b309c5e5eaa6ef3138c1d23cb5add5f3820a0_arm64",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:5743d98dca1fd770c100db49d07841ea1aad5f28c85e3ac4d3fe8e4af816a039_s390x",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:a7aacf39f3740e328f2c2c91a96d774af8af64a0c22583eff5e4f73310a0a365_ppc64le",
"9Base-OADP-1.3:oadp/oadp-rhel9-operator@sha256:ae9c1ff570daf3f63b2c0624a83e6e577ee3476f812c149f0a56c67527b6a21a_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:3c3b4a09d8ccd72def3569c0e1f99be0b1ee452ad2db49ce46811fd6d394af89_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:4fcbd1b09c6673f364777d5970867a51e3510c3d8b12513b7807a025e913051d_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:765e3bdb4fc1240d51adb92fcaa72c5e0dd89ca7668eeb7d6e61491c1ec89d6f_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:9d76566fcc91da5abdbc401470ac50e339b4faa5613e9d75f431a1b289b91c3e_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:0c35864cbaa0f6bec4202004641cdff2b130592e2ce8c66f0179abff8b22d065_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:26ecf9b62abd992a138c0efdbac768af2994261506c87f45ef5c484dffcce943_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:2824aa03cdaffe44f21e6f58b57e8cf650cb0e96e15b2fcc987e146678d521ed_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-csi-rhel9@sha256:cc47ecae2f0d0306f3fc1bfbc13104a99e9fcc093f8c2f05ea479f5a2f966eff_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:426359cc8df7743269b5083bf218f28189d6a2736872d9afb3909d9e7c1c1861_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:4f684ef7417ede239193b32be628a4e3ede4f238d01c457b0cb5283b4e17dd9c_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:87e2c30f1b04741775e9b6d73e095585f78bdfd7ea8715cd5fdb1bc65e2bf3ad_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:b324db4dd92975489a8ceba2d72ba694b6731782dece3d5df93297e23881011e_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:193715bff5bd4bc93fbe8b7313225569ab4b2943d8003dd6d29ca74457621e9a_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:71bb8e7d4c7e8f6622e958ec38303f1def3f4d4e36e545ce339dae128a6a4348_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:9515898ce41f4f53ea69297ab578298ec70e7f4828bb7769a246f41af5cf5851_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:a853fb4574549241c758e7736e67641e019c41c557d1f0afb2f054155fb84a55_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:64d89d0cb1770aa865a932be052bb03c4e4f6bb47dcc6991365b9b25558361b2_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:da2f9dbd22533067dcc2a635a3f2c441cb69a1acb4793fd80b004368dbc0e5ab_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:e28ec47df651730661f559629b8b7a33bfc704c69807b1b8280c258152f63b38_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-plugin-rhel9@sha256:f3cca8a8c57093fc128d7731257396dda9ed179890d2f6712ed5834d04973659_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:172cc60b6553bfe1016150c87a32bf10f0b77237ca009db8d75c8c6497c82653_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:4f60326e0beaaeb585eaae1b4a84d3710603372d8b1fcb89a741aef9ebafb71b_amd64",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:d8fe9c10704991d25049ed7358bc188ea858ad16035d5eecdff119f9bda6c541_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:e365760218025d9ce7dd9c5ad2534c4dae757b459749a6d199daae872b83baff_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:574b94fa671857552d1a413f84a7c9389543485276e224da4abc991e831ebfe4_s390x",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:898d2f75a55aeea661ed8533b70a65ec430c05cd5aa3f834eaa2502dd7c6c149_ppc64le",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:db259445df5ff6a5bd0faa9ed04e2d0efd61a9af703b2d48db1ab9bc115d7abb_arm64",
"9Base-OADP-1.3:oadp/oadp-velero-rhel9@sha256:dfb0c4c14278e05c9909d3d2dd76bf264008429e769bbbb18a52409fce7f4fce_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "go/build/constraint: golang: Calling Parse on a \"// +build\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion"
}
]
}
RHSA-2025:0203
Vulnerability from csaf_redhat - Published: 2025-01-09 14:59 - Updated: 2026-07-01 14:00A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOS-16.2:etcd-0:3.3.23-17.el8ost.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOS-16.2:etcd-0:3.3.23-17.el8ost.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOS-16.2:etcd-0:3.3.23-17.el8ost.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-17.el8ost.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-17.el8ost.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-17.el8ost.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-17.el8ost.x86_64 | — |
Vendor Fix
fix
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for etcd is now available for Red Hat OpenStack Platform 16.2\n(Train) for Red Hat Enterprise Linux (RHEL) 8.4.\n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "A highly-available key value store for shared configuration\n\nSecurity Fix(es):\n\n* golang: Calling Decoder.Decode on a message which contains deeply nested\nstructures can cause a panic due to stack exhaustion (CVE-2024-34156)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:0203",
"url": "https://access.redhat.com/errata/RHSA-2025:0203"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2310528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310528"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_0203.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenStack Platform 16.2 (etcd) security update",
"tracking": {
"current_release_date": "2026-07-01T14:00:06+00:00",
"generator": {
"date": "2026-07-01T14:00:06+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2025:0203",
"initial_release_date": "2025-01-09T14:59:44+00:00",
"revision_history": [
{
"date": "2025-01-09T14:59:44+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-01-09T14:59:44+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-01T14:00:06+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenStack Platform 16.2",
"product": {
"name": "Red Hat OpenStack Platform 16.2",
"product_id": "8Base-RHOS-16.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openstack:16.2::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenStack Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "etcd-0:3.3.23-17.el8ost.src",
"product": {
"name": "etcd-0:3.3.23-17.el8ost.src",
"product_id": "etcd-0:3.3.23-17.el8ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/etcd@3.3.23-17.el8ost?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "etcd-0:3.3.23-17.el8ost.x86_64",
"product": {
"name": "etcd-0:3.3.23-17.el8ost.x86_64",
"product_id": "etcd-0:3.3.23-17.el8ost.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/etcd@3.3.23-17.el8ost?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "etcd-debugsource-0:3.3.23-17.el8ost.x86_64",
"product": {
"name": "etcd-debugsource-0:3.3.23-17.el8ost.x86_64",
"product_id": "etcd-debugsource-0:3.3.23-17.el8ost.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/etcd-debugsource@3.3.23-17.el8ost?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "etcd-debuginfo-0:3.3.23-17.el8ost.x86_64",
"product": {
"name": "etcd-debuginfo-0:3.3.23-17.el8ost.x86_64",
"product_id": "etcd-debuginfo-0:3.3.23-17.el8ost.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/etcd-debuginfo@3.3.23-17.el8ost?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "etcd-0:3.3.23-17.el8ost.ppc64le",
"product": {
"name": "etcd-0:3.3.23-17.el8ost.ppc64le",
"product_id": "etcd-0:3.3.23-17.el8ost.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/etcd@3.3.23-17.el8ost?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "etcd-debugsource-0:3.3.23-17.el8ost.ppc64le",
"product": {
"name": "etcd-debugsource-0:3.3.23-17.el8ost.ppc64le",
"product_id": "etcd-debugsource-0:3.3.23-17.el8ost.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/etcd-debugsource@3.3.23-17.el8ost?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "etcd-debuginfo-0:3.3.23-17.el8ost.ppc64le",
"product": {
"name": "etcd-debuginfo-0:3.3.23-17.el8ost.ppc64le",
"product_id": "etcd-debuginfo-0:3.3.23-17.el8ost.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/etcd-debuginfo@3.3.23-17.el8ost?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "etcd-0:3.3.23-17.el8ost.ppc64le as a component of Red Hat OpenStack Platform 16.2",
"product_id": "8Base-RHOS-16.2:etcd-0:3.3.23-17.el8ost.ppc64le"
},
"product_reference": "etcd-0:3.3.23-17.el8ost.ppc64le",
"relates_to_product_reference": "8Base-RHOS-16.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcd-0:3.3.23-17.el8ost.src as a component of Red Hat OpenStack Platform 16.2",
"product_id": "8Base-RHOS-16.2:etcd-0:3.3.23-17.el8ost.src"
},
"product_reference": "etcd-0:3.3.23-17.el8ost.src",
"relates_to_product_reference": "8Base-RHOS-16.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcd-0:3.3.23-17.el8ost.x86_64 as a component of Red Hat OpenStack Platform 16.2",
"product_id": "8Base-RHOS-16.2:etcd-0:3.3.23-17.el8ost.x86_64"
},
"product_reference": "etcd-0:3.3.23-17.el8ost.x86_64",
"relates_to_product_reference": "8Base-RHOS-16.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcd-debuginfo-0:3.3.23-17.el8ost.ppc64le as a component of Red Hat OpenStack Platform 16.2",
"product_id": "8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-17.el8ost.ppc64le"
},
"product_reference": "etcd-debuginfo-0:3.3.23-17.el8ost.ppc64le",
"relates_to_product_reference": "8Base-RHOS-16.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcd-debuginfo-0:3.3.23-17.el8ost.x86_64 as a component of Red Hat OpenStack Platform 16.2",
"product_id": "8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-17.el8ost.x86_64"
},
"product_reference": "etcd-debuginfo-0:3.3.23-17.el8ost.x86_64",
"relates_to_product_reference": "8Base-RHOS-16.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcd-debugsource-0:3.3.23-17.el8ost.ppc64le as a component of Red Hat OpenStack Platform 16.2",
"product_id": "8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-17.el8ost.ppc64le"
},
"product_reference": "etcd-debugsource-0:3.3.23-17.el8ost.ppc64le",
"relates_to_product_reference": "8Base-RHOS-16.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcd-debugsource-0:3.3.23-17.el8ost.x86_64 as a component of Red Hat OpenStack Platform 16.2",
"product_id": "8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-17.el8ost.x86_64"
},
"product_reference": "etcd-debugsource-0:3.3.23-17.el8ost.x86_64",
"relates_to_product_reference": "8Base-RHOS-16.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-34156",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2024-09-06T21:20:09.377905+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310528"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in Go\u0027s `encoding/gob` package is of high severity because it exposes applications to potential Denial of Service (DoS) attacks through stack exhaustion. Since `gob` relies on recursive function calls to decode nested structures, an attacker could exploit this by sending crafted messages with excessively deep nesting, causing the application to panic due to stack overflow. This risk is particularly important in scenarios where untrusted or external input is processed, as it can lead to system unavailability or crashes, undermining the reliability and availability of services.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOS-16.2:etcd-0:3.3.23-17.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-0:3.3.23-17.el8ost.src",
"8Base-RHOS-16.2:etcd-0:3.3.23-17.el8ost.x86_64",
"8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-17.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-17.el8ost.x86_64",
"8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-17.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-17.el8ost.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-34156"
},
{
"category": "external",
"summary": "RHBZ#2310528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310528"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-34156",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34156"
},
{
"category": "external",
"summary": "https://go.dev/cl/611239",
"url": "https://go.dev/cl/611239"
},
{
"category": "external",
"summary": "https://go.dev/issue/69139",
"url": "https://go.dev/issue/69139"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk",
"url": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3106",
"url": "https://pkg.go.dev/vuln/GO-2024-3106"
}
],
"release_date": "2024-09-06T21:15:12.020000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-01-09T14:59:44+00:00",
"details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOS-16.2:etcd-0:3.3.23-17.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-0:3.3.23-17.el8ost.src",
"8Base-RHOS-16.2:etcd-0:3.3.23-17.el8ost.x86_64",
"8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-17.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-17.el8ost.x86_64",
"8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-17.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-17.el8ost.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:0203"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOS-16.2:etcd-0:3.3.23-17.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-0:3.3.23-17.el8ost.src",
"8Base-RHOS-16.2:etcd-0:3.3.23-17.el8ost.x86_64",
"8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-17.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-17.el8ost.x86_64",
"8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-17.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-17.el8ost.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOS-16.2:etcd-0:3.3.23-17.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-0:3.3.23-17.el8ost.src",
"8Base-RHOS-16.2:etcd-0:3.3.23-17.el8ost.x86_64",
"8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-17.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-debuginfo-0:3.3.23-17.el8ost.x86_64",
"8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-17.el8ost.ppc64le",
"8Base-RHOS-16.2:etcd-debugsource-0:3.3.23-17.el8ost.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion"
}
]
}
RHSA-2025:0771
Vulnerability from csaf_redhat - Published: 2025-01-28 15:50 - Updated: 2026-07-01 14:00A flaw was found in the go/parser package of the Golang standard library. Calling any Parse functions on Go source code containing deeply nested literals can cause a panic due to stack exhaustion.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:16152f1958c39b2f7796f381acb27927096f33ac1a7202219d4da019b188c9ef_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:3cffca082b5d2451108921b226fd9b938bed64d1879b1e9a0af18896193666a9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:56b114ae63e69d2bfe6d3256778e5f12a525f7f0d8875df1f4df64295fd704f2_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:bbf803f5600ea64977e2dc7b790c18be8bb6012383a8a6051eb4d4bc51927092_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:434e9437aa77e4446fda71d3cbfaa2b5fd65e5f4a4dd81d200c1f7e3ff4a7783_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:446ccce4d7e6bf9746bf3d2227b63f43641dafc2283c2778ab24934357f6f260_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:8a46a94131498c2a46883528b2649e21aabbaa656f28f94d2849511208765ac5_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f97bad0f9da6a369d85ef5f47c20a6e543426031229957495ed8223ed5e1feaa_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:0292bec8929b93cedd56e9b1a3889ca631bd094eb76619ce07c0fa784c149457_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:551271874902237ac31f43fc0f52d5e30a58ed7b4380f6880f72c112424a322d_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:981d1c332435a7d37d9a5471b70e60ed7255fa2e7f376137aa37464fabd827db_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:e6dfdd774aa508d1cae598fbde44944239fb3f27dfc6f696d6b9ed7c55168f70_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:06eecb7e0b06d3619c90ae929bea860214658ea7a67b8ced548902a15961e5d4_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:529880c06d04df8943146b6054733098d6f49049f71c65cb8bb5b90481dc8ec7_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:949a00c7960288625b09bcc33f4458d94a654e9c1d8ff62261376e73e8932843_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:a6ed4b2bb16917f4c170d7f9f37caa40025b2adf26b7b32e3eb29e7c753ad6ab_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:1cd7a7e2c6c74c405cf08a442257e406ecb14ad54eec3c435de2b57a9493c196_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:42f26f43662ad9b36be9d0a71410f5132e13bcbd633b854f0025144b7668a8d0_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:b3e233bf2bcb9c935b916c3a41f1fde7b4f1548f857c708156686432b2b9c543_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:d892e4081236357a3d77722eee8183dde22d67549ba2abddb8ed1ffebaaa27b1_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:40ec162b7ef042ca15e71458e8131d62bb0738d33601e9e7ed615a9b0a09eccf_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:6de95d50fbdf7d0b2ecb26a418a7d86ab9945693e1b24740573c05cf2f0da6b2_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:7c858242c476b0400c38f7ef8a660c4c6961728268a0a0efb873533a80ad3b50_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:98c4abc2b0d3c4c60ca868c88c93b2ee5e8da275a273cd9b2e353d02a15f2128_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:29800c0bfb92819df712408119d059a2700256b70237c19743b3541c7e38ce99_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:623bd5b25e7d0d57cd4bca080fc87aa6f4c1491064f05b34463cdd42be4e44e7_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8f3ec7dc587441eab6fbe90972c48655a9e184906092a6eaaec47724b4549bf2_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d8b03f7ed7c2a36ebcbb04e30d71c9c11180e5103dba60211122f8f606256185_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:16fc462b1947610c47536a9b8abb57b2cd1277867690cfb195d874858ed72463_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:48437e2a84201ddca777297db29a6e2ef9cb39ced750b1abbaa3180cc02ba04b_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:b08bd4365b5ee4f24ee1d192f73d4d1a70440d10adf59a10bfc4214fbeebfe9d_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:f5f651df2afeb3bd590cd606713f160ef27ab1a8999bc2871bb9e9e9db01ca71_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:1e5da2e733d5b9bf9a9407821721f9e99190f95e22e1f4fff3f11b6ab0a0f29a_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:62730230ae5edb7584ba66e3ac1c9745cb5b890c8c740006e69a657725590c4a_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:62b8dd692d5f870e075dbfbdc70cb25804e4bfb4679caf80f75b9103d3b09fe5_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:b87494f2b4d011b9ce88114cb29c9169995784b68ca00b3db30f865dde3e38b8_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:06a18ba00f334dad26685a2d36eb6fd5cb31ab91ab9ca040821c220a735c64ce_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:567a2dafe906090b5e6d6b0ae69419cf5826ab2ebefd3d4253bac42ebc940655_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:a19dfd7d025ea46540213c42383d28ad90a2fb87e478293bdf4bd06c2631c2be_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:cc607efeb62eb4aae47dde0f4306c5105680f9807c8811e94aebc263245ff527_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:2ec06aa6fef877f580ae4be39a56a2da94cd12e1b0eb615e3cbb7056682cbc19_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:77c004f3326e7ca629ab4d5de51c36e4fe909c6dede867b69b90011ea5bcb01c_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:ca1974cb6ecdef6a255f622eeb5f6d70011ca4b8c8555b783cd999ad15e638c0_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:cbf501256a8f4252cc830f259722094c0a81ed2806507b2e92d0442e0c502f4b_ppc64le | — |
Workaround
|
A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:16152f1958c39b2f7796f381acb27927096f33ac1a7202219d4da019b188c9ef_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:3cffca082b5d2451108921b226fd9b938bed64d1879b1e9a0af18896193666a9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:56b114ae63e69d2bfe6d3256778e5f12a525f7f0d8875df1f4df64295fd704f2_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:bbf803f5600ea64977e2dc7b790c18be8bb6012383a8a6051eb4d4bc51927092_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:434e9437aa77e4446fda71d3cbfaa2b5fd65e5f4a4dd81d200c1f7e3ff4a7783_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:446ccce4d7e6bf9746bf3d2227b63f43641dafc2283c2778ab24934357f6f260_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:8a46a94131498c2a46883528b2649e21aabbaa656f28f94d2849511208765ac5_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f97bad0f9da6a369d85ef5f47c20a6e543426031229957495ed8223ed5e1feaa_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:0292bec8929b93cedd56e9b1a3889ca631bd094eb76619ce07c0fa784c149457_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:551271874902237ac31f43fc0f52d5e30a58ed7b4380f6880f72c112424a322d_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:981d1c332435a7d37d9a5471b70e60ed7255fa2e7f376137aa37464fabd827db_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:e6dfdd774aa508d1cae598fbde44944239fb3f27dfc6f696d6b9ed7c55168f70_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:06eecb7e0b06d3619c90ae929bea860214658ea7a67b8ced548902a15961e5d4_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:529880c06d04df8943146b6054733098d6f49049f71c65cb8bb5b90481dc8ec7_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:949a00c7960288625b09bcc33f4458d94a654e9c1d8ff62261376e73e8932843_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:a6ed4b2bb16917f4c170d7f9f37caa40025b2adf26b7b32e3eb29e7c753ad6ab_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:1cd7a7e2c6c74c405cf08a442257e406ecb14ad54eec3c435de2b57a9493c196_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:42f26f43662ad9b36be9d0a71410f5132e13bcbd633b854f0025144b7668a8d0_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:b3e233bf2bcb9c935b916c3a41f1fde7b4f1548f857c708156686432b2b9c543_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:d892e4081236357a3d77722eee8183dde22d67549ba2abddb8ed1ffebaaa27b1_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:40ec162b7ef042ca15e71458e8131d62bb0738d33601e9e7ed615a9b0a09eccf_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:6de95d50fbdf7d0b2ecb26a418a7d86ab9945693e1b24740573c05cf2f0da6b2_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:7c858242c476b0400c38f7ef8a660c4c6961728268a0a0efb873533a80ad3b50_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:98c4abc2b0d3c4c60ca868c88c93b2ee5e8da275a273cd9b2e353d02a15f2128_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:29800c0bfb92819df712408119d059a2700256b70237c19743b3541c7e38ce99_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:623bd5b25e7d0d57cd4bca080fc87aa6f4c1491064f05b34463cdd42be4e44e7_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8f3ec7dc587441eab6fbe90972c48655a9e184906092a6eaaec47724b4549bf2_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d8b03f7ed7c2a36ebcbb04e30d71c9c11180e5103dba60211122f8f606256185_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:16fc462b1947610c47536a9b8abb57b2cd1277867690cfb195d874858ed72463_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:48437e2a84201ddca777297db29a6e2ef9cb39ced750b1abbaa3180cc02ba04b_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:b08bd4365b5ee4f24ee1d192f73d4d1a70440d10adf59a10bfc4214fbeebfe9d_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:f5f651df2afeb3bd590cd606713f160ef27ab1a8999bc2871bb9e9e9db01ca71_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:1e5da2e733d5b9bf9a9407821721f9e99190f95e22e1f4fff3f11b6ab0a0f29a_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:62730230ae5edb7584ba66e3ac1c9745cb5b890c8c740006e69a657725590c4a_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:62b8dd692d5f870e075dbfbdc70cb25804e4bfb4679caf80f75b9103d3b09fe5_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:b87494f2b4d011b9ce88114cb29c9169995784b68ca00b3db30f865dde3e38b8_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:06a18ba00f334dad26685a2d36eb6fd5cb31ab91ab9ca040821c220a735c64ce_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:567a2dafe906090b5e6d6b0ae69419cf5826ab2ebefd3d4253bac42ebc940655_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:a19dfd7d025ea46540213c42383d28ad90a2fb87e478293bdf4bd06c2631c2be_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:cc607efeb62eb4aae47dde0f4306c5105680f9807c8811e94aebc263245ff527_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:2ec06aa6fef877f580ae4be39a56a2da94cd12e1b0eb615e3cbb7056682cbc19_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:77c004f3326e7ca629ab4d5de51c36e4fe909c6dede867b69b90011ea5bcb01c_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:ca1974cb6ecdef6a255f622eeb5f6d70011ca4b8c8555b783cd999ad15e638c0_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:cbf501256a8f4252cc830f259722094c0a81ed2806507b2e92d0442e0c502f4b_ppc64le | — |
Workaround
|
A flaw was found in the go/build/constraint package of the Golang standard library. Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:16152f1958c39b2f7796f381acb27927096f33ac1a7202219d4da019b188c9ef_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:3cffca082b5d2451108921b226fd9b938bed64d1879b1e9a0af18896193666a9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:56b114ae63e69d2bfe6d3256778e5f12a525f7f0d8875df1f4df64295fd704f2_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:bbf803f5600ea64977e2dc7b790c18be8bb6012383a8a6051eb4d4bc51927092_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:434e9437aa77e4446fda71d3cbfaa2b5fd65e5f4a4dd81d200c1f7e3ff4a7783_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:446ccce4d7e6bf9746bf3d2227b63f43641dafc2283c2778ab24934357f6f260_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:8a46a94131498c2a46883528b2649e21aabbaa656f28f94d2849511208765ac5_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f97bad0f9da6a369d85ef5f47c20a6e543426031229957495ed8223ed5e1feaa_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:0292bec8929b93cedd56e9b1a3889ca631bd094eb76619ce07c0fa784c149457_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:551271874902237ac31f43fc0f52d5e30a58ed7b4380f6880f72c112424a322d_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:981d1c332435a7d37d9a5471b70e60ed7255fa2e7f376137aa37464fabd827db_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:e6dfdd774aa508d1cae598fbde44944239fb3f27dfc6f696d6b9ed7c55168f70_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:06eecb7e0b06d3619c90ae929bea860214658ea7a67b8ced548902a15961e5d4_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:529880c06d04df8943146b6054733098d6f49049f71c65cb8bb5b90481dc8ec7_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:949a00c7960288625b09bcc33f4458d94a654e9c1d8ff62261376e73e8932843_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:a6ed4b2bb16917f4c170d7f9f37caa40025b2adf26b7b32e3eb29e7c753ad6ab_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:1cd7a7e2c6c74c405cf08a442257e406ecb14ad54eec3c435de2b57a9493c196_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:42f26f43662ad9b36be9d0a71410f5132e13bcbd633b854f0025144b7668a8d0_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:b3e233bf2bcb9c935b916c3a41f1fde7b4f1548f857c708156686432b2b9c543_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:d892e4081236357a3d77722eee8183dde22d67549ba2abddb8ed1ffebaaa27b1_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:40ec162b7ef042ca15e71458e8131d62bb0738d33601e9e7ed615a9b0a09eccf_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:6de95d50fbdf7d0b2ecb26a418a7d86ab9945693e1b24740573c05cf2f0da6b2_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:7c858242c476b0400c38f7ef8a660c4c6961728268a0a0efb873533a80ad3b50_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:98c4abc2b0d3c4c60ca868c88c93b2ee5e8da275a273cd9b2e353d02a15f2128_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:29800c0bfb92819df712408119d059a2700256b70237c19743b3541c7e38ce99_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:623bd5b25e7d0d57cd4bca080fc87aa6f4c1491064f05b34463cdd42be4e44e7_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8f3ec7dc587441eab6fbe90972c48655a9e184906092a6eaaec47724b4549bf2_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d8b03f7ed7c2a36ebcbb04e30d71c9c11180e5103dba60211122f8f606256185_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:16fc462b1947610c47536a9b8abb57b2cd1277867690cfb195d874858ed72463_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:48437e2a84201ddca777297db29a6e2ef9cb39ced750b1abbaa3180cc02ba04b_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:b08bd4365b5ee4f24ee1d192f73d4d1a70440d10adf59a10bfc4214fbeebfe9d_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:f5f651df2afeb3bd590cd606713f160ef27ab1a8999bc2871bb9e9e9db01ca71_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:1e5da2e733d5b9bf9a9407821721f9e99190f95e22e1f4fff3f11b6ab0a0f29a_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:62730230ae5edb7584ba66e3ac1c9745cb5b890c8c740006e69a657725590c4a_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:62b8dd692d5f870e075dbfbdc70cb25804e4bfb4679caf80f75b9103d3b09fe5_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:b87494f2b4d011b9ce88114cb29c9169995784b68ca00b3db30f865dde3e38b8_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:06a18ba00f334dad26685a2d36eb6fd5cb31ab91ab9ca040821c220a735c64ce_ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:567a2dafe906090b5e6d6b0ae69419cf5826ab2ebefd3d4253bac42ebc940655_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:a19dfd7d025ea46540213c42383d28ad90a2fb87e478293bdf4bd06c2631c2be_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:cc607efeb62eb4aae47dde0f4306c5105680f9807c8811e94aebc263245ff527_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:2ec06aa6fef877f580ae4be39a56a2da94cd12e1b0eb615e3cbb7056682cbc19_arm64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:77c004f3326e7ca629ab4d5de51c36e4fe909c6dede867b69b90011ea5bcb01c_s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:ca1974cb6ecdef6a255f622eeb5f6d70011ca4b8c8555b783cd999ad15e638c0_amd64 | — |
Workaround
|
|
| Unresolved product id: 9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:cbf501256a8f4252cc830f259722094c0a81ed2806507b2e92d0442e0c502f4b_ppc64le | — |
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "OpenShift API for Data Protection (OADP) 1.4.2 is now available.\n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "OpenShift API for Data Protection (OADP) enables you to back up and restore application resources, persistent volume data, and internal container images to external backup storage. OADP enables both file system-based and snapshot-based backups for persistent volumes.\n\nSecurity Fix(es) from Bugzilla:\n\n* encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion (CVE-2024-34156)\n\n* go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion (CVE-2024-34155)\n\n* go/build/constraint: golang: Calling Parse on a \"// +build\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion (CVE-2024-34158)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:0771",
"url": "https://access.redhat.com/errata/RHSA-2025:0771"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2310527",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310527"
},
{
"category": "external",
"summary": "2310528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310528"
},
{
"category": "external",
"summary": "2310529",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310529"
},
{
"category": "external",
"summary": "OADP-4995",
"url": "https://issues.redhat.com/browse/OADP-4995"
},
{
"category": "external",
"summary": "OADP-5044",
"url": "https://issues.redhat.com/browse/OADP-5044"
},
{
"category": "external",
"summary": "OADP-5095",
"url": "https://issues.redhat.com/browse/OADP-5095"
},
{
"category": "external",
"summary": "OADP-5362",
"url": "https://issues.redhat.com/browse/OADP-5362"
},
{
"category": "external",
"summary": "OADP-5388",
"url": "https://issues.redhat.com/browse/OADP-5388"
},
{
"category": "external",
"summary": "OADP-5460",
"url": "https://issues.redhat.com/browse/OADP-5460"
},
{
"category": "external",
"summary": "OADP-5470",
"url": "https://issues.redhat.com/browse/OADP-5470"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_0771.json"
}
],
"title": "Red Hat Security Advisory: OpenShift API for Data Protection (OADP) 1.4.2 security and bug fix update",
"tracking": {
"current_release_date": "2026-07-01T14:00:06+00:00",
"generator": {
"date": "2026-07-01T14:00:06+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2025:0771",
"initial_release_date": "2025-01-28T15:50:58+00:00",
"revision_history": [
{
"date": "2025-01-28T15:50:58+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-01-28T15:50:58+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-01T14:00:06+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "9Base-OADP-1.4",
"product": {
"name": "9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_api_data_protection:1.4::el9"
}
}
}
],
"category": "product_family",
"name": "OpenShift API for Data Protection"
},
{
"branches": [
{
"category": "product_version",
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:446ccce4d7e6bf9746bf3d2227b63f43641dafc2283c2778ab24934357f6f260_s390x",
"product": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:446ccce4d7e6bf9746bf3d2227b63f43641dafc2283c2778ab24934357f6f260_s390x",
"product_id": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:446ccce4d7e6bf9746bf3d2227b63f43641dafc2283c2778ab24934357f6f260_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-kubevirt-velero-plugin-rhel9@sha256:446ccce4d7e6bf9746bf3d2227b63f43641dafc2283c2778ab24934357f6f260?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9\u0026tag=1.4.2-12"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-mustgather-rhel9@sha256:551271874902237ac31f43fc0f52d5e30a58ed7b4380f6880f72c112424a322d_s390x",
"product": {
"name": "oadp/oadp-mustgather-rhel9@sha256:551271874902237ac31f43fc0f52d5e30a58ed7b4380f6880f72c112424a322d_s390x",
"product_id": "oadp/oadp-mustgather-rhel9@sha256:551271874902237ac31f43fc0f52d5e30a58ed7b4380f6880f72c112424a322d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-mustgather-rhel9@sha256:551271874902237ac31f43fc0f52d5e30a58ed7b4380f6880f72c112424a322d?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-mustgather-rhel9\u0026tag=1.4.2-18"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-operator-bundle@sha256:949a00c7960288625b09bcc33f4458d94a654e9c1d8ff62261376e73e8932843_s390x",
"product": {
"name": "oadp/oadp-operator-bundle@sha256:949a00c7960288625b09bcc33f4458d94a654e9c1d8ff62261376e73e8932843_s390x",
"product_id": "oadp/oadp-operator-bundle@sha256:949a00c7960288625b09bcc33f4458d94a654e9c1d8ff62261376e73e8932843_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-operator-bundle@sha256:949a00c7960288625b09bcc33f4458d94a654e9c1d8ff62261376e73e8932843?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-operator-bundle\u0026tag=1.4.2-20"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-rhel9-operator@sha256:1cd7a7e2c6c74c405cf08a442257e406ecb14ad54eec3c435de2b57a9493c196_s390x",
"product": {
"name": "oadp/oadp-rhel9-operator@sha256:1cd7a7e2c6c74c405cf08a442257e406ecb14ad54eec3c435de2b57a9493c196_s390x",
"product_id": "oadp/oadp-rhel9-operator@sha256:1cd7a7e2c6c74c405cf08a442257e406ecb14ad54eec3c435de2b57a9493c196_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-rhel9-operator@sha256:1cd7a7e2c6c74c405cf08a442257e406ecb14ad54eec3c435de2b57a9493c196?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-rhel9-operator\u0026tag=1.4.2-17"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-rhel9@sha256:bbf803f5600ea64977e2dc7b790c18be8bb6012383a8a6051eb4d4bc51927092_s390x",
"product": {
"name": "oadp/oadp-velero-rhel9@sha256:bbf803f5600ea64977e2dc7b790c18be8bb6012383a8a6051eb4d4bc51927092_s390x",
"product_id": "oadp/oadp-velero-rhel9@sha256:bbf803f5600ea64977e2dc7b790c18be8bb6012383a8a6051eb4d4bc51927092_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-rhel9@sha256:bbf803f5600ea64977e2dc7b790c18be8bb6012383a8a6051eb4d4bc51927092?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-rhel9\u0026tag=1.4.2-11"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-rhel9@sha256:cc607efeb62eb4aae47dde0f4306c5105680f9807c8811e94aebc263245ff527_s390x",
"product": {
"name": "oadp/oadp-velero-plugin-rhel9@sha256:cc607efeb62eb4aae47dde0f4306c5105680f9807c8811e94aebc263245ff527_s390x",
"product_id": "oadp/oadp-velero-plugin-rhel9@sha256:cc607efeb62eb4aae47dde0f4306c5105680f9807c8811e94aebc263245ff527_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-rhel9@sha256:cc607efeb62eb4aae47dde0f4306c5105680f9807c8811e94aebc263245ff527?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-rhel9\u0026tag=1.4.2-11"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:6de95d50fbdf7d0b2ecb26a418a7d86ab9945693e1b24740573c05cf2f0da6b2_s390x",
"product": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:6de95d50fbdf7d0b2ecb26a418a7d86ab9945693e1b24740573c05cf2f0da6b2_s390x",
"product_id": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:6de95d50fbdf7d0b2ecb26a418a7d86ab9945693e1b24740573c05cf2f0da6b2_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-aws-rhel9@sha256:6de95d50fbdf7d0b2ecb26a418a7d86ab9945693e1b24740573c05cf2f0da6b2?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9\u0026tag=1.4.2-9"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:29800c0bfb92819df712408119d059a2700256b70237c19743b3541c7e38ce99_s390x",
"product": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:29800c0bfb92819df712408119d059a2700256b70237c19743b3541c7e38ce99_s390x",
"product_id": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:29800c0bfb92819df712408119d059a2700256b70237c19743b3541c7e38ce99_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-gcp-rhel9@sha256:29800c0bfb92819df712408119d059a2700256b70237c19743b3541c7e38ce99?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9\u0026tag=1.4.2-9"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:b08bd4365b5ee4f24ee1d192f73d4d1a70440d10adf59a10bfc4214fbeebfe9d_s390x",
"product": {
"name": "oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:b08bd4365b5ee4f24ee1d192f73d4d1a70440d10adf59a10bfc4214fbeebfe9d_s390x",
"product_id": "oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:b08bd4365b5ee4f24ee1d192f73d4d1a70440d10adf59a10bfc4214fbeebfe9d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:b08bd4365b5ee4f24ee1d192f73d4d1a70440d10adf59a10bfc4214fbeebfe9d?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9\u0026tag=1.4.2-9"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:b87494f2b4d011b9ce88114cb29c9169995784b68ca00b3db30f865dde3e38b8_s390x",
"product": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:b87494f2b4d011b9ce88114cb29c9169995784b68ca00b3db30f865dde3e38b8_s390x",
"product_id": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:b87494f2b4d011b9ce88114cb29c9169995784b68ca00b3db30f865dde3e38b8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:b87494f2b4d011b9ce88114cb29c9169995784b68ca00b3db30f865dde3e38b8?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9\u0026tag=1.4.2-9"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:77c004f3326e7ca629ab4d5de51c36e4fe909c6dede867b69b90011ea5bcb01c_s390x",
"product": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:77c004f3326e7ca629ab4d5de51c36e4fe909c6dede867b69b90011ea5bcb01c_s390x",
"product_id": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:77c004f3326e7ca629ab4d5de51c36e4fe909c6dede867b69b90011ea5bcb01c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-restic-restore-helper-rhel9@sha256:77c004f3326e7ca629ab4d5de51c36e4fe909c6dede867b69b90011ea5bcb01c?arch=s390x\u0026repository_url=registry.redhat.io/oadp/oadp-velero-restic-restore-helper-rhel9\u0026tag=1.4.2-11"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:8a46a94131498c2a46883528b2649e21aabbaa656f28f94d2849511208765ac5_amd64",
"product": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:8a46a94131498c2a46883528b2649e21aabbaa656f28f94d2849511208765ac5_amd64",
"product_id": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:8a46a94131498c2a46883528b2649e21aabbaa656f28f94d2849511208765ac5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-kubevirt-velero-plugin-rhel9@sha256:8a46a94131498c2a46883528b2649e21aabbaa656f28f94d2849511208765ac5?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9\u0026tag=1.4.2-12"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-mustgather-rhel9@sha256:e6dfdd774aa508d1cae598fbde44944239fb3f27dfc6f696d6b9ed7c55168f70_amd64",
"product": {
"name": "oadp/oadp-mustgather-rhel9@sha256:e6dfdd774aa508d1cae598fbde44944239fb3f27dfc6f696d6b9ed7c55168f70_amd64",
"product_id": "oadp/oadp-mustgather-rhel9@sha256:e6dfdd774aa508d1cae598fbde44944239fb3f27dfc6f696d6b9ed7c55168f70_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-mustgather-rhel9@sha256:e6dfdd774aa508d1cae598fbde44944239fb3f27dfc6f696d6b9ed7c55168f70?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-mustgather-rhel9\u0026tag=1.4.2-18"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-operator-bundle@sha256:06eecb7e0b06d3619c90ae929bea860214658ea7a67b8ced548902a15961e5d4_amd64",
"product": {
"name": "oadp/oadp-operator-bundle@sha256:06eecb7e0b06d3619c90ae929bea860214658ea7a67b8ced548902a15961e5d4_amd64",
"product_id": "oadp/oadp-operator-bundle@sha256:06eecb7e0b06d3619c90ae929bea860214658ea7a67b8ced548902a15961e5d4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-operator-bundle@sha256:06eecb7e0b06d3619c90ae929bea860214658ea7a67b8ced548902a15961e5d4?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-operator-bundle\u0026tag=1.4.2-20"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-rhel9-operator@sha256:d892e4081236357a3d77722eee8183dde22d67549ba2abddb8ed1ffebaaa27b1_amd64",
"product": {
"name": "oadp/oadp-rhel9-operator@sha256:d892e4081236357a3d77722eee8183dde22d67549ba2abddb8ed1ffebaaa27b1_amd64",
"product_id": "oadp/oadp-rhel9-operator@sha256:d892e4081236357a3d77722eee8183dde22d67549ba2abddb8ed1ffebaaa27b1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-rhel9-operator@sha256:d892e4081236357a3d77722eee8183dde22d67549ba2abddb8ed1ffebaaa27b1?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-rhel9-operator\u0026tag=1.4.2-17"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-rhel9@sha256:3cffca082b5d2451108921b226fd9b938bed64d1879b1e9a0af18896193666a9_amd64",
"product": {
"name": "oadp/oadp-velero-rhel9@sha256:3cffca082b5d2451108921b226fd9b938bed64d1879b1e9a0af18896193666a9_amd64",
"product_id": "oadp/oadp-velero-rhel9@sha256:3cffca082b5d2451108921b226fd9b938bed64d1879b1e9a0af18896193666a9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-rhel9@sha256:3cffca082b5d2451108921b226fd9b938bed64d1879b1e9a0af18896193666a9?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-rhel9\u0026tag=1.4.2-11"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-rhel9@sha256:567a2dafe906090b5e6d6b0ae69419cf5826ab2ebefd3d4253bac42ebc940655_amd64",
"product": {
"name": "oadp/oadp-velero-plugin-rhel9@sha256:567a2dafe906090b5e6d6b0ae69419cf5826ab2ebefd3d4253bac42ebc940655_amd64",
"product_id": "oadp/oadp-velero-plugin-rhel9@sha256:567a2dafe906090b5e6d6b0ae69419cf5826ab2ebefd3d4253bac42ebc940655_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-rhel9@sha256:567a2dafe906090b5e6d6b0ae69419cf5826ab2ebefd3d4253bac42ebc940655?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-rhel9\u0026tag=1.4.2-11"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:7c858242c476b0400c38f7ef8a660c4c6961728268a0a0efb873533a80ad3b50_amd64",
"product": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:7c858242c476b0400c38f7ef8a660c4c6961728268a0a0efb873533a80ad3b50_amd64",
"product_id": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:7c858242c476b0400c38f7ef8a660c4c6961728268a0a0efb873533a80ad3b50_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-aws-rhel9@sha256:7c858242c476b0400c38f7ef8a660c4c6961728268a0a0efb873533a80ad3b50?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9\u0026tag=1.4.2-9"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d8b03f7ed7c2a36ebcbb04e30d71c9c11180e5103dba60211122f8f606256185_amd64",
"product": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d8b03f7ed7c2a36ebcbb04e30d71c9c11180e5103dba60211122f8f606256185_amd64",
"product_id": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d8b03f7ed7c2a36ebcbb04e30d71c9c11180e5103dba60211122f8f606256185_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-gcp-rhel9@sha256:d8b03f7ed7c2a36ebcbb04e30d71c9c11180e5103dba60211122f8f606256185?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9\u0026tag=1.4.2-9"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:48437e2a84201ddca777297db29a6e2ef9cb39ced750b1abbaa3180cc02ba04b_amd64",
"product": {
"name": "oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:48437e2a84201ddca777297db29a6e2ef9cb39ced750b1abbaa3180cc02ba04b_amd64",
"product_id": "oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:48437e2a84201ddca777297db29a6e2ef9cb39ced750b1abbaa3180cc02ba04b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:48437e2a84201ddca777297db29a6e2ef9cb39ced750b1abbaa3180cc02ba04b?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9\u0026tag=1.4.2-9"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:62730230ae5edb7584ba66e3ac1c9745cb5b890c8c740006e69a657725590c4a_amd64",
"product": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:62730230ae5edb7584ba66e3ac1c9745cb5b890c8c740006e69a657725590c4a_amd64",
"product_id": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:62730230ae5edb7584ba66e3ac1c9745cb5b890c8c740006e69a657725590c4a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:62730230ae5edb7584ba66e3ac1c9745cb5b890c8c740006e69a657725590c4a?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9\u0026tag=1.4.2-9"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:ca1974cb6ecdef6a255f622eeb5f6d70011ca4b8c8555b783cd999ad15e638c0_amd64",
"product": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:ca1974cb6ecdef6a255f622eeb5f6d70011ca4b8c8555b783cd999ad15e638c0_amd64",
"product_id": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:ca1974cb6ecdef6a255f622eeb5f6d70011ca4b8c8555b783cd999ad15e638c0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-restic-restore-helper-rhel9@sha256:ca1974cb6ecdef6a255f622eeb5f6d70011ca4b8c8555b783cd999ad15e638c0?arch=amd64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-restic-restore-helper-rhel9\u0026tag=1.4.2-11"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:434e9437aa77e4446fda71d3cbfaa2b5fd65e5f4a4dd81d200c1f7e3ff4a7783_arm64",
"product": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:434e9437aa77e4446fda71d3cbfaa2b5fd65e5f4a4dd81d200c1f7e3ff4a7783_arm64",
"product_id": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:434e9437aa77e4446fda71d3cbfaa2b5fd65e5f4a4dd81d200c1f7e3ff4a7783_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-kubevirt-velero-plugin-rhel9@sha256:434e9437aa77e4446fda71d3cbfaa2b5fd65e5f4a4dd81d200c1f7e3ff4a7783?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9\u0026tag=1.4.2-12"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-mustgather-rhel9@sha256:0292bec8929b93cedd56e9b1a3889ca631bd094eb76619ce07c0fa784c149457_arm64",
"product": {
"name": "oadp/oadp-mustgather-rhel9@sha256:0292bec8929b93cedd56e9b1a3889ca631bd094eb76619ce07c0fa784c149457_arm64",
"product_id": "oadp/oadp-mustgather-rhel9@sha256:0292bec8929b93cedd56e9b1a3889ca631bd094eb76619ce07c0fa784c149457_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-mustgather-rhel9@sha256:0292bec8929b93cedd56e9b1a3889ca631bd094eb76619ce07c0fa784c149457?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-mustgather-rhel9\u0026tag=1.4.2-18"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-operator-bundle@sha256:529880c06d04df8943146b6054733098d6f49049f71c65cb8bb5b90481dc8ec7_arm64",
"product": {
"name": "oadp/oadp-operator-bundle@sha256:529880c06d04df8943146b6054733098d6f49049f71c65cb8bb5b90481dc8ec7_arm64",
"product_id": "oadp/oadp-operator-bundle@sha256:529880c06d04df8943146b6054733098d6f49049f71c65cb8bb5b90481dc8ec7_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-operator-bundle@sha256:529880c06d04df8943146b6054733098d6f49049f71c65cb8bb5b90481dc8ec7?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-operator-bundle\u0026tag=1.4.2-20"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-rhel9-operator@sha256:42f26f43662ad9b36be9d0a71410f5132e13bcbd633b854f0025144b7668a8d0_arm64",
"product": {
"name": "oadp/oadp-rhel9-operator@sha256:42f26f43662ad9b36be9d0a71410f5132e13bcbd633b854f0025144b7668a8d0_arm64",
"product_id": "oadp/oadp-rhel9-operator@sha256:42f26f43662ad9b36be9d0a71410f5132e13bcbd633b854f0025144b7668a8d0_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-rhel9-operator@sha256:42f26f43662ad9b36be9d0a71410f5132e13bcbd633b854f0025144b7668a8d0?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-rhel9-operator\u0026tag=1.4.2-17"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-rhel9@sha256:56b114ae63e69d2bfe6d3256778e5f12a525f7f0d8875df1f4df64295fd704f2_arm64",
"product": {
"name": "oadp/oadp-velero-rhel9@sha256:56b114ae63e69d2bfe6d3256778e5f12a525f7f0d8875df1f4df64295fd704f2_arm64",
"product_id": "oadp/oadp-velero-rhel9@sha256:56b114ae63e69d2bfe6d3256778e5f12a525f7f0d8875df1f4df64295fd704f2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-rhel9@sha256:56b114ae63e69d2bfe6d3256778e5f12a525f7f0d8875df1f4df64295fd704f2?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-rhel9\u0026tag=1.4.2-11"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-rhel9@sha256:a19dfd7d025ea46540213c42383d28ad90a2fb87e478293bdf4bd06c2631c2be_arm64",
"product": {
"name": "oadp/oadp-velero-plugin-rhel9@sha256:a19dfd7d025ea46540213c42383d28ad90a2fb87e478293bdf4bd06c2631c2be_arm64",
"product_id": "oadp/oadp-velero-plugin-rhel9@sha256:a19dfd7d025ea46540213c42383d28ad90a2fb87e478293bdf4bd06c2631c2be_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-rhel9@sha256:a19dfd7d025ea46540213c42383d28ad90a2fb87e478293bdf4bd06c2631c2be?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-rhel9\u0026tag=1.4.2-11"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:40ec162b7ef042ca15e71458e8131d62bb0738d33601e9e7ed615a9b0a09eccf_arm64",
"product": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:40ec162b7ef042ca15e71458e8131d62bb0738d33601e9e7ed615a9b0a09eccf_arm64",
"product_id": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:40ec162b7ef042ca15e71458e8131d62bb0738d33601e9e7ed615a9b0a09eccf_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-aws-rhel9@sha256:40ec162b7ef042ca15e71458e8131d62bb0738d33601e9e7ed615a9b0a09eccf?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9\u0026tag=1.4.2-9"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8f3ec7dc587441eab6fbe90972c48655a9e184906092a6eaaec47724b4549bf2_arm64",
"product": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8f3ec7dc587441eab6fbe90972c48655a9e184906092a6eaaec47724b4549bf2_arm64",
"product_id": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8f3ec7dc587441eab6fbe90972c48655a9e184906092a6eaaec47724b4549bf2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-gcp-rhel9@sha256:8f3ec7dc587441eab6fbe90972c48655a9e184906092a6eaaec47724b4549bf2?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9\u0026tag=1.4.2-9"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:f5f651df2afeb3bd590cd606713f160ef27ab1a8999bc2871bb9e9e9db01ca71_arm64",
"product": {
"name": "oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:f5f651df2afeb3bd590cd606713f160ef27ab1a8999bc2871bb9e9e9db01ca71_arm64",
"product_id": "oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:f5f651df2afeb3bd590cd606713f160ef27ab1a8999bc2871bb9e9e9db01ca71_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:f5f651df2afeb3bd590cd606713f160ef27ab1a8999bc2871bb9e9e9db01ca71?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9\u0026tag=1.4.2-9"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:62b8dd692d5f870e075dbfbdc70cb25804e4bfb4679caf80f75b9103d3b09fe5_arm64",
"product": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:62b8dd692d5f870e075dbfbdc70cb25804e4bfb4679caf80f75b9103d3b09fe5_arm64",
"product_id": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:62b8dd692d5f870e075dbfbdc70cb25804e4bfb4679caf80f75b9103d3b09fe5_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:62b8dd692d5f870e075dbfbdc70cb25804e4bfb4679caf80f75b9103d3b09fe5?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9\u0026tag=1.4.2-9"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:2ec06aa6fef877f580ae4be39a56a2da94cd12e1b0eb615e3cbb7056682cbc19_arm64",
"product": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:2ec06aa6fef877f580ae4be39a56a2da94cd12e1b0eb615e3cbb7056682cbc19_arm64",
"product_id": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:2ec06aa6fef877f580ae4be39a56a2da94cd12e1b0eb615e3cbb7056682cbc19_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-restic-restore-helper-rhel9@sha256:2ec06aa6fef877f580ae4be39a56a2da94cd12e1b0eb615e3cbb7056682cbc19?arch=arm64\u0026repository_url=registry.redhat.io/oadp/oadp-velero-restic-restore-helper-rhel9\u0026tag=1.4.2-11"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f97bad0f9da6a369d85ef5f47c20a6e543426031229957495ed8223ed5e1feaa_ppc64le",
"product": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f97bad0f9da6a369d85ef5f47c20a6e543426031229957495ed8223ed5e1feaa_ppc64le",
"product_id": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f97bad0f9da6a369d85ef5f47c20a6e543426031229957495ed8223ed5e1feaa_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-kubevirt-velero-plugin-rhel9@sha256:f97bad0f9da6a369d85ef5f47c20a6e543426031229957495ed8223ed5e1feaa?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9\u0026tag=1.4.2-12"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-mustgather-rhel9@sha256:981d1c332435a7d37d9a5471b70e60ed7255fa2e7f376137aa37464fabd827db_ppc64le",
"product": {
"name": "oadp/oadp-mustgather-rhel9@sha256:981d1c332435a7d37d9a5471b70e60ed7255fa2e7f376137aa37464fabd827db_ppc64le",
"product_id": "oadp/oadp-mustgather-rhel9@sha256:981d1c332435a7d37d9a5471b70e60ed7255fa2e7f376137aa37464fabd827db_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-mustgather-rhel9@sha256:981d1c332435a7d37d9a5471b70e60ed7255fa2e7f376137aa37464fabd827db?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-mustgather-rhel9\u0026tag=1.4.2-18"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-operator-bundle@sha256:a6ed4b2bb16917f4c170d7f9f37caa40025b2adf26b7b32e3eb29e7c753ad6ab_ppc64le",
"product": {
"name": "oadp/oadp-operator-bundle@sha256:a6ed4b2bb16917f4c170d7f9f37caa40025b2adf26b7b32e3eb29e7c753ad6ab_ppc64le",
"product_id": "oadp/oadp-operator-bundle@sha256:a6ed4b2bb16917f4c170d7f9f37caa40025b2adf26b7b32e3eb29e7c753ad6ab_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-operator-bundle@sha256:a6ed4b2bb16917f4c170d7f9f37caa40025b2adf26b7b32e3eb29e7c753ad6ab?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-operator-bundle\u0026tag=1.4.2-20"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-rhel9-operator@sha256:b3e233bf2bcb9c935b916c3a41f1fde7b4f1548f857c708156686432b2b9c543_ppc64le",
"product": {
"name": "oadp/oadp-rhel9-operator@sha256:b3e233bf2bcb9c935b916c3a41f1fde7b4f1548f857c708156686432b2b9c543_ppc64le",
"product_id": "oadp/oadp-rhel9-operator@sha256:b3e233bf2bcb9c935b916c3a41f1fde7b4f1548f857c708156686432b2b9c543_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-rhel9-operator@sha256:b3e233bf2bcb9c935b916c3a41f1fde7b4f1548f857c708156686432b2b9c543?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-rhel9-operator\u0026tag=1.4.2-17"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-rhel9@sha256:16152f1958c39b2f7796f381acb27927096f33ac1a7202219d4da019b188c9ef_ppc64le",
"product": {
"name": "oadp/oadp-velero-rhel9@sha256:16152f1958c39b2f7796f381acb27927096f33ac1a7202219d4da019b188c9ef_ppc64le",
"product_id": "oadp/oadp-velero-rhel9@sha256:16152f1958c39b2f7796f381acb27927096f33ac1a7202219d4da019b188c9ef_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-rhel9@sha256:16152f1958c39b2f7796f381acb27927096f33ac1a7202219d4da019b188c9ef?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-rhel9\u0026tag=1.4.2-11"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-rhel9@sha256:06a18ba00f334dad26685a2d36eb6fd5cb31ab91ab9ca040821c220a735c64ce_ppc64le",
"product": {
"name": "oadp/oadp-velero-plugin-rhel9@sha256:06a18ba00f334dad26685a2d36eb6fd5cb31ab91ab9ca040821c220a735c64ce_ppc64le",
"product_id": "oadp/oadp-velero-plugin-rhel9@sha256:06a18ba00f334dad26685a2d36eb6fd5cb31ab91ab9ca040821c220a735c64ce_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-rhel9@sha256:06a18ba00f334dad26685a2d36eb6fd5cb31ab91ab9ca040821c220a735c64ce?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-rhel9\u0026tag=1.4.2-11"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:98c4abc2b0d3c4c60ca868c88c93b2ee5e8da275a273cd9b2e353d02a15f2128_ppc64le",
"product": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:98c4abc2b0d3c4c60ca868c88c93b2ee5e8da275a273cd9b2e353d02a15f2128_ppc64le",
"product_id": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:98c4abc2b0d3c4c60ca868c88c93b2ee5e8da275a273cd9b2e353d02a15f2128_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-aws-rhel9@sha256:98c4abc2b0d3c4c60ca868c88c93b2ee5e8da275a273cd9b2e353d02a15f2128?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9\u0026tag=1.4.2-9"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:623bd5b25e7d0d57cd4bca080fc87aa6f4c1491064f05b34463cdd42be4e44e7_ppc64le",
"product": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:623bd5b25e7d0d57cd4bca080fc87aa6f4c1491064f05b34463cdd42be4e44e7_ppc64le",
"product_id": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:623bd5b25e7d0d57cd4bca080fc87aa6f4c1491064f05b34463cdd42be4e44e7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-gcp-rhel9@sha256:623bd5b25e7d0d57cd4bca080fc87aa6f4c1491064f05b34463cdd42be4e44e7?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9\u0026tag=1.4.2-9"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:16fc462b1947610c47536a9b8abb57b2cd1277867690cfb195d874858ed72463_ppc64le",
"product": {
"name": "oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:16fc462b1947610c47536a9b8abb57b2cd1277867690cfb195d874858ed72463_ppc64le",
"product_id": "oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:16fc462b1947610c47536a9b8abb57b2cd1277867690cfb195d874858ed72463_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:16fc462b1947610c47536a9b8abb57b2cd1277867690cfb195d874858ed72463?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9\u0026tag=1.4.2-9"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:1e5da2e733d5b9bf9a9407821721f9e99190f95e22e1f4fff3f11b6ab0a0f29a_ppc64le",
"product": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:1e5da2e733d5b9bf9a9407821721f9e99190f95e22e1f4fff3f11b6ab0a0f29a_ppc64le",
"product_id": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:1e5da2e733d5b9bf9a9407821721f9e99190f95e22e1f4fff3f11b6ab0a0f29a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:1e5da2e733d5b9bf9a9407821721f9e99190f95e22e1f4fff3f11b6ab0a0f29a?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9\u0026tag=1.4.2-9"
}
}
},
{
"category": "product_version",
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:cbf501256a8f4252cc830f259722094c0a81ed2806507b2e92d0442e0c502f4b_ppc64le",
"product": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:cbf501256a8f4252cc830f259722094c0a81ed2806507b2e92d0442e0c502f4b_ppc64le",
"product_id": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:cbf501256a8f4252cc830f259722094c0a81ed2806507b2e92d0442e0c502f4b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-restic-restore-helper-rhel9@sha256:cbf501256a8f4252cc830f259722094c0a81ed2806507b2e92d0442e0c502f4b?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp/oadp-velero-restic-restore-helper-rhel9\u0026tag=1.4.2-11"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:434e9437aa77e4446fda71d3cbfaa2b5fd65e5f4a4dd81d200c1f7e3ff4a7783_arm64 as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:434e9437aa77e4446fda71d3cbfaa2b5fd65e5f4a4dd81d200c1f7e3ff4a7783_arm64"
},
"product_reference": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:434e9437aa77e4446fda71d3cbfaa2b5fd65e5f4a4dd81d200c1f7e3ff4a7783_arm64",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:446ccce4d7e6bf9746bf3d2227b63f43641dafc2283c2778ab24934357f6f260_s390x as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:446ccce4d7e6bf9746bf3d2227b63f43641dafc2283c2778ab24934357f6f260_s390x"
},
"product_reference": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:446ccce4d7e6bf9746bf3d2227b63f43641dafc2283c2778ab24934357f6f260_s390x",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:8a46a94131498c2a46883528b2649e21aabbaa656f28f94d2849511208765ac5_amd64 as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:8a46a94131498c2a46883528b2649e21aabbaa656f28f94d2849511208765ac5_amd64"
},
"product_reference": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:8a46a94131498c2a46883528b2649e21aabbaa656f28f94d2849511208765ac5_amd64",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f97bad0f9da6a369d85ef5f47c20a6e543426031229957495ed8223ed5e1feaa_ppc64le as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f97bad0f9da6a369d85ef5f47c20a6e543426031229957495ed8223ed5e1feaa_ppc64le"
},
"product_reference": "oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f97bad0f9da6a369d85ef5f47c20a6e543426031229957495ed8223ed5e1feaa_ppc64le",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-mustgather-rhel9@sha256:0292bec8929b93cedd56e9b1a3889ca631bd094eb76619ce07c0fa784c149457_arm64 as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:0292bec8929b93cedd56e9b1a3889ca631bd094eb76619ce07c0fa784c149457_arm64"
},
"product_reference": "oadp/oadp-mustgather-rhel9@sha256:0292bec8929b93cedd56e9b1a3889ca631bd094eb76619ce07c0fa784c149457_arm64",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-mustgather-rhel9@sha256:551271874902237ac31f43fc0f52d5e30a58ed7b4380f6880f72c112424a322d_s390x as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:551271874902237ac31f43fc0f52d5e30a58ed7b4380f6880f72c112424a322d_s390x"
},
"product_reference": "oadp/oadp-mustgather-rhel9@sha256:551271874902237ac31f43fc0f52d5e30a58ed7b4380f6880f72c112424a322d_s390x",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-mustgather-rhel9@sha256:981d1c332435a7d37d9a5471b70e60ed7255fa2e7f376137aa37464fabd827db_ppc64le as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:981d1c332435a7d37d9a5471b70e60ed7255fa2e7f376137aa37464fabd827db_ppc64le"
},
"product_reference": "oadp/oadp-mustgather-rhel9@sha256:981d1c332435a7d37d9a5471b70e60ed7255fa2e7f376137aa37464fabd827db_ppc64le",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-mustgather-rhel9@sha256:e6dfdd774aa508d1cae598fbde44944239fb3f27dfc6f696d6b9ed7c55168f70_amd64 as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:e6dfdd774aa508d1cae598fbde44944239fb3f27dfc6f696d6b9ed7c55168f70_amd64"
},
"product_reference": "oadp/oadp-mustgather-rhel9@sha256:e6dfdd774aa508d1cae598fbde44944239fb3f27dfc6f696d6b9ed7c55168f70_amd64",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-operator-bundle@sha256:06eecb7e0b06d3619c90ae929bea860214658ea7a67b8ced548902a15961e5d4_amd64 as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:06eecb7e0b06d3619c90ae929bea860214658ea7a67b8ced548902a15961e5d4_amd64"
},
"product_reference": "oadp/oadp-operator-bundle@sha256:06eecb7e0b06d3619c90ae929bea860214658ea7a67b8ced548902a15961e5d4_amd64",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-operator-bundle@sha256:529880c06d04df8943146b6054733098d6f49049f71c65cb8bb5b90481dc8ec7_arm64 as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:529880c06d04df8943146b6054733098d6f49049f71c65cb8bb5b90481dc8ec7_arm64"
},
"product_reference": "oadp/oadp-operator-bundle@sha256:529880c06d04df8943146b6054733098d6f49049f71c65cb8bb5b90481dc8ec7_arm64",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-operator-bundle@sha256:949a00c7960288625b09bcc33f4458d94a654e9c1d8ff62261376e73e8932843_s390x as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:949a00c7960288625b09bcc33f4458d94a654e9c1d8ff62261376e73e8932843_s390x"
},
"product_reference": "oadp/oadp-operator-bundle@sha256:949a00c7960288625b09bcc33f4458d94a654e9c1d8ff62261376e73e8932843_s390x",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-operator-bundle@sha256:a6ed4b2bb16917f4c170d7f9f37caa40025b2adf26b7b32e3eb29e7c753ad6ab_ppc64le as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:a6ed4b2bb16917f4c170d7f9f37caa40025b2adf26b7b32e3eb29e7c753ad6ab_ppc64le"
},
"product_reference": "oadp/oadp-operator-bundle@sha256:a6ed4b2bb16917f4c170d7f9f37caa40025b2adf26b7b32e3eb29e7c753ad6ab_ppc64le",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-rhel9-operator@sha256:1cd7a7e2c6c74c405cf08a442257e406ecb14ad54eec3c435de2b57a9493c196_s390x as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:1cd7a7e2c6c74c405cf08a442257e406ecb14ad54eec3c435de2b57a9493c196_s390x"
},
"product_reference": "oadp/oadp-rhel9-operator@sha256:1cd7a7e2c6c74c405cf08a442257e406ecb14ad54eec3c435de2b57a9493c196_s390x",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-rhel9-operator@sha256:42f26f43662ad9b36be9d0a71410f5132e13bcbd633b854f0025144b7668a8d0_arm64 as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:42f26f43662ad9b36be9d0a71410f5132e13bcbd633b854f0025144b7668a8d0_arm64"
},
"product_reference": "oadp/oadp-rhel9-operator@sha256:42f26f43662ad9b36be9d0a71410f5132e13bcbd633b854f0025144b7668a8d0_arm64",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-rhel9-operator@sha256:b3e233bf2bcb9c935b916c3a41f1fde7b4f1548f857c708156686432b2b9c543_ppc64le as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:b3e233bf2bcb9c935b916c3a41f1fde7b4f1548f857c708156686432b2b9c543_ppc64le"
},
"product_reference": "oadp/oadp-rhel9-operator@sha256:b3e233bf2bcb9c935b916c3a41f1fde7b4f1548f857c708156686432b2b9c543_ppc64le",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-rhel9-operator@sha256:d892e4081236357a3d77722eee8183dde22d67549ba2abddb8ed1ffebaaa27b1_amd64 as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:d892e4081236357a3d77722eee8183dde22d67549ba2abddb8ed1ffebaaa27b1_amd64"
},
"product_reference": "oadp/oadp-rhel9-operator@sha256:d892e4081236357a3d77722eee8183dde22d67549ba2abddb8ed1ffebaaa27b1_amd64",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:40ec162b7ef042ca15e71458e8131d62bb0738d33601e9e7ed615a9b0a09eccf_arm64 as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:40ec162b7ef042ca15e71458e8131d62bb0738d33601e9e7ed615a9b0a09eccf_arm64"
},
"product_reference": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:40ec162b7ef042ca15e71458e8131d62bb0738d33601e9e7ed615a9b0a09eccf_arm64",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:6de95d50fbdf7d0b2ecb26a418a7d86ab9945693e1b24740573c05cf2f0da6b2_s390x as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:6de95d50fbdf7d0b2ecb26a418a7d86ab9945693e1b24740573c05cf2f0da6b2_s390x"
},
"product_reference": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:6de95d50fbdf7d0b2ecb26a418a7d86ab9945693e1b24740573c05cf2f0da6b2_s390x",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:7c858242c476b0400c38f7ef8a660c4c6961728268a0a0efb873533a80ad3b50_amd64 as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:7c858242c476b0400c38f7ef8a660c4c6961728268a0a0efb873533a80ad3b50_amd64"
},
"product_reference": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:7c858242c476b0400c38f7ef8a660c4c6961728268a0a0efb873533a80ad3b50_amd64",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:98c4abc2b0d3c4c60ca868c88c93b2ee5e8da275a273cd9b2e353d02a15f2128_ppc64le as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:98c4abc2b0d3c4c60ca868c88c93b2ee5e8da275a273cd9b2e353d02a15f2128_ppc64le"
},
"product_reference": "oadp/oadp-velero-plugin-for-aws-rhel9@sha256:98c4abc2b0d3c4c60ca868c88c93b2ee5e8da275a273cd9b2e353d02a15f2128_ppc64le",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:29800c0bfb92819df712408119d059a2700256b70237c19743b3541c7e38ce99_s390x as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:29800c0bfb92819df712408119d059a2700256b70237c19743b3541c7e38ce99_s390x"
},
"product_reference": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:29800c0bfb92819df712408119d059a2700256b70237c19743b3541c7e38ce99_s390x",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:623bd5b25e7d0d57cd4bca080fc87aa6f4c1491064f05b34463cdd42be4e44e7_ppc64le as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:623bd5b25e7d0d57cd4bca080fc87aa6f4c1491064f05b34463cdd42be4e44e7_ppc64le"
},
"product_reference": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:623bd5b25e7d0d57cd4bca080fc87aa6f4c1491064f05b34463cdd42be4e44e7_ppc64le",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8f3ec7dc587441eab6fbe90972c48655a9e184906092a6eaaec47724b4549bf2_arm64 as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8f3ec7dc587441eab6fbe90972c48655a9e184906092a6eaaec47724b4549bf2_arm64"
},
"product_reference": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8f3ec7dc587441eab6fbe90972c48655a9e184906092a6eaaec47724b4549bf2_arm64",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d8b03f7ed7c2a36ebcbb04e30d71c9c11180e5103dba60211122f8f606256185_amd64 as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d8b03f7ed7c2a36ebcbb04e30d71c9c11180e5103dba60211122f8f606256185_amd64"
},
"product_reference": "oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d8b03f7ed7c2a36ebcbb04e30d71c9c11180e5103dba60211122f8f606256185_amd64",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:16fc462b1947610c47536a9b8abb57b2cd1277867690cfb195d874858ed72463_ppc64le as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:16fc462b1947610c47536a9b8abb57b2cd1277867690cfb195d874858ed72463_ppc64le"
},
"product_reference": "oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:16fc462b1947610c47536a9b8abb57b2cd1277867690cfb195d874858ed72463_ppc64le",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:48437e2a84201ddca777297db29a6e2ef9cb39ced750b1abbaa3180cc02ba04b_amd64 as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:48437e2a84201ddca777297db29a6e2ef9cb39ced750b1abbaa3180cc02ba04b_amd64"
},
"product_reference": "oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:48437e2a84201ddca777297db29a6e2ef9cb39ced750b1abbaa3180cc02ba04b_amd64",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:b08bd4365b5ee4f24ee1d192f73d4d1a70440d10adf59a10bfc4214fbeebfe9d_s390x as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:b08bd4365b5ee4f24ee1d192f73d4d1a70440d10adf59a10bfc4214fbeebfe9d_s390x"
},
"product_reference": "oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:b08bd4365b5ee4f24ee1d192f73d4d1a70440d10adf59a10bfc4214fbeebfe9d_s390x",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:f5f651df2afeb3bd590cd606713f160ef27ab1a8999bc2871bb9e9e9db01ca71_arm64 as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:f5f651df2afeb3bd590cd606713f160ef27ab1a8999bc2871bb9e9e9db01ca71_arm64"
},
"product_reference": "oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:f5f651df2afeb3bd590cd606713f160ef27ab1a8999bc2871bb9e9e9db01ca71_arm64",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:1e5da2e733d5b9bf9a9407821721f9e99190f95e22e1f4fff3f11b6ab0a0f29a_ppc64le as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:1e5da2e733d5b9bf9a9407821721f9e99190f95e22e1f4fff3f11b6ab0a0f29a_ppc64le"
},
"product_reference": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:1e5da2e733d5b9bf9a9407821721f9e99190f95e22e1f4fff3f11b6ab0a0f29a_ppc64le",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:62730230ae5edb7584ba66e3ac1c9745cb5b890c8c740006e69a657725590c4a_amd64 as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:62730230ae5edb7584ba66e3ac1c9745cb5b890c8c740006e69a657725590c4a_amd64"
},
"product_reference": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:62730230ae5edb7584ba66e3ac1c9745cb5b890c8c740006e69a657725590c4a_amd64",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:62b8dd692d5f870e075dbfbdc70cb25804e4bfb4679caf80f75b9103d3b09fe5_arm64 as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:62b8dd692d5f870e075dbfbdc70cb25804e4bfb4679caf80f75b9103d3b09fe5_arm64"
},
"product_reference": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:62b8dd692d5f870e075dbfbdc70cb25804e4bfb4679caf80f75b9103d3b09fe5_arm64",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:b87494f2b4d011b9ce88114cb29c9169995784b68ca00b3db30f865dde3e38b8_s390x as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:b87494f2b4d011b9ce88114cb29c9169995784b68ca00b3db30f865dde3e38b8_s390x"
},
"product_reference": "oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:b87494f2b4d011b9ce88114cb29c9169995784b68ca00b3db30f865dde3e38b8_s390x",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-rhel9@sha256:06a18ba00f334dad26685a2d36eb6fd5cb31ab91ab9ca040821c220a735c64ce_ppc64le as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:06a18ba00f334dad26685a2d36eb6fd5cb31ab91ab9ca040821c220a735c64ce_ppc64le"
},
"product_reference": "oadp/oadp-velero-plugin-rhel9@sha256:06a18ba00f334dad26685a2d36eb6fd5cb31ab91ab9ca040821c220a735c64ce_ppc64le",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-rhel9@sha256:567a2dafe906090b5e6d6b0ae69419cf5826ab2ebefd3d4253bac42ebc940655_amd64 as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:567a2dafe906090b5e6d6b0ae69419cf5826ab2ebefd3d4253bac42ebc940655_amd64"
},
"product_reference": "oadp/oadp-velero-plugin-rhel9@sha256:567a2dafe906090b5e6d6b0ae69419cf5826ab2ebefd3d4253bac42ebc940655_amd64",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-rhel9@sha256:a19dfd7d025ea46540213c42383d28ad90a2fb87e478293bdf4bd06c2631c2be_arm64 as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:a19dfd7d025ea46540213c42383d28ad90a2fb87e478293bdf4bd06c2631c2be_arm64"
},
"product_reference": "oadp/oadp-velero-plugin-rhel9@sha256:a19dfd7d025ea46540213c42383d28ad90a2fb87e478293bdf4bd06c2631c2be_arm64",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-plugin-rhel9@sha256:cc607efeb62eb4aae47dde0f4306c5105680f9807c8811e94aebc263245ff527_s390x as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:cc607efeb62eb4aae47dde0f4306c5105680f9807c8811e94aebc263245ff527_s390x"
},
"product_reference": "oadp/oadp-velero-plugin-rhel9@sha256:cc607efeb62eb4aae47dde0f4306c5105680f9807c8811e94aebc263245ff527_s390x",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:2ec06aa6fef877f580ae4be39a56a2da94cd12e1b0eb615e3cbb7056682cbc19_arm64 as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:2ec06aa6fef877f580ae4be39a56a2da94cd12e1b0eb615e3cbb7056682cbc19_arm64"
},
"product_reference": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:2ec06aa6fef877f580ae4be39a56a2da94cd12e1b0eb615e3cbb7056682cbc19_arm64",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:77c004f3326e7ca629ab4d5de51c36e4fe909c6dede867b69b90011ea5bcb01c_s390x as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:77c004f3326e7ca629ab4d5de51c36e4fe909c6dede867b69b90011ea5bcb01c_s390x"
},
"product_reference": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:77c004f3326e7ca629ab4d5de51c36e4fe909c6dede867b69b90011ea5bcb01c_s390x",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:ca1974cb6ecdef6a255f622eeb5f6d70011ca4b8c8555b783cd999ad15e638c0_amd64 as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:ca1974cb6ecdef6a255f622eeb5f6d70011ca4b8c8555b783cd999ad15e638c0_amd64"
},
"product_reference": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:ca1974cb6ecdef6a255f622eeb5f6d70011ca4b8c8555b783cd999ad15e638c0_amd64",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:cbf501256a8f4252cc830f259722094c0a81ed2806507b2e92d0442e0c502f4b_ppc64le as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:cbf501256a8f4252cc830f259722094c0a81ed2806507b2e92d0442e0c502f4b_ppc64le"
},
"product_reference": "oadp/oadp-velero-restic-restore-helper-rhel9@sha256:cbf501256a8f4252cc830f259722094c0a81ed2806507b2e92d0442e0c502f4b_ppc64le",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-rhel9@sha256:16152f1958c39b2f7796f381acb27927096f33ac1a7202219d4da019b188c9ef_ppc64le as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:16152f1958c39b2f7796f381acb27927096f33ac1a7202219d4da019b188c9ef_ppc64le"
},
"product_reference": "oadp/oadp-velero-rhel9@sha256:16152f1958c39b2f7796f381acb27927096f33ac1a7202219d4da019b188c9ef_ppc64le",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-rhel9@sha256:3cffca082b5d2451108921b226fd9b938bed64d1879b1e9a0af18896193666a9_amd64 as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:3cffca082b5d2451108921b226fd9b938bed64d1879b1e9a0af18896193666a9_amd64"
},
"product_reference": "oadp/oadp-velero-rhel9@sha256:3cffca082b5d2451108921b226fd9b938bed64d1879b1e9a0af18896193666a9_amd64",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-rhel9@sha256:56b114ae63e69d2bfe6d3256778e5f12a525f7f0d8875df1f4df64295fd704f2_arm64 as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:56b114ae63e69d2bfe6d3256778e5f12a525f7f0d8875df1f4df64295fd704f2_arm64"
},
"product_reference": "oadp/oadp-velero-rhel9@sha256:56b114ae63e69d2bfe6d3256778e5f12a525f7f0d8875df1f4df64295fd704f2_arm64",
"relates_to_product_reference": "9Base-OADP-1.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oadp/oadp-velero-rhel9@sha256:bbf803f5600ea64977e2dc7b790c18be8bb6012383a8a6051eb4d4bc51927092_s390x as a component of 9Base-OADP-1.4",
"product_id": "9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:bbf803f5600ea64977e2dc7b790c18be8bb6012383a8a6051eb4d4bc51927092_s390x"
},
"product_reference": "oadp/oadp-velero-rhel9@sha256:bbf803f5600ea64977e2dc7b790c18be8bb6012383a8a6051eb4d4bc51927092_s390x",
"relates_to_product_reference": "9Base-OADP-1.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-34155",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2024-09-06T21:20:06.929766+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:434e9437aa77e4446fda71d3cbfaa2b5fd65e5f4a4dd81d200c1f7e3ff4a7783_arm64",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:446ccce4d7e6bf9746bf3d2227b63f43641dafc2283c2778ab24934357f6f260_s390x",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:8a46a94131498c2a46883528b2649e21aabbaa656f28f94d2849511208765ac5_amd64",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f97bad0f9da6a369d85ef5f47c20a6e543426031229957495ed8223ed5e1feaa_ppc64le",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:0292bec8929b93cedd56e9b1a3889ca631bd094eb76619ce07c0fa784c149457_arm64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:551271874902237ac31f43fc0f52d5e30a58ed7b4380f6880f72c112424a322d_s390x",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:981d1c332435a7d37d9a5471b70e60ed7255fa2e7f376137aa37464fabd827db_ppc64le",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:e6dfdd774aa508d1cae598fbde44944239fb3f27dfc6f696d6b9ed7c55168f70_amd64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:06eecb7e0b06d3619c90ae929bea860214658ea7a67b8ced548902a15961e5d4_amd64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:529880c06d04df8943146b6054733098d6f49049f71c65cb8bb5b90481dc8ec7_arm64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:949a00c7960288625b09bcc33f4458d94a654e9c1d8ff62261376e73e8932843_s390x",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:a6ed4b2bb16917f4c170d7f9f37caa40025b2adf26b7b32e3eb29e7c753ad6ab_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:1cd7a7e2c6c74c405cf08a442257e406ecb14ad54eec3c435de2b57a9493c196_s390x",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:42f26f43662ad9b36be9d0a71410f5132e13bcbd633b854f0025144b7668a8d0_arm64",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:b3e233bf2bcb9c935b916c3a41f1fde7b4f1548f857c708156686432b2b9c543_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:d892e4081236357a3d77722eee8183dde22d67549ba2abddb8ed1ffebaaa27b1_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:40ec162b7ef042ca15e71458e8131d62bb0738d33601e9e7ed615a9b0a09eccf_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:6de95d50fbdf7d0b2ecb26a418a7d86ab9945693e1b24740573c05cf2f0da6b2_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:7c858242c476b0400c38f7ef8a660c4c6961728268a0a0efb873533a80ad3b50_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:98c4abc2b0d3c4c60ca868c88c93b2ee5e8da275a273cd9b2e353d02a15f2128_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:29800c0bfb92819df712408119d059a2700256b70237c19743b3541c7e38ce99_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:623bd5b25e7d0d57cd4bca080fc87aa6f4c1491064f05b34463cdd42be4e44e7_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8f3ec7dc587441eab6fbe90972c48655a9e184906092a6eaaec47724b4549bf2_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d8b03f7ed7c2a36ebcbb04e30d71c9c11180e5103dba60211122f8f606256185_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:16fc462b1947610c47536a9b8abb57b2cd1277867690cfb195d874858ed72463_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:48437e2a84201ddca777297db29a6e2ef9cb39ced750b1abbaa3180cc02ba04b_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:b08bd4365b5ee4f24ee1d192f73d4d1a70440d10adf59a10bfc4214fbeebfe9d_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:f5f651df2afeb3bd590cd606713f160ef27ab1a8999bc2871bb9e9e9db01ca71_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:1e5da2e733d5b9bf9a9407821721f9e99190f95e22e1f4fff3f11b6ab0a0f29a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:62730230ae5edb7584ba66e3ac1c9745cb5b890c8c740006e69a657725590c4a_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:62b8dd692d5f870e075dbfbdc70cb25804e4bfb4679caf80f75b9103d3b09fe5_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:b87494f2b4d011b9ce88114cb29c9169995784b68ca00b3db30f865dde3e38b8_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:06a18ba00f334dad26685a2d36eb6fd5cb31ab91ab9ca040821c220a735c64ce_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:567a2dafe906090b5e6d6b0ae69419cf5826ab2ebefd3d4253bac42ebc940655_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:a19dfd7d025ea46540213c42383d28ad90a2fb87e478293bdf4bd06c2631c2be_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:cc607efeb62eb4aae47dde0f4306c5105680f9807c8811e94aebc263245ff527_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:2ec06aa6fef877f580ae4be39a56a2da94cd12e1b0eb615e3cbb7056682cbc19_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:77c004f3326e7ca629ab4d5de51c36e4fe909c6dede867b69b90011ea5bcb01c_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:ca1974cb6ecdef6a255f622eeb5f6d70011ca4b8c8555b783cd999ad15e638c0_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:cbf501256a8f4252cc830f259722094c0a81ed2806507b2e92d0442e0c502f4b_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310527"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the go/parser package of the Golang standard library. Calling any Parse functions on Go source code containing deeply nested literals can cause a panic due to stack exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:16152f1958c39b2f7796f381acb27927096f33ac1a7202219d4da019b188c9ef_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:3cffca082b5d2451108921b226fd9b938bed64d1879b1e9a0af18896193666a9_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:56b114ae63e69d2bfe6d3256778e5f12a525f7f0d8875df1f4df64295fd704f2_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:bbf803f5600ea64977e2dc7b790c18be8bb6012383a8a6051eb4d4bc51927092_s390x"
],
"known_not_affected": [
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:434e9437aa77e4446fda71d3cbfaa2b5fd65e5f4a4dd81d200c1f7e3ff4a7783_arm64",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:446ccce4d7e6bf9746bf3d2227b63f43641dafc2283c2778ab24934357f6f260_s390x",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:8a46a94131498c2a46883528b2649e21aabbaa656f28f94d2849511208765ac5_amd64",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f97bad0f9da6a369d85ef5f47c20a6e543426031229957495ed8223ed5e1feaa_ppc64le",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:0292bec8929b93cedd56e9b1a3889ca631bd094eb76619ce07c0fa784c149457_arm64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:551271874902237ac31f43fc0f52d5e30a58ed7b4380f6880f72c112424a322d_s390x",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:981d1c332435a7d37d9a5471b70e60ed7255fa2e7f376137aa37464fabd827db_ppc64le",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:e6dfdd774aa508d1cae598fbde44944239fb3f27dfc6f696d6b9ed7c55168f70_amd64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:06eecb7e0b06d3619c90ae929bea860214658ea7a67b8ced548902a15961e5d4_amd64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:529880c06d04df8943146b6054733098d6f49049f71c65cb8bb5b90481dc8ec7_arm64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:949a00c7960288625b09bcc33f4458d94a654e9c1d8ff62261376e73e8932843_s390x",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:a6ed4b2bb16917f4c170d7f9f37caa40025b2adf26b7b32e3eb29e7c753ad6ab_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:1cd7a7e2c6c74c405cf08a442257e406ecb14ad54eec3c435de2b57a9493c196_s390x",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:42f26f43662ad9b36be9d0a71410f5132e13bcbd633b854f0025144b7668a8d0_arm64",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:b3e233bf2bcb9c935b916c3a41f1fde7b4f1548f857c708156686432b2b9c543_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:d892e4081236357a3d77722eee8183dde22d67549ba2abddb8ed1ffebaaa27b1_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:40ec162b7ef042ca15e71458e8131d62bb0738d33601e9e7ed615a9b0a09eccf_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:6de95d50fbdf7d0b2ecb26a418a7d86ab9945693e1b24740573c05cf2f0da6b2_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:7c858242c476b0400c38f7ef8a660c4c6961728268a0a0efb873533a80ad3b50_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:98c4abc2b0d3c4c60ca868c88c93b2ee5e8da275a273cd9b2e353d02a15f2128_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:29800c0bfb92819df712408119d059a2700256b70237c19743b3541c7e38ce99_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:623bd5b25e7d0d57cd4bca080fc87aa6f4c1491064f05b34463cdd42be4e44e7_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8f3ec7dc587441eab6fbe90972c48655a9e184906092a6eaaec47724b4549bf2_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d8b03f7ed7c2a36ebcbb04e30d71c9c11180e5103dba60211122f8f606256185_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:16fc462b1947610c47536a9b8abb57b2cd1277867690cfb195d874858ed72463_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:48437e2a84201ddca777297db29a6e2ef9cb39ced750b1abbaa3180cc02ba04b_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:b08bd4365b5ee4f24ee1d192f73d4d1a70440d10adf59a10bfc4214fbeebfe9d_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:f5f651df2afeb3bd590cd606713f160ef27ab1a8999bc2871bb9e9e9db01ca71_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:1e5da2e733d5b9bf9a9407821721f9e99190f95e22e1f4fff3f11b6ab0a0f29a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:62730230ae5edb7584ba66e3ac1c9745cb5b890c8c740006e69a657725590c4a_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:62b8dd692d5f870e075dbfbdc70cb25804e4bfb4679caf80f75b9103d3b09fe5_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:b87494f2b4d011b9ce88114cb29c9169995784b68ca00b3db30f865dde3e38b8_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:06a18ba00f334dad26685a2d36eb6fd5cb31ab91ab9ca040821c220a735c64ce_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:567a2dafe906090b5e6d6b0ae69419cf5826ab2ebefd3d4253bac42ebc940655_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:a19dfd7d025ea46540213c42383d28ad90a2fb87e478293bdf4bd06c2631c2be_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:cc607efeb62eb4aae47dde0f4306c5105680f9807c8811e94aebc263245ff527_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:2ec06aa6fef877f580ae4be39a56a2da94cd12e1b0eb615e3cbb7056682cbc19_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:77c004f3326e7ca629ab4d5de51c36e4fe909c6dede867b69b90011ea5bcb01c_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:ca1974cb6ecdef6a255f622eeb5f6d70011ca4b8c8555b783cd999ad15e638c0_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:cbf501256a8f4252cc830f259722094c0a81ed2806507b2e92d0442e0c502f4b_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-34155"
},
{
"category": "external",
"summary": "RHBZ#2310527",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310527"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-34155",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34155"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-34155",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34155"
},
{
"category": "external",
"summary": "https://go.dev/cl/611238",
"url": "https://go.dev/cl/611238"
},
{
"category": "external",
"summary": "https://go.dev/issue/69138",
"url": "https://go.dev/issue/69138"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk",
"url": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3105",
"url": "https://pkg.go.dev/vuln/GO-2024-3105"
}
],
"release_date": "2024-09-06T21:15:11.947000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-01-28T15:50:58+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:16152f1958c39b2f7796f381acb27927096f33ac1a7202219d4da019b188c9ef_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:3cffca082b5d2451108921b226fd9b938bed64d1879b1e9a0af18896193666a9_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:56b114ae63e69d2bfe6d3256778e5f12a525f7f0d8875df1f4df64295fd704f2_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:bbf803f5600ea64977e2dc7b790c18be8bb6012383a8a6051eb4d4bc51927092_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:0771"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:434e9437aa77e4446fda71d3cbfaa2b5fd65e5f4a4dd81d200c1f7e3ff4a7783_arm64",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:446ccce4d7e6bf9746bf3d2227b63f43641dafc2283c2778ab24934357f6f260_s390x",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:8a46a94131498c2a46883528b2649e21aabbaa656f28f94d2849511208765ac5_amd64",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f97bad0f9da6a369d85ef5f47c20a6e543426031229957495ed8223ed5e1feaa_ppc64le",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:0292bec8929b93cedd56e9b1a3889ca631bd094eb76619ce07c0fa784c149457_arm64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:551271874902237ac31f43fc0f52d5e30a58ed7b4380f6880f72c112424a322d_s390x",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:981d1c332435a7d37d9a5471b70e60ed7255fa2e7f376137aa37464fabd827db_ppc64le",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:e6dfdd774aa508d1cae598fbde44944239fb3f27dfc6f696d6b9ed7c55168f70_amd64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:06eecb7e0b06d3619c90ae929bea860214658ea7a67b8ced548902a15961e5d4_amd64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:529880c06d04df8943146b6054733098d6f49049f71c65cb8bb5b90481dc8ec7_arm64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:949a00c7960288625b09bcc33f4458d94a654e9c1d8ff62261376e73e8932843_s390x",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:a6ed4b2bb16917f4c170d7f9f37caa40025b2adf26b7b32e3eb29e7c753ad6ab_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:1cd7a7e2c6c74c405cf08a442257e406ecb14ad54eec3c435de2b57a9493c196_s390x",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:42f26f43662ad9b36be9d0a71410f5132e13bcbd633b854f0025144b7668a8d0_arm64",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:b3e233bf2bcb9c935b916c3a41f1fde7b4f1548f857c708156686432b2b9c543_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:d892e4081236357a3d77722eee8183dde22d67549ba2abddb8ed1ffebaaa27b1_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:40ec162b7ef042ca15e71458e8131d62bb0738d33601e9e7ed615a9b0a09eccf_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:6de95d50fbdf7d0b2ecb26a418a7d86ab9945693e1b24740573c05cf2f0da6b2_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:7c858242c476b0400c38f7ef8a660c4c6961728268a0a0efb873533a80ad3b50_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:98c4abc2b0d3c4c60ca868c88c93b2ee5e8da275a273cd9b2e353d02a15f2128_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:29800c0bfb92819df712408119d059a2700256b70237c19743b3541c7e38ce99_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:623bd5b25e7d0d57cd4bca080fc87aa6f4c1491064f05b34463cdd42be4e44e7_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8f3ec7dc587441eab6fbe90972c48655a9e184906092a6eaaec47724b4549bf2_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d8b03f7ed7c2a36ebcbb04e30d71c9c11180e5103dba60211122f8f606256185_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:16fc462b1947610c47536a9b8abb57b2cd1277867690cfb195d874858ed72463_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:48437e2a84201ddca777297db29a6e2ef9cb39ced750b1abbaa3180cc02ba04b_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:b08bd4365b5ee4f24ee1d192f73d4d1a70440d10adf59a10bfc4214fbeebfe9d_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:f5f651df2afeb3bd590cd606713f160ef27ab1a8999bc2871bb9e9e9db01ca71_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:1e5da2e733d5b9bf9a9407821721f9e99190f95e22e1f4fff3f11b6ab0a0f29a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:62730230ae5edb7584ba66e3ac1c9745cb5b890c8c740006e69a657725590c4a_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:62b8dd692d5f870e075dbfbdc70cb25804e4bfb4679caf80f75b9103d3b09fe5_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:b87494f2b4d011b9ce88114cb29c9169995784b68ca00b3db30f865dde3e38b8_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:06a18ba00f334dad26685a2d36eb6fd5cb31ab91ab9ca040821c220a735c64ce_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:567a2dafe906090b5e6d6b0ae69419cf5826ab2ebefd3d4253bac42ebc940655_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:a19dfd7d025ea46540213c42383d28ad90a2fb87e478293bdf4bd06c2631c2be_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:cc607efeb62eb4aae47dde0f4306c5105680f9807c8811e94aebc263245ff527_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:2ec06aa6fef877f580ae4be39a56a2da94cd12e1b0eb615e3cbb7056682cbc19_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:77c004f3326e7ca629ab4d5de51c36e4fe909c6dede867b69b90011ea5bcb01c_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:ca1974cb6ecdef6a255f622eeb5f6d70011ca4b8c8555b783cd999ad15e638c0_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:cbf501256a8f4252cc830f259722094c0a81ed2806507b2e92d0442e0c502f4b_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:16152f1958c39b2f7796f381acb27927096f33ac1a7202219d4da019b188c9ef_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:3cffca082b5d2451108921b226fd9b938bed64d1879b1e9a0af18896193666a9_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:56b114ae63e69d2bfe6d3256778e5f12a525f7f0d8875df1f4df64295fd704f2_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:bbf803f5600ea64977e2dc7b790c18be8bb6012383a8a6051eb4d4bc51927092_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:434e9437aa77e4446fda71d3cbfaa2b5fd65e5f4a4dd81d200c1f7e3ff4a7783_arm64",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:446ccce4d7e6bf9746bf3d2227b63f43641dafc2283c2778ab24934357f6f260_s390x",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:8a46a94131498c2a46883528b2649e21aabbaa656f28f94d2849511208765ac5_amd64",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f97bad0f9da6a369d85ef5f47c20a6e543426031229957495ed8223ed5e1feaa_ppc64le",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:0292bec8929b93cedd56e9b1a3889ca631bd094eb76619ce07c0fa784c149457_arm64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:551271874902237ac31f43fc0f52d5e30a58ed7b4380f6880f72c112424a322d_s390x",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:981d1c332435a7d37d9a5471b70e60ed7255fa2e7f376137aa37464fabd827db_ppc64le",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:e6dfdd774aa508d1cae598fbde44944239fb3f27dfc6f696d6b9ed7c55168f70_amd64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:06eecb7e0b06d3619c90ae929bea860214658ea7a67b8ced548902a15961e5d4_amd64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:529880c06d04df8943146b6054733098d6f49049f71c65cb8bb5b90481dc8ec7_arm64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:949a00c7960288625b09bcc33f4458d94a654e9c1d8ff62261376e73e8932843_s390x",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:a6ed4b2bb16917f4c170d7f9f37caa40025b2adf26b7b32e3eb29e7c753ad6ab_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:1cd7a7e2c6c74c405cf08a442257e406ecb14ad54eec3c435de2b57a9493c196_s390x",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:42f26f43662ad9b36be9d0a71410f5132e13bcbd633b854f0025144b7668a8d0_arm64",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:b3e233bf2bcb9c935b916c3a41f1fde7b4f1548f857c708156686432b2b9c543_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:d892e4081236357a3d77722eee8183dde22d67549ba2abddb8ed1ffebaaa27b1_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:40ec162b7ef042ca15e71458e8131d62bb0738d33601e9e7ed615a9b0a09eccf_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:6de95d50fbdf7d0b2ecb26a418a7d86ab9945693e1b24740573c05cf2f0da6b2_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:7c858242c476b0400c38f7ef8a660c4c6961728268a0a0efb873533a80ad3b50_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:98c4abc2b0d3c4c60ca868c88c93b2ee5e8da275a273cd9b2e353d02a15f2128_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:29800c0bfb92819df712408119d059a2700256b70237c19743b3541c7e38ce99_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:623bd5b25e7d0d57cd4bca080fc87aa6f4c1491064f05b34463cdd42be4e44e7_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8f3ec7dc587441eab6fbe90972c48655a9e184906092a6eaaec47724b4549bf2_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d8b03f7ed7c2a36ebcbb04e30d71c9c11180e5103dba60211122f8f606256185_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:16fc462b1947610c47536a9b8abb57b2cd1277867690cfb195d874858ed72463_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:48437e2a84201ddca777297db29a6e2ef9cb39ced750b1abbaa3180cc02ba04b_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:b08bd4365b5ee4f24ee1d192f73d4d1a70440d10adf59a10bfc4214fbeebfe9d_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:f5f651df2afeb3bd590cd606713f160ef27ab1a8999bc2871bb9e9e9db01ca71_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:1e5da2e733d5b9bf9a9407821721f9e99190f95e22e1f4fff3f11b6ab0a0f29a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:62730230ae5edb7584ba66e3ac1c9745cb5b890c8c740006e69a657725590c4a_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:62b8dd692d5f870e075dbfbdc70cb25804e4bfb4679caf80f75b9103d3b09fe5_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:b87494f2b4d011b9ce88114cb29c9169995784b68ca00b3db30f865dde3e38b8_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:06a18ba00f334dad26685a2d36eb6fd5cb31ab91ab9ca040821c220a735c64ce_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:567a2dafe906090b5e6d6b0ae69419cf5826ab2ebefd3d4253bac42ebc940655_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:a19dfd7d025ea46540213c42383d28ad90a2fb87e478293bdf4bd06c2631c2be_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:cc607efeb62eb4aae47dde0f4306c5105680f9807c8811e94aebc263245ff527_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:2ec06aa6fef877f580ae4be39a56a2da94cd12e1b0eb615e3cbb7056682cbc19_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:77c004f3326e7ca629ab4d5de51c36e4fe909c6dede867b69b90011ea5bcb01c_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:ca1974cb6ecdef6a255f622eeb5f6d70011ca4b8c8555b783cd999ad15e638c0_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:cbf501256a8f4252cc830f259722094c0a81ed2806507b2e92d0442e0c502f4b_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:16152f1958c39b2f7796f381acb27927096f33ac1a7202219d4da019b188c9ef_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:3cffca082b5d2451108921b226fd9b938bed64d1879b1e9a0af18896193666a9_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:56b114ae63e69d2bfe6d3256778e5f12a525f7f0d8875df1f4df64295fd704f2_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:bbf803f5600ea64977e2dc7b790c18be8bb6012383a8a6051eb4d4bc51927092_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion"
},
{
"cve": "CVE-2024-34156",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2024-09-06T21:20:09.377905+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:434e9437aa77e4446fda71d3cbfaa2b5fd65e5f4a4dd81d200c1f7e3ff4a7783_arm64",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:446ccce4d7e6bf9746bf3d2227b63f43641dafc2283c2778ab24934357f6f260_s390x",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:8a46a94131498c2a46883528b2649e21aabbaa656f28f94d2849511208765ac5_amd64",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f97bad0f9da6a369d85ef5f47c20a6e543426031229957495ed8223ed5e1feaa_ppc64le",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:0292bec8929b93cedd56e9b1a3889ca631bd094eb76619ce07c0fa784c149457_arm64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:551271874902237ac31f43fc0f52d5e30a58ed7b4380f6880f72c112424a322d_s390x",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:981d1c332435a7d37d9a5471b70e60ed7255fa2e7f376137aa37464fabd827db_ppc64le",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:e6dfdd774aa508d1cae598fbde44944239fb3f27dfc6f696d6b9ed7c55168f70_amd64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:06eecb7e0b06d3619c90ae929bea860214658ea7a67b8ced548902a15961e5d4_amd64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:529880c06d04df8943146b6054733098d6f49049f71c65cb8bb5b90481dc8ec7_arm64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:949a00c7960288625b09bcc33f4458d94a654e9c1d8ff62261376e73e8932843_s390x",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:a6ed4b2bb16917f4c170d7f9f37caa40025b2adf26b7b32e3eb29e7c753ad6ab_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:1cd7a7e2c6c74c405cf08a442257e406ecb14ad54eec3c435de2b57a9493c196_s390x",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:42f26f43662ad9b36be9d0a71410f5132e13bcbd633b854f0025144b7668a8d0_arm64",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:b3e233bf2bcb9c935b916c3a41f1fde7b4f1548f857c708156686432b2b9c543_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:d892e4081236357a3d77722eee8183dde22d67549ba2abddb8ed1ffebaaa27b1_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:40ec162b7ef042ca15e71458e8131d62bb0738d33601e9e7ed615a9b0a09eccf_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:6de95d50fbdf7d0b2ecb26a418a7d86ab9945693e1b24740573c05cf2f0da6b2_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:7c858242c476b0400c38f7ef8a660c4c6961728268a0a0efb873533a80ad3b50_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:98c4abc2b0d3c4c60ca868c88c93b2ee5e8da275a273cd9b2e353d02a15f2128_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:29800c0bfb92819df712408119d059a2700256b70237c19743b3541c7e38ce99_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:623bd5b25e7d0d57cd4bca080fc87aa6f4c1491064f05b34463cdd42be4e44e7_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8f3ec7dc587441eab6fbe90972c48655a9e184906092a6eaaec47724b4549bf2_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d8b03f7ed7c2a36ebcbb04e30d71c9c11180e5103dba60211122f8f606256185_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:16fc462b1947610c47536a9b8abb57b2cd1277867690cfb195d874858ed72463_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:48437e2a84201ddca777297db29a6e2ef9cb39ced750b1abbaa3180cc02ba04b_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:b08bd4365b5ee4f24ee1d192f73d4d1a70440d10adf59a10bfc4214fbeebfe9d_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:f5f651df2afeb3bd590cd606713f160ef27ab1a8999bc2871bb9e9e9db01ca71_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:1e5da2e733d5b9bf9a9407821721f9e99190f95e22e1f4fff3f11b6ab0a0f29a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:62730230ae5edb7584ba66e3ac1c9745cb5b890c8c740006e69a657725590c4a_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:62b8dd692d5f870e075dbfbdc70cb25804e4bfb4679caf80f75b9103d3b09fe5_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:b87494f2b4d011b9ce88114cb29c9169995784b68ca00b3db30f865dde3e38b8_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:06a18ba00f334dad26685a2d36eb6fd5cb31ab91ab9ca040821c220a735c64ce_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:567a2dafe906090b5e6d6b0ae69419cf5826ab2ebefd3d4253bac42ebc940655_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:a19dfd7d025ea46540213c42383d28ad90a2fb87e478293bdf4bd06c2631c2be_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:cc607efeb62eb4aae47dde0f4306c5105680f9807c8811e94aebc263245ff527_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:2ec06aa6fef877f580ae4be39a56a2da94cd12e1b0eb615e3cbb7056682cbc19_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:77c004f3326e7ca629ab4d5de51c36e4fe909c6dede867b69b90011ea5bcb01c_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:ca1974cb6ecdef6a255f622eeb5f6d70011ca4b8c8555b783cd999ad15e638c0_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:cbf501256a8f4252cc830f259722094c0a81ed2806507b2e92d0442e0c502f4b_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310528"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in Go\u0027s `encoding/gob` package is of high severity because it exposes applications to potential Denial of Service (DoS) attacks through stack exhaustion. Since `gob` relies on recursive function calls to decode nested structures, an attacker could exploit this by sending crafted messages with excessively deep nesting, causing the application to panic due to stack overflow. This risk is particularly important in scenarios where untrusted or external input is processed, as it can lead to system unavailability or crashes, undermining the reliability and availability of services.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:16152f1958c39b2f7796f381acb27927096f33ac1a7202219d4da019b188c9ef_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:3cffca082b5d2451108921b226fd9b938bed64d1879b1e9a0af18896193666a9_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:56b114ae63e69d2bfe6d3256778e5f12a525f7f0d8875df1f4df64295fd704f2_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:bbf803f5600ea64977e2dc7b790c18be8bb6012383a8a6051eb4d4bc51927092_s390x"
],
"known_not_affected": [
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:434e9437aa77e4446fda71d3cbfaa2b5fd65e5f4a4dd81d200c1f7e3ff4a7783_arm64",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:446ccce4d7e6bf9746bf3d2227b63f43641dafc2283c2778ab24934357f6f260_s390x",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:8a46a94131498c2a46883528b2649e21aabbaa656f28f94d2849511208765ac5_amd64",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f97bad0f9da6a369d85ef5f47c20a6e543426031229957495ed8223ed5e1feaa_ppc64le",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:0292bec8929b93cedd56e9b1a3889ca631bd094eb76619ce07c0fa784c149457_arm64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:551271874902237ac31f43fc0f52d5e30a58ed7b4380f6880f72c112424a322d_s390x",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:981d1c332435a7d37d9a5471b70e60ed7255fa2e7f376137aa37464fabd827db_ppc64le",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:e6dfdd774aa508d1cae598fbde44944239fb3f27dfc6f696d6b9ed7c55168f70_amd64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:06eecb7e0b06d3619c90ae929bea860214658ea7a67b8ced548902a15961e5d4_amd64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:529880c06d04df8943146b6054733098d6f49049f71c65cb8bb5b90481dc8ec7_arm64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:949a00c7960288625b09bcc33f4458d94a654e9c1d8ff62261376e73e8932843_s390x",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:a6ed4b2bb16917f4c170d7f9f37caa40025b2adf26b7b32e3eb29e7c753ad6ab_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:1cd7a7e2c6c74c405cf08a442257e406ecb14ad54eec3c435de2b57a9493c196_s390x",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:42f26f43662ad9b36be9d0a71410f5132e13bcbd633b854f0025144b7668a8d0_arm64",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:b3e233bf2bcb9c935b916c3a41f1fde7b4f1548f857c708156686432b2b9c543_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:d892e4081236357a3d77722eee8183dde22d67549ba2abddb8ed1ffebaaa27b1_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:40ec162b7ef042ca15e71458e8131d62bb0738d33601e9e7ed615a9b0a09eccf_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:6de95d50fbdf7d0b2ecb26a418a7d86ab9945693e1b24740573c05cf2f0da6b2_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:7c858242c476b0400c38f7ef8a660c4c6961728268a0a0efb873533a80ad3b50_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:98c4abc2b0d3c4c60ca868c88c93b2ee5e8da275a273cd9b2e353d02a15f2128_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:29800c0bfb92819df712408119d059a2700256b70237c19743b3541c7e38ce99_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:623bd5b25e7d0d57cd4bca080fc87aa6f4c1491064f05b34463cdd42be4e44e7_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8f3ec7dc587441eab6fbe90972c48655a9e184906092a6eaaec47724b4549bf2_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d8b03f7ed7c2a36ebcbb04e30d71c9c11180e5103dba60211122f8f606256185_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:16fc462b1947610c47536a9b8abb57b2cd1277867690cfb195d874858ed72463_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:48437e2a84201ddca777297db29a6e2ef9cb39ced750b1abbaa3180cc02ba04b_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:b08bd4365b5ee4f24ee1d192f73d4d1a70440d10adf59a10bfc4214fbeebfe9d_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:f5f651df2afeb3bd590cd606713f160ef27ab1a8999bc2871bb9e9e9db01ca71_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:1e5da2e733d5b9bf9a9407821721f9e99190f95e22e1f4fff3f11b6ab0a0f29a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:62730230ae5edb7584ba66e3ac1c9745cb5b890c8c740006e69a657725590c4a_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:62b8dd692d5f870e075dbfbdc70cb25804e4bfb4679caf80f75b9103d3b09fe5_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:b87494f2b4d011b9ce88114cb29c9169995784b68ca00b3db30f865dde3e38b8_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:06a18ba00f334dad26685a2d36eb6fd5cb31ab91ab9ca040821c220a735c64ce_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:567a2dafe906090b5e6d6b0ae69419cf5826ab2ebefd3d4253bac42ebc940655_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:a19dfd7d025ea46540213c42383d28ad90a2fb87e478293bdf4bd06c2631c2be_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:cc607efeb62eb4aae47dde0f4306c5105680f9807c8811e94aebc263245ff527_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:2ec06aa6fef877f580ae4be39a56a2da94cd12e1b0eb615e3cbb7056682cbc19_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:77c004f3326e7ca629ab4d5de51c36e4fe909c6dede867b69b90011ea5bcb01c_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:ca1974cb6ecdef6a255f622eeb5f6d70011ca4b8c8555b783cd999ad15e638c0_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:cbf501256a8f4252cc830f259722094c0a81ed2806507b2e92d0442e0c502f4b_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-34156"
},
{
"category": "external",
"summary": "RHBZ#2310528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310528"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-34156",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34156"
},
{
"category": "external",
"summary": "https://go.dev/cl/611239",
"url": "https://go.dev/cl/611239"
},
{
"category": "external",
"summary": "https://go.dev/issue/69139",
"url": "https://go.dev/issue/69139"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk",
"url": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3106",
"url": "https://pkg.go.dev/vuln/GO-2024-3106"
}
],
"release_date": "2024-09-06T21:15:12.020000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-01-28T15:50:58+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:16152f1958c39b2f7796f381acb27927096f33ac1a7202219d4da019b188c9ef_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:3cffca082b5d2451108921b226fd9b938bed64d1879b1e9a0af18896193666a9_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:56b114ae63e69d2bfe6d3256778e5f12a525f7f0d8875df1f4df64295fd704f2_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:bbf803f5600ea64977e2dc7b790c18be8bb6012383a8a6051eb4d4bc51927092_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:0771"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:434e9437aa77e4446fda71d3cbfaa2b5fd65e5f4a4dd81d200c1f7e3ff4a7783_arm64",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:446ccce4d7e6bf9746bf3d2227b63f43641dafc2283c2778ab24934357f6f260_s390x",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:8a46a94131498c2a46883528b2649e21aabbaa656f28f94d2849511208765ac5_amd64",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f97bad0f9da6a369d85ef5f47c20a6e543426031229957495ed8223ed5e1feaa_ppc64le",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:0292bec8929b93cedd56e9b1a3889ca631bd094eb76619ce07c0fa784c149457_arm64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:551271874902237ac31f43fc0f52d5e30a58ed7b4380f6880f72c112424a322d_s390x",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:981d1c332435a7d37d9a5471b70e60ed7255fa2e7f376137aa37464fabd827db_ppc64le",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:e6dfdd774aa508d1cae598fbde44944239fb3f27dfc6f696d6b9ed7c55168f70_amd64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:06eecb7e0b06d3619c90ae929bea860214658ea7a67b8ced548902a15961e5d4_amd64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:529880c06d04df8943146b6054733098d6f49049f71c65cb8bb5b90481dc8ec7_arm64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:949a00c7960288625b09bcc33f4458d94a654e9c1d8ff62261376e73e8932843_s390x",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:a6ed4b2bb16917f4c170d7f9f37caa40025b2adf26b7b32e3eb29e7c753ad6ab_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:1cd7a7e2c6c74c405cf08a442257e406ecb14ad54eec3c435de2b57a9493c196_s390x",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:42f26f43662ad9b36be9d0a71410f5132e13bcbd633b854f0025144b7668a8d0_arm64",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:b3e233bf2bcb9c935b916c3a41f1fde7b4f1548f857c708156686432b2b9c543_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:d892e4081236357a3d77722eee8183dde22d67549ba2abddb8ed1ffebaaa27b1_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:40ec162b7ef042ca15e71458e8131d62bb0738d33601e9e7ed615a9b0a09eccf_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:6de95d50fbdf7d0b2ecb26a418a7d86ab9945693e1b24740573c05cf2f0da6b2_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:7c858242c476b0400c38f7ef8a660c4c6961728268a0a0efb873533a80ad3b50_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:98c4abc2b0d3c4c60ca868c88c93b2ee5e8da275a273cd9b2e353d02a15f2128_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:29800c0bfb92819df712408119d059a2700256b70237c19743b3541c7e38ce99_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:623bd5b25e7d0d57cd4bca080fc87aa6f4c1491064f05b34463cdd42be4e44e7_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8f3ec7dc587441eab6fbe90972c48655a9e184906092a6eaaec47724b4549bf2_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d8b03f7ed7c2a36ebcbb04e30d71c9c11180e5103dba60211122f8f606256185_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:16fc462b1947610c47536a9b8abb57b2cd1277867690cfb195d874858ed72463_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:48437e2a84201ddca777297db29a6e2ef9cb39ced750b1abbaa3180cc02ba04b_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:b08bd4365b5ee4f24ee1d192f73d4d1a70440d10adf59a10bfc4214fbeebfe9d_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:f5f651df2afeb3bd590cd606713f160ef27ab1a8999bc2871bb9e9e9db01ca71_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:1e5da2e733d5b9bf9a9407821721f9e99190f95e22e1f4fff3f11b6ab0a0f29a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:62730230ae5edb7584ba66e3ac1c9745cb5b890c8c740006e69a657725590c4a_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:62b8dd692d5f870e075dbfbdc70cb25804e4bfb4679caf80f75b9103d3b09fe5_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:b87494f2b4d011b9ce88114cb29c9169995784b68ca00b3db30f865dde3e38b8_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:06a18ba00f334dad26685a2d36eb6fd5cb31ab91ab9ca040821c220a735c64ce_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:567a2dafe906090b5e6d6b0ae69419cf5826ab2ebefd3d4253bac42ebc940655_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:a19dfd7d025ea46540213c42383d28ad90a2fb87e478293bdf4bd06c2631c2be_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:cc607efeb62eb4aae47dde0f4306c5105680f9807c8811e94aebc263245ff527_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:2ec06aa6fef877f580ae4be39a56a2da94cd12e1b0eb615e3cbb7056682cbc19_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:77c004f3326e7ca629ab4d5de51c36e4fe909c6dede867b69b90011ea5bcb01c_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:ca1974cb6ecdef6a255f622eeb5f6d70011ca4b8c8555b783cd999ad15e638c0_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:cbf501256a8f4252cc830f259722094c0a81ed2806507b2e92d0442e0c502f4b_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:16152f1958c39b2f7796f381acb27927096f33ac1a7202219d4da019b188c9ef_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:3cffca082b5d2451108921b226fd9b938bed64d1879b1e9a0af18896193666a9_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:56b114ae63e69d2bfe6d3256778e5f12a525f7f0d8875df1f4df64295fd704f2_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:bbf803f5600ea64977e2dc7b790c18be8bb6012383a8a6051eb4d4bc51927092_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:434e9437aa77e4446fda71d3cbfaa2b5fd65e5f4a4dd81d200c1f7e3ff4a7783_arm64",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:446ccce4d7e6bf9746bf3d2227b63f43641dafc2283c2778ab24934357f6f260_s390x",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:8a46a94131498c2a46883528b2649e21aabbaa656f28f94d2849511208765ac5_amd64",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f97bad0f9da6a369d85ef5f47c20a6e543426031229957495ed8223ed5e1feaa_ppc64le",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:0292bec8929b93cedd56e9b1a3889ca631bd094eb76619ce07c0fa784c149457_arm64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:551271874902237ac31f43fc0f52d5e30a58ed7b4380f6880f72c112424a322d_s390x",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:981d1c332435a7d37d9a5471b70e60ed7255fa2e7f376137aa37464fabd827db_ppc64le",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:e6dfdd774aa508d1cae598fbde44944239fb3f27dfc6f696d6b9ed7c55168f70_amd64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:06eecb7e0b06d3619c90ae929bea860214658ea7a67b8ced548902a15961e5d4_amd64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:529880c06d04df8943146b6054733098d6f49049f71c65cb8bb5b90481dc8ec7_arm64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:949a00c7960288625b09bcc33f4458d94a654e9c1d8ff62261376e73e8932843_s390x",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:a6ed4b2bb16917f4c170d7f9f37caa40025b2adf26b7b32e3eb29e7c753ad6ab_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:1cd7a7e2c6c74c405cf08a442257e406ecb14ad54eec3c435de2b57a9493c196_s390x",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:42f26f43662ad9b36be9d0a71410f5132e13bcbd633b854f0025144b7668a8d0_arm64",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:b3e233bf2bcb9c935b916c3a41f1fde7b4f1548f857c708156686432b2b9c543_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:d892e4081236357a3d77722eee8183dde22d67549ba2abddb8ed1ffebaaa27b1_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:40ec162b7ef042ca15e71458e8131d62bb0738d33601e9e7ed615a9b0a09eccf_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:6de95d50fbdf7d0b2ecb26a418a7d86ab9945693e1b24740573c05cf2f0da6b2_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:7c858242c476b0400c38f7ef8a660c4c6961728268a0a0efb873533a80ad3b50_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:98c4abc2b0d3c4c60ca868c88c93b2ee5e8da275a273cd9b2e353d02a15f2128_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:29800c0bfb92819df712408119d059a2700256b70237c19743b3541c7e38ce99_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:623bd5b25e7d0d57cd4bca080fc87aa6f4c1491064f05b34463cdd42be4e44e7_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8f3ec7dc587441eab6fbe90972c48655a9e184906092a6eaaec47724b4549bf2_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d8b03f7ed7c2a36ebcbb04e30d71c9c11180e5103dba60211122f8f606256185_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:16fc462b1947610c47536a9b8abb57b2cd1277867690cfb195d874858ed72463_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:48437e2a84201ddca777297db29a6e2ef9cb39ced750b1abbaa3180cc02ba04b_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:b08bd4365b5ee4f24ee1d192f73d4d1a70440d10adf59a10bfc4214fbeebfe9d_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:f5f651df2afeb3bd590cd606713f160ef27ab1a8999bc2871bb9e9e9db01ca71_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:1e5da2e733d5b9bf9a9407821721f9e99190f95e22e1f4fff3f11b6ab0a0f29a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:62730230ae5edb7584ba66e3ac1c9745cb5b890c8c740006e69a657725590c4a_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:62b8dd692d5f870e075dbfbdc70cb25804e4bfb4679caf80f75b9103d3b09fe5_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:b87494f2b4d011b9ce88114cb29c9169995784b68ca00b3db30f865dde3e38b8_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:06a18ba00f334dad26685a2d36eb6fd5cb31ab91ab9ca040821c220a735c64ce_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:567a2dafe906090b5e6d6b0ae69419cf5826ab2ebefd3d4253bac42ebc940655_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:a19dfd7d025ea46540213c42383d28ad90a2fb87e478293bdf4bd06c2631c2be_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:cc607efeb62eb4aae47dde0f4306c5105680f9807c8811e94aebc263245ff527_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:2ec06aa6fef877f580ae4be39a56a2da94cd12e1b0eb615e3cbb7056682cbc19_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:77c004f3326e7ca629ab4d5de51c36e4fe909c6dede867b69b90011ea5bcb01c_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:ca1974cb6ecdef6a255f622eeb5f6d70011ca4b8c8555b783cd999ad15e638c0_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:cbf501256a8f4252cc830f259722094c0a81ed2806507b2e92d0442e0c502f4b_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:16152f1958c39b2f7796f381acb27927096f33ac1a7202219d4da019b188c9ef_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:3cffca082b5d2451108921b226fd9b938bed64d1879b1e9a0af18896193666a9_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:56b114ae63e69d2bfe6d3256778e5f12a525f7f0d8875df1f4df64295fd704f2_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:bbf803f5600ea64977e2dc7b790c18be8bb6012383a8a6051eb4d4bc51927092_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion"
},
{
"cve": "CVE-2024-34158",
"cwe": {
"id": "CWE-1325",
"name": "Improperly Controlled Sequential Memory Allocation"
},
"discovery_date": "2024-09-06T21:20:12.126400+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:434e9437aa77e4446fda71d3cbfaa2b5fd65e5f4a4dd81d200c1f7e3ff4a7783_arm64",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:446ccce4d7e6bf9746bf3d2227b63f43641dafc2283c2778ab24934357f6f260_s390x",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:8a46a94131498c2a46883528b2649e21aabbaa656f28f94d2849511208765ac5_amd64",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f97bad0f9da6a369d85ef5f47c20a6e543426031229957495ed8223ed5e1feaa_ppc64le",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:0292bec8929b93cedd56e9b1a3889ca631bd094eb76619ce07c0fa784c149457_arm64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:551271874902237ac31f43fc0f52d5e30a58ed7b4380f6880f72c112424a322d_s390x",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:981d1c332435a7d37d9a5471b70e60ed7255fa2e7f376137aa37464fabd827db_ppc64le",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:e6dfdd774aa508d1cae598fbde44944239fb3f27dfc6f696d6b9ed7c55168f70_amd64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:06eecb7e0b06d3619c90ae929bea860214658ea7a67b8ced548902a15961e5d4_amd64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:529880c06d04df8943146b6054733098d6f49049f71c65cb8bb5b90481dc8ec7_arm64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:949a00c7960288625b09bcc33f4458d94a654e9c1d8ff62261376e73e8932843_s390x",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:a6ed4b2bb16917f4c170d7f9f37caa40025b2adf26b7b32e3eb29e7c753ad6ab_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:1cd7a7e2c6c74c405cf08a442257e406ecb14ad54eec3c435de2b57a9493c196_s390x",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:42f26f43662ad9b36be9d0a71410f5132e13bcbd633b854f0025144b7668a8d0_arm64",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:b3e233bf2bcb9c935b916c3a41f1fde7b4f1548f857c708156686432b2b9c543_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:d892e4081236357a3d77722eee8183dde22d67549ba2abddb8ed1ffebaaa27b1_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:40ec162b7ef042ca15e71458e8131d62bb0738d33601e9e7ed615a9b0a09eccf_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:6de95d50fbdf7d0b2ecb26a418a7d86ab9945693e1b24740573c05cf2f0da6b2_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:7c858242c476b0400c38f7ef8a660c4c6961728268a0a0efb873533a80ad3b50_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:98c4abc2b0d3c4c60ca868c88c93b2ee5e8da275a273cd9b2e353d02a15f2128_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:29800c0bfb92819df712408119d059a2700256b70237c19743b3541c7e38ce99_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:623bd5b25e7d0d57cd4bca080fc87aa6f4c1491064f05b34463cdd42be4e44e7_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8f3ec7dc587441eab6fbe90972c48655a9e184906092a6eaaec47724b4549bf2_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d8b03f7ed7c2a36ebcbb04e30d71c9c11180e5103dba60211122f8f606256185_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:16fc462b1947610c47536a9b8abb57b2cd1277867690cfb195d874858ed72463_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:48437e2a84201ddca777297db29a6e2ef9cb39ced750b1abbaa3180cc02ba04b_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:b08bd4365b5ee4f24ee1d192f73d4d1a70440d10adf59a10bfc4214fbeebfe9d_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:f5f651df2afeb3bd590cd606713f160ef27ab1a8999bc2871bb9e9e9db01ca71_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:1e5da2e733d5b9bf9a9407821721f9e99190f95e22e1f4fff3f11b6ab0a0f29a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:62730230ae5edb7584ba66e3ac1c9745cb5b890c8c740006e69a657725590c4a_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:62b8dd692d5f870e075dbfbdc70cb25804e4bfb4679caf80f75b9103d3b09fe5_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:b87494f2b4d011b9ce88114cb29c9169995784b68ca00b3db30f865dde3e38b8_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:06a18ba00f334dad26685a2d36eb6fd5cb31ab91ab9ca040821c220a735c64ce_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:567a2dafe906090b5e6d6b0ae69419cf5826ab2ebefd3d4253bac42ebc940655_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:a19dfd7d025ea46540213c42383d28ad90a2fb87e478293bdf4bd06c2631c2be_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:cc607efeb62eb4aae47dde0f4306c5105680f9807c8811e94aebc263245ff527_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:2ec06aa6fef877f580ae4be39a56a2da94cd12e1b0eb615e3cbb7056682cbc19_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:77c004f3326e7ca629ab4d5de51c36e4fe909c6dede867b69b90011ea5bcb01c_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:ca1974cb6ecdef6a255f622eeb5f6d70011ca4b8c8555b783cd999ad15e638c0_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:cbf501256a8f4252cc830f259722094c0a81ed2806507b2e92d0442e0c502f4b_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310529"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the go/build/constraint package of the Golang standard library. Calling Parse on a \"// +build\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "go/build/constraint: golang: Calling Parse on a \"// +build\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:16152f1958c39b2f7796f381acb27927096f33ac1a7202219d4da019b188c9ef_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:3cffca082b5d2451108921b226fd9b938bed64d1879b1e9a0af18896193666a9_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:56b114ae63e69d2bfe6d3256778e5f12a525f7f0d8875df1f4df64295fd704f2_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:bbf803f5600ea64977e2dc7b790c18be8bb6012383a8a6051eb4d4bc51927092_s390x"
],
"known_not_affected": [
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:434e9437aa77e4446fda71d3cbfaa2b5fd65e5f4a4dd81d200c1f7e3ff4a7783_arm64",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:446ccce4d7e6bf9746bf3d2227b63f43641dafc2283c2778ab24934357f6f260_s390x",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:8a46a94131498c2a46883528b2649e21aabbaa656f28f94d2849511208765ac5_amd64",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f97bad0f9da6a369d85ef5f47c20a6e543426031229957495ed8223ed5e1feaa_ppc64le",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:0292bec8929b93cedd56e9b1a3889ca631bd094eb76619ce07c0fa784c149457_arm64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:551271874902237ac31f43fc0f52d5e30a58ed7b4380f6880f72c112424a322d_s390x",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:981d1c332435a7d37d9a5471b70e60ed7255fa2e7f376137aa37464fabd827db_ppc64le",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:e6dfdd774aa508d1cae598fbde44944239fb3f27dfc6f696d6b9ed7c55168f70_amd64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:06eecb7e0b06d3619c90ae929bea860214658ea7a67b8ced548902a15961e5d4_amd64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:529880c06d04df8943146b6054733098d6f49049f71c65cb8bb5b90481dc8ec7_arm64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:949a00c7960288625b09bcc33f4458d94a654e9c1d8ff62261376e73e8932843_s390x",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:a6ed4b2bb16917f4c170d7f9f37caa40025b2adf26b7b32e3eb29e7c753ad6ab_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:1cd7a7e2c6c74c405cf08a442257e406ecb14ad54eec3c435de2b57a9493c196_s390x",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:42f26f43662ad9b36be9d0a71410f5132e13bcbd633b854f0025144b7668a8d0_arm64",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:b3e233bf2bcb9c935b916c3a41f1fde7b4f1548f857c708156686432b2b9c543_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:d892e4081236357a3d77722eee8183dde22d67549ba2abddb8ed1ffebaaa27b1_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:40ec162b7ef042ca15e71458e8131d62bb0738d33601e9e7ed615a9b0a09eccf_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:6de95d50fbdf7d0b2ecb26a418a7d86ab9945693e1b24740573c05cf2f0da6b2_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:7c858242c476b0400c38f7ef8a660c4c6961728268a0a0efb873533a80ad3b50_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:98c4abc2b0d3c4c60ca868c88c93b2ee5e8da275a273cd9b2e353d02a15f2128_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:29800c0bfb92819df712408119d059a2700256b70237c19743b3541c7e38ce99_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:623bd5b25e7d0d57cd4bca080fc87aa6f4c1491064f05b34463cdd42be4e44e7_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8f3ec7dc587441eab6fbe90972c48655a9e184906092a6eaaec47724b4549bf2_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d8b03f7ed7c2a36ebcbb04e30d71c9c11180e5103dba60211122f8f606256185_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:16fc462b1947610c47536a9b8abb57b2cd1277867690cfb195d874858ed72463_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:48437e2a84201ddca777297db29a6e2ef9cb39ced750b1abbaa3180cc02ba04b_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:b08bd4365b5ee4f24ee1d192f73d4d1a70440d10adf59a10bfc4214fbeebfe9d_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:f5f651df2afeb3bd590cd606713f160ef27ab1a8999bc2871bb9e9e9db01ca71_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:1e5da2e733d5b9bf9a9407821721f9e99190f95e22e1f4fff3f11b6ab0a0f29a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:62730230ae5edb7584ba66e3ac1c9745cb5b890c8c740006e69a657725590c4a_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:62b8dd692d5f870e075dbfbdc70cb25804e4bfb4679caf80f75b9103d3b09fe5_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:b87494f2b4d011b9ce88114cb29c9169995784b68ca00b3db30f865dde3e38b8_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:06a18ba00f334dad26685a2d36eb6fd5cb31ab91ab9ca040821c220a735c64ce_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:567a2dafe906090b5e6d6b0ae69419cf5826ab2ebefd3d4253bac42ebc940655_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:a19dfd7d025ea46540213c42383d28ad90a2fb87e478293bdf4bd06c2631c2be_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:cc607efeb62eb4aae47dde0f4306c5105680f9807c8811e94aebc263245ff527_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:2ec06aa6fef877f580ae4be39a56a2da94cd12e1b0eb615e3cbb7056682cbc19_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:77c004f3326e7ca629ab4d5de51c36e4fe909c6dede867b69b90011ea5bcb01c_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:ca1974cb6ecdef6a255f622eeb5f6d70011ca4b8c8555b783cd999ad15e638c0_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:cbf501256a8f4252cc830f259722094c0a81ed2806507b2e92d0442e0c502f4b_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-34158"
},
{
"category": "external",
"summary": "RHBZ#2310529",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310529"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-34158",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34158"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-34158",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34158"
},
{
"category": "external",
"summary": "https://go.dev/cl/611240",
"url": "https://go.dev/cl/611240"
},
{
"category": "external",
"summary": "https://go.dev/issue/69141",
"url": "https://go.dev/issue/69141"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk",
"url": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3107",
"url": "https://pkg.go.dev/vuln/GO-2024-3107"
}
],
"release_date": "2024-09-06T21:15:12.083000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-01-28T15:50:58+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:16152f1958c39b2f7796f381acb27927096f33ac1a7202219d4da019b188c9ef_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:3cffca082b5d2451108921b226fd9b938bed64d1879b1e9a0af18896193666a9_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:56b114ae63e69d2bfe6d3256778e5f12a525f7f0d8875df1f4df64295fd704f2_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:bbf803f5600ea64977e2dc7b790c18be8bb6012383a8a6051eb4d4bc51927092_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:0771"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:434e9437aa77e4446fda71d3cbfaa2b5fd65e5f4a4dd81d200c1f7e3ff4a7783_arm64",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:446ccce4d7e6bf9746bf3d2227b63f43641dafc2283c2778ab24934357f6f260_s390x",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:8a46a94131498c2a46883528b2649e21aabbaa656f28f94d2849511208765ac5_amd64",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f97bad0f9da6a369d85ef5f47c20a6e543426031229957495ed8223ed5e1feaa_ppc64le",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:0292bec8929b93cedd56e9b1a3889ca631bd094eb76619ce07c0fa784c149457_arm64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:551271874902237ac31f43fc0f52d5e30a58ed7b4380f6880f72c112424a322d_s390x",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:981d1c332435a7d37d9a5471b70e60ed7255fa2e7f376137aa37464fabd827db_ppc64le",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:e6dfdd774aa508d1cae598fbde44944239fb3f27dfc6f696d6b9ed7c55168f70_amd64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:06eecb7e0b06d3619c90ae929bea860214658ea7a67b8ced548902a15961e5d4_amd64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:529880c06d04df8943146b6054733098d6f49049f71c65cb8bb5b90481dc8ec7_arm64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:949a00c7960288625b09bcc33f4458d94a654e9c1d8ff62261376e73e8932843_s390x",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:a6ed4b2bb16917f4c170d7f9f37caa40025b2adf26b7b32e3eb29e7c753ad6ab_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:1cd7a7e2c6c74c405cf08a442257e406ecb14ad54eec3c435de2b57a9493c196_s390x",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:42f26f43662ad9b36be9d0a71410f5132e13bcbd633b854f0025144b7668a8d0_arm64",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:b3e233bf2bcb9c935b916c3a41f1fde7b4f1548f857c708156686432b2b9c543_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:d892e4081236357a3d77722eee8183dde22d67549ba2abddb8ed1ffebaaa27b1_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:40ec162b7ef042ca15e71458e8131d62bb0738d33601e9e7ed615a9b0a09eccf_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:6de95d50fbdf7d0b2ecb26a418a7d86ab9945693e1b24740573c05cf2f0da6b2_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:7c858242c476b0400c38f7ef8a660c4c6961728268a0a0efb873533a80ad3b50_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:98c4abc2b0d3c4c60ca868c88c93b2ee5e8da275a273cd9b2e353d02a15f2128_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:29800c0bfb92819df712408119d059a2700256b70237c19743b3541c7e38ce99_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:623bd5b25e7d0d57cd4bca080fc87aa6f4c1491064f05b34463cdd42be4e44e7_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8f3ec7dc587441eab6fbe90972c48655a9e184906092a6eaaec47724b4549bf2_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d8b03f7ed7c2a36ebcbb04e30d71c9c11180e5103dba60211122f8f606256185_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:16fc462b1947610c47536a9b8abb57b2cd1277867690cfb195d874858ed72463_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:48437e2a84201ddca777297db29a6e2ef9cb39ced750b1abbaa3180cc02ba04b_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:b08bd4365b5ee4f24ee1d192f73d4d1a70440d10adf59a10bfc4214fbeebfe9d_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:f5f651df2afeb3bd590cd606713f160ef27ab1a8999bc2871bb9e9e9db01ca71_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:1e5da2e733d5b9bf9a9407821721f9e99190f95e22e1f4fff3f11b6ab0a0f29a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:62730230ae5edb7584ba66e3ac1c9745cb5b890c8c740006e69a657725590c4a_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:62b8dd692d5f870e075dbfbdc70cb25804e4bfb4679caf80f75b9103d3b09fe5_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:b87494f2b4d011b9ce88114cb29c9169995784b68ca00b3db30f865dde3e38b8_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:06a18ba00f334dad26685a2d36eb6fd5cb31ab91ab9ca040821c220a735c64ce_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:567a2dafe906090b5e6d6b0ae69419cf5826ab2ebefd3d4253bac42ebc940655_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:a19dfd7d025ea46540213c42383d28ad90a2fb87e478293bdf4bd06c2631c2be_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:cc607efeb62eb4aae47dde0f4306c5105680f9807c8811e94aebc263245ff527_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:2ec06aa6fef877f580ae4be39a56a2da94cd12e1b0eb615e3cbb7056682cbc19_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:77c004f3326e7ca629ab4d5de51c36e4fe909c6dede867b69b90011ea5bcb01c_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:ca1974cb6ecdef6a255f622eeb5f6d70011ca4b8c8555b783cd999ad15e638c0_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:cbf501256a8f4252cc830f259722094c0a81ed2806507b2e92d0442e0c502f4b_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:16152f1958c39b2f7796f381acb27927096f33ac1a7202219d4da019b188c9ef_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:3cffca082b5d2451108921b226fd9b938bed64d1879b1e9a0af18896193666a9_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:56b114ae63e69d2bfe6d3256778e5f12a525f7f0d8875df1f4df64295fd704f2_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:bbf803f5600ea64977e2dc7b790c18be8bb6012383a8a6051eb4d4bc51927092_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:434e9437aa77e4446fda71d3cbfaa2b5fd65e5f4a4dd81d200c1f7e3ff4a7783_arm64",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:446ccce4d7e6bf9746bf3d2227b63f43641dafc2283c2778ab24934357f6f260_s390x",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:8a46a94131498c2a46883528b2649e21aabbaa656f28f94d2849511208765ac5_amd64",
"9Base-OADP-1.4:oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:f97bad0f9da6a369d85ef5f47c20a6e543426031229957495ed8223ed5e1feaa_ppc64le",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:0292bec8929b93cedd56e9b1a3889ca631bd094eb76619ce07c0fa784c149457_arm64",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:551271874902237ac31f43fc0f52d5e30a58ed7b4380f6880f72c112424a322d_s390x",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:981d1c332435a7d37d9a5471b70e60ed7255fa2e7f376137aa37464fabd827db_ppc64le",
"9Base-OADP-1.4:oadp/oadp-mustgather-rhel9@sha256:e6dfdd774aa508d1cae598fbde44944239fb3f27dfc6f696d6b9ed7c55168f70_amd64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:06eecb7e0b06d3619c90ae929bea860214658ea7a67b8ced548902a15961e5d4_amd64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:529880c06d04df8943146b6054733098d6f49049f71c65cb8bb5b90481dc8ec7_arm64",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:949a00c7960288625b09bcc33f4458d94a654e9c1d8ff62261376e73e8932843_s390x",
"9Base-OADP-1.4:oadp/oadp-operator-bundle@sha256:a6ed4b2bb16917f4c170d7f9f37caa40025b2adf26b7b32e3eb29e7c753ad6ab_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:1cd7a7e2c6c74c405cf08a442257e406ecb14ad54eec3c435de2b57a9493c196_s390x",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:42f26f43662ad9b36be9d0a71410f5132e13bcbd633b854f0025144b7668a8d0_arm64",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:b3e233bf2bcb9c935b916c3a41f1fde7b4f1548f857c708156686432b2b9c543_ppc64le",
"9Base-OADP-1.4:oadp/oadp-rhel9-operator@sha256:d892e4081236357a3d77722eee8183dde22d67549ba2abddb8ed1ffebaaa27b1_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:40ec162b7ef042ca15e71458e8131d62bb0738d33601e9e7ed615a9b0a09eccf_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:6de95d50fbdf7d0b2ecb26a418a7d86ab9945693e1b24740573c05cf2f0da6b2_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:7c858242c476b0400c38f7ef8a660c4c6961728268a0a0efb873533a80ad3b50_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-aws-rhel9@sha256:98c4abc2b0d3c4c60ca868c88c93b2ee5e8da275a273cd9b2e353d02a15f2128_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:29800c0bfb92819df712408119d059a2700256b70237c19743b3541c7e38ce99_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:623bd5b25e7d0d57cd4bca080fc87aa6f4c1491064f05b34463cdd42be4e44e7_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8f3ec7dc587441eab6fbe90972c48655a9e184906092a6eaaec47724b4549bf2_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:d8b03f7ed7c2a36ebcbb04e30d71c9c11180e5103dba60211122f8f606256185_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:16fc462b1947610c47536a9b8abb57b2cd1277867690cfb195d874858ed72463_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:48437e2a84201ddca777297db29a6e2ef9cb39ced750b1abbaa3180cc02ba04b_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:b08bd4365b5ee4f24ee1d192f73d4d1a70440d10adf59a10bfc4214fbeebfe9d_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:f5f651df2afeb3bd590cd606713f160ef27ab1a8999bc2871bb9e9e9db01ca71_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:1e5da2e733d5b9bf9a9407821721f9e99190f95e22e1f4fff3f11b6ab0a0f29a_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:62730230ae5edb7584ba66e3ac1c9745cb5b890c8c740006e69a657725590c4a_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:62b8dd692d5f870e075dbfbdc70cb25804e4bfb4679caf80f75b9103d3b09fe5_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:b87494f2b4d011b9ce88114cb29c9169995784b68ca00b3db30f865dde3e38b8_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:06a18ba00f334dad26685a2d36eb6fd5cb31ab91ab9ca040821c220a735c64ce_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:567a2dafe906090b5e6d6b0ae69419cf5826ab2ebefd3d4253bac42ebc940655_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:a19dfd7d025ea46540213c42383d28ad90a2fb87e478293bdf4bd06c2631c2be_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-plugin-rhel9@sha256:cc607efeb62eb4aae47dde0f4306c5105680f9807c8811e94aebc263245ff527_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:2ec06aa6fef877f580ae4be39a56a2da94cd12e1b0eb615e3cbb7056682cbc19_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:77c004f3326e7ca629ab4d5de51c36e4fe909c6dede867b69b90011ea5bcb01c_s390x",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:ca1974cb6ecdef6a255f622eeb5f6d70011ca4b8c8555b783cd999ad15e638c0_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-restic-restore-helper-rhel9@sha256:cbf501256a8f4252cc830f259722094c0a81ed2806507b2e92d0442e0c502f4b_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:16152f1958c39b2f7796f381acb27927096f33ac1a7202219d4da019b188c9ef_ppc64le",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:3cffca082b5d2451108921b226fd9b938bed64d1879b1e9a0af18896193666a9_amd64",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:56b114ae63e69d2bfe6d3256778e5f12a525f7f0d8875df1f4df64295fd704f2_arm64",
"9Base-OADP-1.4:oadp/oadp-velero-rhel9@sha256:bbf803f5600ea64977e2dc7b790c18be8bb6012383a8a6051eb4d4bc51927092_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "go/build/constraint: golang: Calling Parse on a \"// +build\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion"
}
]
}
RHSA-2025:1190
Vulnerability from csaf_redhat - Published: 2025-02-10 01:06 - Updated: 2026-07-01 14:00A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHOS-17.1:etcd-0:3.4.26-9.1.el9ost.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOS-17.1:etcd-0:3.4.26-9.1.el9ost.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOS-17.1:etcd-debuginfo-0:3.4.26-9.1.el9ost.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOS-17.1:etcd-debugsource-0:3.4.26-9.1.el9ost.x86_64 | — |
Vendor Fix
fix
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for etcd is now available for Red Hat OpenStack Platform 17.1\n(Wallaby).\n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "A highly-available key value store for shared configuration\n\nSecurity Fix(es):\n\n* golang: Calling Decoder.Decode on a message which contains deeply nested\nstructures can cause a panic due to stack exhaustion (CVE-2024-34156)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:1190",
"url": "https://access.redhat.com/errata/RHSA-2025:1190"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2310528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310528"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_1190.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenStack Platform 17.1 (etcd) security update",
"tracking": {
"current_release_date": "2026-07-01T14:00:08+00:00",
"generator": {
"date": "2026-07-01T14:00:08+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2025:1190",
"initial_release_date": "2025-02-10T01:06:42+00:00",
"revision_history": [
{
"date": "2025-02-10T01:06:42+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-02-10T01:06:42+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-01T14:00:08+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenStack Platform 17.1",
"product": {
"name": "Red Hat OpenStack Platform 17.1",
"product_id": "9Base-RHOS-17.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openstack:17.1::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenStack Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "etcd-0:3.4.26-9.1.el9ost.src",
"product": {
"name": "etcd-0:3.4.26-9.1.el9ost.src",
"product_id": "etcd-0:3.4.26-9.1.el9ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/etcd@3.4.26-9.1.el9ost?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "etcd-0:3.4.26-9.1.el9ost.x86_64",
"product": {
"name": "etcd-0:3.4.26-9.1.el9ost.x86_64",
"product_id": "etcd-0:3.4.26-9.1.el9ost.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/etcd@3.4.26-9.1.el9ost?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "etcd-debugsource-0:3.4.26-9.1.el9ost.x86_64",
"product": {
"name": "etcd-debugsource-0:3.4.26-9.1.el9ost.x86_64",
"product_id": "etcd-debugsource-0:3.4.26-9.1.el9ost.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/etcd-debugsource@3.4.26-9.1.el9ost?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "etcd-debuginfo-0:3.4.26-9.1.el9ost.x86_64",
"product": {
"name": "etcd-debuginfo-0:3.4.26-9.1.el9ost.x86_64",
"product_id": "etcd-debuginfo-0:3.4.26-9.1.el9ost.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/etcd-debuginfo@3.4.26-9.1.el9ost?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "etcd-0:3.4.26-9.1.el9ost.src as a component of Red Hat OpenStack Platform 17.1",
"product_id": "9Base-RHOS-17.1:etcd-0:3.4.26-9.1.el9ost.src"
},
"product_reference": "etcd-0:3.4.26-9.1.el9ost.src",
"relates_to_product_reference": "9Base-RHOS-17.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcd-0:3.4.26-9.1.el9ost.x86_64 as a component of Red Hat OpenStack Platform 17.1",
"product_id": "9Base-RHOS-17.1:etcd-0:3.4.26-9.1.el9ost.x86_64"
},
"product_reference": "etcd-0:3.4.26-9.1.el9ost.x86_64",
"relates_to_product_reference": "9Base-RHOS-17.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcd-debuginfo-0:3.4.26-9.1.el9ost.x86_64 as a component of Red Hat OpenStack Platform 17.1",
"product_id": "9Base-RHOS-17.1:etcd-debuginfo-0:3.4.26-9.1.el9ost.x86_64"
},
"product_reference": "etcd-debuginfo-0:3.4.26-9.1.el9ost.x86_64",
"relates_to_product_reference": "9Base-RHOS-17.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcd-debugsource-0:3.4.26-9.1.el9ost.x86_64 as a component of Red Hat OpenStack Platform 17.1",
"product_id": "9Base-RHOS-17.1:etcd-debugsource-0:3.4.26-9.1.el9ost.x86_64"
},
"product_reference": "etcd-debugsource-0:3.4.26-9.1.el9ost.x86_64",
"relates_to_product_reference": "9Base-RHOS-17.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-34156",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2024-09-06T21:20:09.377905+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310528"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in Go\u0027s `encoding/gob` package is of high severity because it exposes applications to potential Denial of Service (DoS) attacks through stack exhaustion. Since `gob` relies on recursive function calls to decode nested structures, an attacker could exploit this by sending crafted messages with excessively deep nesting, causing the application to panic due to stack overflow. This risk is particularly important in scenarios where untrusted or external input is processed, as it can lead to system unavailability or crashes, undermining the reliability and availability of services.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOS-17.1:etcd-0:3.4.26-9.1.el9ost.src",
"9Base-RHOS-17.1:etcd-0:3.4.26-9.1.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debuginfo-0:3.4.26-9.1.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debugsource-0:3.4.26-9.1.el9ost.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-34156"
},
{
"category": "external",
"summary": "RHBZ#2310528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310528"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-34156",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34156"
},
{
"category": "external",
"summary": "https://go.dev/cl/611239",
"url": "https://go.dev/cl/611239"
},
{
"category": "external",
"summary": "https://go.dev/issue/69139",
"url": "https://go.dev/issue/69139"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk",
"url": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3106",
"url": "https://pkg.go.dev/vuln/GO-2024-3106"
}
],
"release_date": "2024-09-06T21:15:12.020000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-02-10T01:06:42+00:00",
"details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHOS-17.1:etcd-0:3.4.26-9.1.el9ost.src",
"9Base-RHOS-17.1:etcd-0:3.4.26-9.1.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debuginfo-0:3.4.26-9.1.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debugsource-0:3.4.26-9.1.el9ost.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:1190"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHOS-17.1:etcd-0:3.4.26-9.1.el9ost.src",
"9Base-RHOS-17.1:etcd-0:3.4.26-9.1.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debuginfo-0:3.4.26-9.1.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debugsource-0:3.4.26-9.1.el9ost.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHOS-17.1:etcd-0:3.4.26-9.1.el9ost.src",
"9Base-RHOS-17.1:etcd-0:3.4.26-9.1.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debuginfo-0:3.4.26-9.1.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debugsource-0:3.4.26-9.1.el9ost.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion"
}
]
}
RHSA-2025:22182
Vulnerability from csaf_redhat - Published: 2025-11-26 14:52 - Updated: 2026-07-01 14:46A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:073d670f841132b02663a58c8eca5f6dce09f3233d8d3a6d2d55de2e78374b6c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:2837c7bcbf44311879e67be1642b3e4e3c328da0ff138ae7def975cb169f4e03_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:98918dfb471d2c25a93a31830e308d32ba84057021c4b9312346b3f534ea0ec8_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:9dd90fe106a4c25b245ef65a66d082d3addb28a06606f7a38cb12e7e35b00ce8_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:4d10cbc5518e4e6d5d2a8fc6a15afe3526865df26eaa95e265a3ece624b31e90_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:7541bf72daac1e784b5194b9c564fbc66831c6633aa7dd8eae3a7bd0c358c27e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9eab1ead869fc65a1d3e0dd482f409f954d68361be09b230aff8d399970790de_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:fb19f8197c0b403cb25287b23e19230d986f0bd45c920672dea1bf532cabe52d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:8b475114a5f77f7c041509a30246769a5f9064510724c8fc99ac29164dc3a0bb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:892bee6e3214a69b8924f840b69a55ac0c8d66443bf042cfa88c13766bd8dce3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa126c3f4865a2a62cba2734110418c865aa2d32f38147c056732e53fc593715_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b9889747f06f6fe48cd1a79aaf6dcafcf6a9cdd2d2ad986fb10da3f2a51c103b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f55014b7e95512e2dcad9ebde4d36a39e136093ed22fc3436e66cf9b34091999_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:086f08c9878414065d1ccd65caaf2609aba4d6aa9656f4a0387134ffda0b231d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:27cd6dee034e7eaafa86c955d119b86b8454b8721131ba870a534dacae48653e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:69a3b67246d2fe32b1a1a6d726086ebd5a5f37c1ccc3c0e0021562d83caea21a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a4cb517edd5c5a6bf9766e1fdbd9226ffce969000dc6a8070dba193299f467a9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:55679b420af4e99bffa2ac83979bfaeb18fa2e88999be01dbb00b5912dad6f57_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:826d18a3ecd4df0c8a8d67844677b394d1f86f365141c08cda8ce0eda78f3132_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d007cac747d974c476392a703abe053dcee0603dfc0836d180175a1e2180c02b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:f5e49246468aeaf92745e513e66224698e6a280a76a129ba91f7c41fd0be1225_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:64bad8b3369eeac99384b41984e32c85e8fdee2ae32282ca2d8e4df8b9d36df5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:74b4b594ffab3b29043c45163245df4f47aa0dea982dcac7474f09a0f6329f24_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a97741941ab1688bec159eef3918cfceaab47263a1ff0871588cde2a16f39c27_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c0fdf2c449051a44ffbdd7794c4fd6c3d6892ad7d1e30ec9e72c97ae34053127_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d86d94c67d42f5ca58f0ea102f74499cbbd0abd0f0d4bab039557981c8c18363_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:76db6178b69a489a215a5aeb295530fe6dd35210d353103139b4c5a4bfc05565_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:cb10c70bfb9d8dc3f7bc75506901cd84af0cd11e21883f78d651838eaa83c16c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:f5047f7dea7825a5d0ad7323f433af0ce17fea83d1d3861372edd682584bb30e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:f8c677a9fc5a608bc6c1848db7e3ff906ea93cb9cbc92af3d574c3158b2af668_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:fe48d48bb338329da213a0a21d2ac706b4b731593f154d554bfd420ad21a2912_arm64 | — |
Workaround
|
A flaw was found in the x/crypto/ssh go library. Applications and libraries that misuse the ServerConfig.PublicKeyCallback callback may be susceptible to an authorization bypass. For example, an attacker may send public keys A and B and authenticate with A. PublicKeyCallback would be called only twice, first with A and then with B. A vulnerable application may then make authorization decisions based on key B, for which the attacker does not control the private key. The misuse of ServerConfig.PublicKeyCallback may cause an authorization bypass.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:073d670f841132b02663a58c8eca5f6dce09f3233d8d3a6d2d55de2e78374b6c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:2837c7bcbf44311879e67be1642b3e4e3c328da0ff138ae7def975cb169f4e03_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:98918dfb471d2c25a93a31830e308d32ba84057021c4b9312346b3f534ea0ec8_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:9dd90fe106a4c25b245ef65a66d082d3addb28a06606f7a38cb12e7e35b00ce8_s390x | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:4d10cbc5518e4e6d5d2a8fc6a15afe3526865df26eaa95e265a3ece624b31e90_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:7541bf72daac1e784b5194b9c564fbc66831c6633aa7dd8eae3a7bd0c358c27e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9eab1ead869fc65a1d3e0dd482f409f954d68361be09b230aff8d399970790de_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:fb19f8197c0b403cb25287b23e19230d986f0bd45c920672dea1bf532cabe52d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:8b475114a5f77f7c041509a30246769a5f9064510724c8fc99ac29164dc3a0bb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:892bee6e3214a69b8924f840b69a55ac0c8d66443bf042cfa88c13766bd8dce3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa126c3f4865a2a62cba2734110418c865aa2d32f38147c056732e53fc593715_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b9889747f06f6fe48cd1a79aaf6dcafcf6a9cdd2d2ad986fb10da3f2a51c103b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f55014b7e95512e2dcad9ebde4d36a39e136093ed22fc3436e66cf9b34091999_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:086f08c9878414065d1ccd65caaf2609aba4d6aa9656f4a0387134ffda0b231d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:27cd6dee034e7eaafa86c955d119b86b8454b8721131ba870a534dacae48653e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:69a3b67246d2fe32b1a1a6d726086ebd5a5f37c1ccc3c0e0021562d83caea21a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a4cb517edd5c5a6bf9766e1fdbd9226ffce969000dc6a8070dba193299f467a9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:55679b420af4e99bffa2ac83979bfaeb18fa2e88999be01dbb00b5912dad6f57_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:826d18a3ecd4df0c8a8d67844677b394d1f86f365141c08cda8ce0eda78f3132_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d007cac747d974c476392a703abe053dcee0603dfc0836d180175a1e2180c02b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:f5e49246468aeaf92745e513e66224698e6a280a76a129ba91f7c41fd0be1225_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:64bad8b3369eeac99384b41984e32c85e8fdee2ae32282ca2d8e4df8b9d36df5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:74b4b594ffab3b29043c45163245df4f47aa0dea982dcac7474f09a0f6329f24_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a97741941ab1688bec159eef3918cfceaab47263a1ff0871588cde2a16f39c27_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c0fdf2c449051a44ffbdd7794c4fd6c3d6892ad7d1e30ec9e72c97ae34053127_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d86d94c67d42f5ca58f0ea102f74499cbbd0abd0f0d4bab039557981c8c18363_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:76db6178b69a489a215a5aeb295530fe6dd35210d353103139b4c5a4bfc05565_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:cb10c70bfb9d8dc3f7bc75506901cd84af0cd11e21883f78d651838eaa83c16c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:f5047f7dea7825a5d0ad7323f433af0ce17fea83d1d3861372edd682584bb30e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:f8c677a9fc5a608bc6c1848db7e3ff906ea93cb9cbc92af3d574c3158b2af668_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:fe48d48bb338329da213a0a21d2ac706b4b731593f154d554bfd420ad21a2912_arm64 | — |
Workaround
|
A flaw was found in golang.org/x/net/html. This flaw allows an attacker to craft input to the parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This issue can cause a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:073d670f841132b02663a58c8eca5f6dce09f3233d8d3a6d2d55de2e78374b6c_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:2837c7bcbf44311879e67be1642b3e4e3c328da0ff138ae7def975cb169f4e03_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:98918dfb471d2c25a93a31830e308d32ba84057021c4b9312346b3f534ea0ec8_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:9dd90fe106a4c25b245ef65a66d082d3addb28a06606f7a38cb12e7e35b00ce8_s390x | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:4d10cbc5518e4e6d5d2a8fc6a15afe3526865df26eaa95e265a3ece624b31e90_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:7541bf72daac1e784b5194b9c564fbc66831c6633aa7dd8eae3a7bd0c358c27e_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9eab1ead869fc65a1d3e0dd482f409f954d68361be09b230aff8d399970790de_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:fb19f8197c0b403cb25287b23e19230d986f0bd45c920672dea1bf532cabe52d_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:8b475114a5f77f7c041509a30246769a5f9064510724c8fc99ac29164dc3a0bb_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:892bee6e3214a69b8924f840b69a55ac0c8d66443bf042cfa88c13766bd8dce3_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa126c3f4865a2a62cba2734110418c865aa2d32f38147c056732e53fc593715_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b9889747f06f6fe48cd1a79aaf6dcafcf6a9cdd2d2ad986fb10da3f2a51c103b_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f55014b7e95512e2dcad9ebde4d36a39e136093ed22fc3436e66cf9b34091999_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:086f08c9878414065d1ccd65caaf2609aba4d6aa9656f4a0387134ffda0b231d_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:27cd6dee034e7eaafa86c955d119b86b8454b8721131ba870a534dacae48653e_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:69a3b67246d2fe32b1a1a6d726086ebd5a5f37c1ccc3c0e0021562d83caea21a_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a4cb517edd5c5a6bf9766e1fdbd9226ffce969000dc6a8070dba193299f467a9_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:55679b420af4e99bffa2ac83979bfaeb18fa2e88999be01dbb00b5912dad6f57_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:826d18a3ecd4df0c8a8d67844677b394d1f86f365141c08cda8ce0eda78f3132_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d007cac747d974c476392a703abe053dcee0603dfc0836d180175a1e2180c02b_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:f5e49246468aeaf92745e513e66224698e6a280a76a129ba91f7c41fd0be1225_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:64bad8b3369eeac99384b41984e32c85e8fdee2ae32282ca2d8e4df8b9d36df5_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:74b4b594ffab3b29043c45163245df4f47aa0dea982dcac7474f09a0f6329f24_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a97741941ab1688bec159eef3918cfceaab47263a1ff0871588cde2a16f39c27_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c0fdf2c449051a44ffbdd7794c4fd6c3d6892ad7d1e30ec9e72c97ae34053127_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d86d94c67d42f5ca58f0ea102f74499cbbd0abd0f0d4bab039557981c8c18363_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:76db6178b69a489a215a5aeb295530fe6dd35210d353103139b4c5a4bfc05565_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:cb10c70bfb9d8dc3f7bc75506901cd84af0cd11e21883f78d651838eaa83c16c_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:f5047f7dea7825a5d0ad7323f433af0ce17fea83d1d3861372edd682584bb30e_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:f8c677a9fc5a608bc6c1848db7e3ff906ea93cb9cbc92af3d574c3158b2af668_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:fe48d48bb338329da213a0a21d2ac706b4b731593f154d554bfd420ad21a2912_arm64 | — |
Authlib’s JWS verification accepts tokens that declare unknown critical header parameters (crit), violating RFC 7515 “must‑understand” semantics. An attacker can craft a signed token with a critical header (for example, bork or cnf) that strict verifiers reject but Authlib accepts. In mixed‑language fleets, this enables split‑brain verification and can lead to policy bypass, replay, or privilege escalation.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:cb10c70bfb9d8dc3f7bc75506901cd84af0cd11e21883f78d651838eaa83c16c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:f5047f7dea7825a5d0ad7323f433af0ce17fea83d1d3861372edd682584bb30e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:f8c677a9fc5a608bc6c1848db7e3ff906ea93cb9cbc92af3d574c3158b2af668_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:fe48d48bb338329da213a0a21d2ac706b4b731593f154d554bfd420ad21a2912_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:4d10cbc5518e4e6d5d2a8fc6a15afe3526865df26eaa95e265a3ece624b31e90_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:7541bf72daac1e784b5194b9c564fbc66831c6633aa7dd8eae3a7bd0c358c27e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9eab1ead869fc65a1d3e0dd482f409f954d68361be09b230aff8d399970790de_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:fb19f8197c0b403cb25287b23e19230d986f0bd45c920672dea1bf532cabe52d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:8b475114a5f77f7c041509a30246769a5f9064510724c8fc99ac29164dc3a0bb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:892bee6e3214a69b8924f840b69a55ac0c8d66443bf042cfa88c13766bd8dce3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa126c3f4865a2a62cba2734110418c865aa2d32f38147c056732e53fc593715_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b9889747f06f6fe48cd1a79aaf6dcafcf6a9cdd2d2ad986fb10da3f2a51c103b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f55014b7e95512e2dcad9ebde4d36a39e136093ed22fc3436e66cf9b34091999_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:086f08c9878414065d1ccd65caaf2609aba4d6aa9656f4a0387134ffda0b231d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:27cd6dee034e7eaafa86c955d119b86b8454b8721131ba870a534dacae48653e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:69a3b67246d2fe32b1a1a6d726086ebd5a5f37c1ccc3c0e0021562d83caea21a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a4cb517edd5c5a6bf9766e1fdbd9226ffce969000dc6a8070dba193299f467a9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:55679b420af4e99bffa2ac83979bfaeb18fa2e88999be01dbb00b5912dad6f57_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:826d18a3ecd4df0c8a8d67844677b394d1f86f365141c08cda8ce0eda78f3132_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d007cac747d974c476392a703abe053dcee0603dfc0836d180175a1e2180c02b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:f5e49246468aeaf92745e513e66224698e6a280a76a129ba91f7c41fd0be1225_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:64bad8b3369eeac99384b41984e32c85e8fdee2ae32282ca2d8e4df8b9d36df5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:74b4b594ffab3b29043c45163245df4f47aa0dea982dcac7474f09a0f6329f24_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a97741941ab1688bec159eef3918cfceaab47263a1ff0871588cde2a16f39c27_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c0fdf2c449051a44ffbdd7794c4fd6c3d6892ad7d1e30ec9e72c97ae34053127_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d86d94c67d42f5ca58f0ea102f74499cbbd0abd0f0d4bab039557981c8c18363_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:76db6178b69a489a215a5aeb295530fe6dd35210d353103139b4c5a4bfc05565_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:073d670f841132b02663a58c8eca5f6dce09f3233d8d3a6d2d55de2e78374b6c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:2837c7bcbf44311879e67be1642b3e4e3c328da0ff138ae7def975cb169f4e03_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:98918dfb471d2c25a93a31830e308d32ba84057021c4b9312346b3f534ea0ec8_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:9dd90fe106a4c25b245ef65a66d082d3addb28a06606f7a38cb12e7e35b00ce8_s390x | — |
Workaround
|
A denial of service flaw has been discovered in the python Authlib package. Authlib’s JOSE implementation accepts unbounded JWS/JWT header and signature segments. A remote attacker can craft a token whose base64url‑encoded header or signature spans hundreds of megabytes. During verification, Authlib decodes and parses the full input before it is rejected, driving CPU and memory consumption to hostile levels and enabling denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:cb10c70bfb9d8dc3f7bc75506901cd84af0cd11e21883f78d651838eaa83c16c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:f5047f7dea7825a5d0ad7323f433af0ce17fea83d1d3861372edd682584bb30e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:f8c677a9fc5a608bc6c1848db7e3ff906ea93cb9cbc92af3d574c3158b2af668_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:fe48d48bb338329da213a0a21d2ac706b4b731593f154d554bfd420ad21a2912_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:4d10cbc5518e4e6d5d2a8fc6a15afe3526865df26eaa95e265a3ece624b31e90_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:7541bf72daac1e784b5194b9c564fbc66831c6633aa7dd8eae3a7bd0c358c27e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9eab1ead869fc65a1d3e0dd482f409f954d68361be09b230aff8d399970790de_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:fb19f8197c0b403cb25287b23e19230d986f0bd45c920672dea1bf532cabe52d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:8b475114a5f77f7c041509a30246769a5f9064510724c8fc99ac29164dc3a0bb_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:892bee6e3214a69b8924f840b69a55ac0c8d66443bf042cfa88c13766bd8dce3_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa126c3f4865a2a62cba2734110418c865aa2d32f38147c056732e53fc593715_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b9889747f06f6fe48cd1a79aaf6dcafcf6a9cdd2d2ad986fb10da3f2a51c103b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f55014b7e95512e2dcad9ebde4d36a39e136093ed22fc3436e66cf9b34091999_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:086f08c9878414065d1ccd65caaf2609aba4d6aa9656f4a0387134ffda0b231d_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:27cd6dee034e7eaafa86c955d119b86b8454b8721131ba870a534dacae48653e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:69a3b67246d2fe32b1a1a6d726086ebd5a5f37c1ccc3c0e0021562d83caea21a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a4cb517edd5c5a6bf9766e1fdbd9226ffce969000dc6a8070dba193299f467a9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:55679b420af4e99bffa2ac83979bfaeb18fa2e88999be01dbb00b5912dad6f57_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:826d18a3ecd4df0c8a8d67844677b394d1f86f365141c08cda8ce0eda78f3132_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d007cac747d974c476392a703abe053dcee0603dfc0836d180175a1e2180c02b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:f5e49246468aeaf92745e513e66224698e6a280a76a129ba91f7c41fd0be1225_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:64bad8b3369eeac99384b41984e32c85e8fdee2ae32282ca2d8e4df8b9d36df5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:74b4b594ffab3b29043c45163245df4f47aa0dea982dcac7474f09a0f6329f24_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a97741941ab1688bec159eef3918cfceaab47263a1ff0871588cde2a16f39c27_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c0fdf2c449051a44ffbdd7794c4fd6c3d6892ad7d1e30ec9e72c97ae34053127_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d86d94c67d42f5ca58f0ea102f74499cbbd0abd0f0d4bab039557981c8c18363_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:76db6178b69a489a215a5aeb295530fe6dd35210d353103139b4c5a4bfc05565_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:073d670f841132b02663a58c8eca5f6dce09f3233d8d3a6d2d55de2e78374b6c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:2837c7bcbf44311879e67be1642b3e4e3c328da0ff138ae7def975cb169f4e03_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:98918dfb471d2c25a93a31830e308d32ba84057021c4b9312346b3f534ea0ec8_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:9dd90fe106a4c25b245ef65a66d082d3addb28a06606f7a38cb12e7e35b00ce8_s390x | — |
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat Quay 3.10.16 is now available with bug fixes.",
"title": "Topic"
},
{
"category": "general",
"text": "Quay 3.10.16",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:22182",
"url": "https://access.redhat.com/errata/RHSA-2025:22182"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-34156",
"url": "https://access.redhat.com/security/cve/CVE-2024-34156"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-45337",
"url": "https://access.redhat.com/security/cve/CVE-2024-45337"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-45338",
"url": "https://access.redhat.com/security/cve/CVE-2024-45338"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-59420",
"url": "https://access.redhat.com/security/cve/CVE-2025-59420"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61920",
"url": "https://access.redhat.com/security/cve/CVE-2025-61920"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_22182.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Quay 3.10.16",
"tracking": {
"current_release_date": "2026-07-01T14:46:57+00:00",
"generator": {
"date": "2026-07-01T14:46:57+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2025:22182",
"initial_release_date": "2025-11-26T14:52:57+00:00",
"revision_history": [
{
"date": "2025-11-26T14:52:57+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-11-26T14:53:02+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-01T14:46:57+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Quay 3.10",
"product": {
"name": "Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:quay:3.10::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Quay"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:64bad8b3369eeac99384b41984e32c85e8fdee2ae32282ca2d8e4df8b9d36df5_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:64bad8b3369eeac99384b41984e32c85e8fdee2ae32282ca2d8e4df8b9d36df5_amd64",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:64bad8b3369eeac99384b41984e32c85e8fdee2ae32282ca2d8e4df8b9d36df5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-bundle@sha256%3A64bad8b3369eeac99384b41984e32c85e8fdee2ae32282ca2d8e4df8b9d36df5?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=3.10.17-1764168428"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d86d94c67d42f5ca58f0ea102f74499cbbd0abd0f0d4bab039557981c8c18363_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d86d94c67d42f5ca58f0ea102f74499cbbd0abd0f0d4bab039557981c8c18363_amd64",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d86d94c67d42f5ca58f0ea102f74499cbbd0abd0f0d4bab039557981c8c18363_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3Ad86d94c67d42f5ca58f0ea102f74499cbbd0abd0f0d4bab039557981c8c18363?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=3.10.17-1764168428"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:8b475114a5f77f7c041509a30246769a5f9064510724c8fc99ac29164dc3a0bb_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:8b475114a5f77f7c041509a30246769a5f9064510724c8fc99ac29164dc3a0bb_amd64",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:8b475114a5f77f7c041509a30246769a5f9064510724c8fc99ac29164dc3a0bb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-bundle@sha256%3A8b475114a5f77f7c041509a30246769a5f9064510724c8fc99ac29164dc3a0bb?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=3.10.17-1764168428"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa126c3f4865a2a62cba2734110418c865aa2d32f38147c056732e53fc593715_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa126c3f4865a2a62cba2734110418c865aa2d32f38147c056732e53fc593715_amd64",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa126c3f4865a2a62cba2734110418c865aa2d32f38147c056732e53fc593715_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3Aaa126c3f4865a2a62cba2734110418c865aa2d32f38147c056732e53fc593715?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=3.10.17-1764168428"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:69a3b67246d2fe32b1a1a6d726086ebd5a5f37c1ccc3c0e0021562d83caea21a_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:69a3b67246d2fe32b1a1a6d726086ebd5a5f37c1ccc3c0e0021562d83caea21a_amd64",
"product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:69a3b67246d2fe32b1a1a6d726086ebd5a5f37c1ccc3c0e0021562d83caea21a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3A69a3b67246d2fe32b1a1a6d726086ebd5a5f37c1ccc3c0e0021562d83caea21a?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=3.14-1764168428"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:d007cac747d974c476392a703abe053dcee0603dfc0836d180175a1e2180c02b_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:d007cac747d974c476392a703abe053dcee0603dfc0836d180175a1e2180c02b_amd64",
"product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:d007cac747d974c476392a703abe053dcee0603dfc0836d180175a1e2180c02b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel8@sha256%3Ad007cac747d974c476392a703abe053dcee0603dfc0836d180175a1e2180c02b?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=8.10-1764168428"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel8@sha256:4d10cbc5518e4e6d5d2a8fc6a15afe3526865df26eaa95e265a3ece624b31e90_amd64",
"product": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:4d10cbc5518e4e6d5d2a8fc6a15afe3526865df26eaa95e265a3ece624b31e90_amd64",
"product_id": "registry.redhat.io/quay/clair-rhel8@sha256:4d10cbc5518e4e6d5d2a8fc6a15afe3526865df26eaa95e265a3ece624b31e90_amd64",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel8@sha256%3A4d10cbc5518e4e6d5d2a8fc6a15afe3526865df26eaa95e265a3ece624b31e90?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=v3.10.16-1764168428"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:76db6178b69a489a215a5aeb295530fe6dd35210d353103139b4c5a4bfc05565_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:76db6178b69a489a215a5aeb295530fe6dd35210d353103139b4c5a4bfc05565_amd64",
"product_id": "registry.redhat.io/quay/quay-operator-bundle@sha256:76db6178b69a489a215a5aeb295530fe6dd35210d353103139b4c5a4bfc05565_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-bundle@sha256%3A76db6178b69a489a215a5aeb295530fe6dd35210d353103139b4c5a4bfc05565?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=3.10.17-1764168428"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:073d670f841132b02663a58c8eca5f6dce09f3233d8d3a6d2d55de2e78374b6c_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:073d670f841132b02663a58c8eca5f6dce09f3233d8d3a6d2d55de2e78374b6c_amd64",
"product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:073d670f841132b02663a58c8eca5f6dce09f3233d8d3a6d2d55de2e78374b6c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel8@sha256%3A073d670f841132b02663a58c8eca5f6dce09f3233d8d3a6d2d55de2e78374b6c?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=3.10.17-1764168428"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel8@sha256:cb10c70bfb9d8dc3f7bc75506901cd84af0cd11e21883f78d651838eaa83c16c_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:cb10c70bfb9d8dc3f7bc75506901cd84af0cd11e21883f78d651838eaa83c16c_amd64",
"product_id": "registry.redhat.io/quay/quay-rhel8@sha256:cb10c70bfb9d8dc3f7bc75506901cd84af0cd11e21883f78d651838eaa83c16c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8@sha256%3Acb10c70bfb9d8dc3f7bc75506901cd84af0cd11e21883f78d651838eaa83c16c?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=3.10.17-1764168428"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c0fdf2c449051a44ffbdd7794c4fd6c3d6892ad7d1e30ec9e72c97ae34053127_arm64",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c0fdf2c449051a44ffbdd7794c4fd6c3d6892ad7d1e30ec9e72c97ae34053127_arm64",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c0fdf2c449051a44ffbdd7794c4fd6c3d6892ad7d1e30ec9e72c97ae34053127_arm64",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3Ac0fdf2c449051a44ffbdd7794c4fd6c3d6892ad7d1e30ec9e72c97ae34053127?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=3.10.17-1764168428"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f55014b7e95512e2dcad9ebde4d36a39e136093ed22fc3436e66cf9b34091999_arm64",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f55014b7e95512e2dcad9ebde4d36a39e136093ed22fc3436e66cf9b34091999_arm64",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f55014b7e95512e2dcad9ebde4d36a39e136093ed22fc3436e66cf9b34091999_arm64",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3Af55014b7e95512e2dcad9ebde4d36a39e136093ed22fc3436e66cf9b34091999?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=3.10.17-1764168428"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a4cb517edd5c5a6bf9766e1fdbd9226ffce969000dc6a8070dba193299f467a9_arm64",
"product": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a4cb517edd5c5a6bf9766e1fdbd9226ffce969000dc6a8070dba193299f467a9_arm64",
"product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a4cb517edd5c5a6bf9766e1fdbd9226ffce969000dc6a8070dba193299f467a9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3Aa4cb517edd5c5a6bf9766e1fdbd9226ffce969000dc6a8070dba193299f467a9?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=3.14-1764168428"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:55679b420af4e99bffa2ac83979bfaeb18fa2e88999be01dbb00b5912dad6f57_arm64",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:55679b420af4e99bffa2ac83979bfaeb18fa2e88999be01dbb00b5912dad6f57_arm64",
"product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:55679b420af4e99bffa2ac83979bfaeb18fa2e88999be01dbb00b5912dad6f57_arm64",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel8@sha256%3A55679b420af4e99bffa2ac83979bfaeb18fa2e88999be01dbb00b5912dad6f57?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=8.10-1764168428"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel8@sha256:9eab1ead869fc65a1d3e0dd482f409f954d68361be09b230aff8d399970790de_arm64",
"product": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:9eab1ead869fc65a1d3e0dd482f409f954d68361be09b230aff8d399970790de_arm64",
"product_id": "registry.redhat.io/quay/clair-rhel8@sha256:9eab1ead869fc65a1d3e0dd482f409f954d68361be09b230aff8d399970790de_arm64",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel8@sha256%3A9eab1ead869fc65a1d3e0dd482f409f954d68361be09b230aff8d399970790de?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=v3.10.16-1764168428"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:98918dfb471d2c25a93a31830e308d32ba84057021c4b9312346b3f534ea0ec8_arm64",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:98918dfb471d2c25a93a31830e308d32ba84057021c4b9312346b3f534ea0ec8_arm64",
"product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:98918dfb471d2c25a93a31830e308d32ba84057021c4b9312346b3f534ea0ec8_arm64",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel8@sha256%3A98918dfb471d2c25a93a31830e308d32ba84057021c4b9312346b3f534ea0ec8?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=3.10.17-1764168428"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel8@sha256:fe48d48bb338329da213a0a21d2ac706b4b731593f154d554bfd420ad21a2912_arm64",
"product": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:fe48d48bb338329da213a0a21d2ac706b4b731593f154d554bfd420ad21a2912_arm64",
"product_id": "registry.redhat.io/quay/quay-rhel8@sha256:fe48d48bb338329da213a0a21d2ac706b4b731593f154d554bfd420ad21a2912_arm64",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8@sha256%3Afe48d48bb338329da213a0a21d2ac706b4b731593f154d554bfd420ad21a2912?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=3.10.17-1764168428"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a97741941ab1688bec159eef3918cfceaab47263a1ff0871588cde2a16f39c27_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a97741941ab1688bec159eef3918cfceaab47263a1ff0871588cde2a16f39c27_ppc64le",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a97741941ab1688bec159eef3918cfceaab47263a1ff0871588cde2a16f39c27_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3Aa97741941ab1688bec159eef3918cfceaab47263a1ff0871588cde2a16f39c27?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=3.10.17-1764168428"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b9889747f06f6fe48cd1a79aaf6dcafcf6a9cdd2d2ad986fb10da3f2a51c103b_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b9889747f06f6fe48cd1a79aaf6dcafcf6a9cdd2d2ad986fb10da3f2a51c103b_ppc64le",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b9889747f06f6fe48cd1a79aaf6dcafcf6a9cdd2d2ad986fb10da3f2a51c103b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3Ab9889747f06f6fe48cd1a79aaf6dcafcf6a9cdd2d2ad986fb10da3f2a51c103b?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=3.10.17-1764168428"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:27cd6dee034e7eaafa86c955d119b86b8454b8721131ba870a534dacae48653e_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:27cd6dee034e7eaafa86c955d119b86b8454b8721131ba870a534dacae48653e_ppc64le",
"product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:27cd6dee034e7eaafa86c955d119b86b8454b8721131ba870a534dacae48653e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3A27cd6dee034e7eaafa86c955d119b86b8454b8721131ba870a534dacae48653e?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=3.14-1764168428"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:826d18a3ecd4df0c8a8d67844677b394d1f86f365141c08cda8ce0eda78f3132_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:826d18a3ecd4df0c8a8d67844677b394d1f86f365141c08cda8ce0eda78f3132_ppc64le",
"product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:826d18a3ecd4df0c8a8d67844677b394d1f86f365141c08cda8ce0eda78f3132_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel8@sha256%3A826d18a3ecd4df0c8a8d67844677b394d1f86f365141c08cda8ce0eda78f3132?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=8.10-1764168428"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel8@sha256:7541bf72daac1e784b5194b9c564fbc66831c6633aa7dd8eae3a7bd0c358c27e_ppc64le",
"product": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:7541bf72daac1e784b5194b9c564fbc66831c6633aa7dd8eae3a7bd0c358c27e_ppc64le",
"product_id": "registry.redhat.io/quay/clair-rhel8@sha256:7541bf72daac1e784b5194b9c564fbc66831c6633aa7dd8eae3a7bd0c358c27e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel8@sha256%3A7541bf72daac1e784b5194b9c564fbc66831c6633aa7dd8eae3a7bd0c358c27e?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=v3.10.16-1764168428"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:2837c7bcbf44311879e67be1642b3e4e3c328da0ff138ae7def975cb169f4e03_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:2837c7bcbf44311879e67be1642b3e4e3c328da0ff138ae7def975cb169f4e03_ppc64le",
"product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:2837c7bcbf44311879e67be1642b3e4e3c328da0ff138ae7def975cb169f4e03_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel8@sha256%3A2837c7bcbf44311879e67be1642b3e4e3c328da0ff138ae7def975cb169f4e03?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=3.10.17-1764168428"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel8@sha256:f5047f7dea7825a5d0ad7323f433af0ce17fea83d1d3861372edd682584bb30e_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:f5047f7dea7825a5d0ad7323f433af0ce17fea83d1d3861372edd682584bb30e_ppc64le",
"product_id": "registry.redhat.io/quay/quay-rhel8@sha256:f5047f7dea7825a5d0ad7323f433af0ce17fea83d1d3861372edd682584bb30e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8@sha256%3Af5047f7dea7825a5d0ad7323f433af0ce17fea83d1d3861372edd682584bb30e?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=3.10.17-1764168428"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:74b4b594ffab3b29043c45163245df4f47aa0dea982dcac7474f09a0f6329f24_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:74b4b594ffab3b29043c45163245df4f47aa0dea982dcac7474f09a0f6329f24_s390x",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:74b4b594ffab3b29043c45163245df4f47aa0dea982dcac7474f09a0f6329f24_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3A74b4b594ffab3b29043c45163245df4f47aa0dea982dcac7474f09a0f6329f24?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=3.10.17-1764168428"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:892bee6e3214a69b8924f840b69a55ac0c8d66443bf042cfa88c13766bd8dce3_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:892bee6e3214a69b8924f840b69a55ac0c8d66443bf042cfa88c13766bd8dce3_s390x",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:892bee6e3214a69b8924f840b69a55ac0c8d66443bf042cfa88c13766bd8dce3_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3A892bee6e3214a69b8924f840b69a55ac0c8d66443bf042cfa88c13766bd8dce3?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=3.10.17-1764168428"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:086f08c9878414065d1ccd65caaf2609aba4d6aa9656f4a0387134ffda0b231d_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:086f08c9878414065d1ccd65caaf2609aba4d6aa9656f4a0387134ffda0b231d_s390x",
"product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:086f08c9878414065d1ccd65caaf2609aba4d6aa9656f4a0387134ffda0b231d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3A086f08c9878414065d1ccd65caaf2609aba4d6aa9656f4a0387134ffda0b231d?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=3.14-1764168428"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:f5e49246468aeaf92745e513e66224698e6a280a76a129ba91f7c41fd0be1225_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:f5e49246468aeaf92745e513e66224698e6a280a76a129ba91f7c41fd0be1225_s390x",
"product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:f5e49246468aeaf92745e513e66224698e6a280a76a129ba91f7c41fd0be1225_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel8@sha256%3Af5e49246468aeaf92745e513e66224698e6a280a76a129ba91f7c41fd0be1225?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=8.10-1764168428"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel8@sha256:fb19f8197c0b403cb25287b23e19230d986f0bd45c920672dea1bf532cabe52d_s390x",
"product": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:fb19f8197c0b403cb25287b23e19230d986f0bd45c920672dea1bf532cabe52d_s390x",
"product_id": "registry.redhat.io/quay/clair-rhel8@sha256:fb19f8197c0b403cb25287b23e19230d986f0bd45c920672dea1bf532cabe52d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel8@sha256%3Afb19f8197c0b403cb25287b23e19230d986f0bd45c920672dea1bf532cabe52d?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=v3.10.16-1764168428"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:9dd90fe106a4c25b245ef65a66d082d3addb28a06606f7a38cb12e7e35b00ce8_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:9dd90fe106a4c25b245ef65a66d082d3addb28a06606f7a38cb12e7e35b00ce8_s390x",
"product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:9dd90fe106a4c25b245ef65a66d082d3addb28a06606f7a38cb12e7e35b00ce8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel8@sha256%3A9dd90fe106a4c25b245ef65a66d082d3addb28a06606f7a38cb12e7e35b00ce8?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=3.10.17-1764168428"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel8@sha256:f8c677a9fc5a608bc6c1848db7e3ff906ea93cb9cbc92af3d574c3158b2af668_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:f8c677a9fc5a608bc6c1848db7e3ff906ea93cb9cbc92af3d574c3158b2af668_s390x",
"product_id": "registry.redhat.io/quay/quay-rhel8@sha256:f8c677a9fc5a608bc6c1848db7e3ff906ea93cb9cbc92af3d574c3158b2af668_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8@sha256%3Af8c677a9fc5a608bc6c1848db7e3ff906ea93cb9cbc92af3d574c3158b2af668?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=3.10.17-1764168428"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:4d10cbc5518e4e6d5d2a8fc6a15afe3526865df26eaa95e265a3ece624b31e90_amd64 as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:4d10cbc5518e4e6d5d2a8fc6a15afe3526865df26eaa95e265a3ece624b31e90_amd64"
},
"product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:4d10cbc5518e4e6d5d2a8fc6a15afe3526865df26eaa95e265a3ece624b31e90_amd64",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:7541bf72daac1e784b5194b9c564fbc66831c6633aa7dd8eae3a7bd0c358c27e_ppc64le as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:7541bf72daac1e784b5194b9c564fbc66831c6633aa7dd8eae3a7bd0c358c27e_ppc64le"
},
"product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:7541bf72daac1e784b5194b9c564fbc66831c6633aa7dd8eae3a7bd0c358c27e_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:9eab1ead869fc65a1d3e0dd482f409f954d68361be09b230aff8d399970790de_arm64 as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9eab1ead869fc65a1d3e0dd482f409f954d68361be09b230aff8d399970790de_arm64"
},
"product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:9eab1ead869fc65a1d3e0dd482f409f954d68361be09b230aff8d399970790de_arm64",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:fb19f8197c0b403cb25287b23e19230d986f0bd45c920672dea1bf532cabe52d_s390x as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:fb19f8197c0b403cb25287b23e19230d986f0bd45c920672dea1bf532cabe52d_s390x"
},
"product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:fb19f8197c0b403cb25287b23e19230d986f0bd45c920672dea1bf532cabe52d_s390x",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:8b475114a5f77f7c041509a30246769a5f9064510724c8fc99ac29164dc3a0bb_amd64 as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:8b475114a5f77f7c041509a30246769a5f9064510724c8fc99ac29164dc3a0bb_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:8b475114a5f77f7c041509a30246769a5f9064510724c8fc99ac29164dc3a0bb_amd64",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:892bee6e3214a69b8924f840b69a55ac0c8d66443bf042cfa88c13766bd8dce3_s390x as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:892bee6e3214a69b8924f840b69a55ac0c8d66443bf042cfa88c13766bd8dce3_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:892bee6e3214a69b8924f840b69a55ac0c8d66443bf042cfa88c13766bd8dce3_s390x",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa126c3f4865a2a62cba2734110418c865aa2d32f38147c056732e53fc593715_amd64 as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa126c3f4865a2a62cba2734110418c865aa2d32f38147c056732e53fc593715_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa126c3f4865a2a62cba2734110418c865aa2d32f38147c056732e53fc593715_amd64",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b9889747f06f6fe48cd1a79aaf6dcafcf6a9cdd2d2ad986fb10da3f2a51c103b_ppc64le as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b9889747f06f6fe48cd1a79aaf6dcafcf6a9cdd2d2ad986fb10da3f2a51c103b_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b9889747f06f6fe48cd1a79aaf6dcafcf6a9cdd2d2ad986fb10da3f2a51c103b_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f55014b7e95512e2dcad9ebde4d36a39e136093ed22fc3436e66cf9b34091999_arm64 as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f55014b7e95512e2dcad9ebde4d36a39e136093ed22fc3436e66cf9b34091999_arm64"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f55014b7e95512e2dcad9ebde4d36a39e136093ed22fc3436e66cf9b34091999_arm64",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:086f08c9878414065d1ccd65caaf2609aba4d6aa9656f4a0387134ffda0b231d_s390x as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:086f08c9878414065d1ccd65caaf2609aba4d6aa9656f4a0387134ffda0b231d_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:086f08c9878414065d1ccd65caaf2609aba4d6aa9656f4a0387134ffda0b231d_s390x",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:27cd6dee034e7eaafa86c955d119b86b8454b8721131ba870a534dacae48653e_ppc64le as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:27cd6dee034e7eaafa86c955d119b86b8454b8721131ba870a534dacae48653e_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:27cd6dee034e7eaafa86c955d119b86b8454b8721131ba870a534dacae48653e_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:69a3b67246d2fe32b1a1a6d726086ebd5a5f37c1ccc3c0e0021562d83caea21a_amd64 as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:69a3b67246d2fe32b1a1a6d726086ebd5a5f37c1ccc3c0e0021562d83caea21a_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:69a3b67246d2fe32b1a1a6d726086ebd5a5f37c1ccc3c0e0021562d83caea21a_amd64",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a4cb517edd5c5a6bf9766e1fdbd9226ffce969000dc6a8070dba193299f467a9_arm64 as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a4cb517edd5c5a6bf9766e1fdbd9226ffce969000dc6a8070dba193299f467a9_arm64"
},
"product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a4cb517edd5c5a6bf9766e1fdbd9226ffce969000dc6a8070dba193299f467a9_arm64",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:55679b420af4e99bffa2ac83979bfaeb18fa2e88999be01dbb00b5912dad6f57_arm64 as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:55679b420af4e99bffa2ac83979bfaeb18fa2e88999be01dbb00b5912dad6f57_arm64"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:55679b420af4e99bffa2ac83979bfaeb18fa2e88999be01dbb00b5912dad6f57_arm64",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:826d18a3ecd4df0c8a8d67844677b394d1f86f365141c08cda8ce0eda78f3132_ppc64le as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:826d18a3ecd4df0c8a8d67844677b394d1f86f365141c08cda8ce0eda78f3132_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:826d18a3ecd4df0c8a8d67844677b394d1f86f365141c08cda8ce0eda78f3132_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:d007cac747d974c476392a703abe053dcee0603dfc0836d180175a1e2180c02b_amd64 as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d007cac747d974c476392a703abe053dcee0603dfc0836d180175a1e2180c02b_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:d007cac747d974c476392a703abe053dcee0603dfc0836d180175a1e2180c02b_amd64",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:f5e49246468aeaf92745e513e66224698e6a280a76a129ba91f7c41fd0be1225_s390x as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:f5e49246468aeaf92745e513e66224698e6a280a76a129ba91f7c41fd0be1225_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:f5e49246468aeaf92745e513e66224698e6a280a76a129ba91f7c41fd0be1225_s390x",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:64bad8b3369eeac99384b41984e32c85e8fdee2ae32282ca2d8e4df8b9d36df5_amd64 as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:64bad8b3369eeac99384b41984e32c85e8fdee2ae32282ca2d8e4df8b9d36df5_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:64bad8b3369eeac99384b41984e32c85e8fdee2ae32282ca2d8e4df8b9d36df5_amd64",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:74b4b594ffab3b29043c45163245df4f47aa0dea982dcac7474f09a0f6329f24_s390x as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:74b4b594ffab3b29043c45163245df4f47aa0dea982dcac7474f09a0f6329f24_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:74b4b594ffab3b29043c45163245df4f47aa0dea982dcac7474f09a0f6329f24_s390x",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a97741941ab1688bec159eef3918cfceaab47263a1ff0871588cde2a16f39c27_ppc64le as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a97741941ab1688bec159eef3918cfceaab47263a1ff0871588cde2a16f39c27_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a97741941ab1688bec159eef3918cfceaab47263a1ff0871588cde2a16f39c27_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c0fdf2c449051a44ffbdd7794c4fd6c3d6892ad7d1e30ec9e72c97ae34053127_arm64 as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c0fdf2c449051a44ffbdd7794c4fd6c3d6892ad7d1e30ec9e72c97ae34053127_arm64"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c0fdf2c449051a44ffbdd7794c4fd6c3d6892ad7d1e30ec9e72c97ae34053127_arm64",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d86d94c67d42f5ca58f0ea102f74499cbbd0abd0f0d4bab039557981c8c18363_amd64 as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d86d94c67d42f5ca58f0ea102f74499cbbd0abd0f0d4bab039557981c8c18363_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d86d94c67d42f5ca58f0ea102f74499cbbd0abd0f0d4bab039557981c8c18363_amd64",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:76db6178b69a489a215a5aeb295530fe6dd35210d353103139b4c5a4bfc05565_amd64 as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:76db6178b69a489a215a5aeb295530fe6dd35210d353103139b4c5a4bfc05565_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-operator-bundle@sha256:76db6178b69a489a215a5aeb295530fe6dd35210d353103139b4c5a4bfc05565_amd64",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:073d670f841132b02663a58c8eca5f6dce09f3233d8d3a6d2d55de2e78374b6c_amd64 as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:073d670f841132b02663a58c8eca5f6dce09f3233d8d3a6d2d55de2e78374b6c_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:073d670f841132b02663a58c8eca5f6dce09f3233d8d3a6d2d55de2e78374b6c_amd64",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:2837c7bcbf44311879e67be1642b3e4e3c328da0ff138ae7def975cb169f4e03_ppc64le as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:2837c7bcbf44311879e67be1642b3e4e3c328da0ff138ae7def975cb169f4e03_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:2837c7bcbf44311879e67be1642b3e4e3c328da0ff138ae7def975cb169f4e03_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:98918dfb471d2c25a93a31830e308d32ba84057021c4b9312346b3f534ea0ec8_arm64 as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:98918dfb471d2c25a93a31830e308d32ba84057021c4b9312346b3f534ea0ec8_arm64"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:98918dfb471d2c25a93a31830e308d32ba84057021c4b9312346b3f534ea0ec8_arm64",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:9dd90fe106a4c25b245ef65a66d082d3addb28a06606f7a38cb12e7e35b00ce8_s390x as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:9dd90fe106a4c25b245ef65a66d082d3addb28a06606f7a38cb12e7e35b00ce8_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:9dd90fe106a4c25b245ef65a66d082d3addb28a06606f7a38cb12e7e35b00ce8_s390x",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:cb10c70bfb9d8dc3f7bc75506901cd84af0cd11e21883f78d651838eaa83c16c_amd64 as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:cb10c70bfb9d8dc3f7bc75506901cd84af0cd11e21883f78d651838eaa83c16c_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:cb10c70bfb9d8dc3f7bc75506901cd84af0cd11e21883f78d651838eaa83c16c_amd64",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:f5047f7dea7825a5d0ad7323f433af0ce17fea83d1d3861372edd682584bb30e_ppc64le as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:f5047f7dea7825a5d0ad7323f433af0ce17fea83d1d3861372edd682584bb30e_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:f5047f7dea7825a5d0ad7323f433af0ce17fea83d1d3861372edd682584bb30e_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:f8c677a9fc5a608bc6c1848db7e3ff906ea93cb9cbc92af3d574c3158b2af668_s390x as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:f8c677a9fc5a608bc6c1848db7e3ff906ea93cb9cbc92af3d574c3158b2af668_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:f8c677a9fc5a608bc6c1848db7e3ff906ea93cb9cbc92af3d574c3158b2af668_s390x",
"relates_to_product_reference": "Red Hat Quay 3.10"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:fe48d48bb338329da213a0a21d2ac706b4b731593f154d554bfd420ad21a2912_arm64 as a component of Red Hat Quay 3.10",
"product_id": "Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:fe48d48bb338329da213a0a21d2ac706b4b731593f154d554bfd420ad21a2912_arm64"
},
"product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:fe48d48bb338329da213a0a21d2ac706b4b731593f154d554bfd420ad21a2912_arm64",
"relates_to_product_reference": "Red Hat Quay 3.10"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-34156",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2024-09-06T21:20:09.377905+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:4d10cbc5518e4e6d5d2a8fc6a15afe3526865df26eaa95e265a3ece624b31e90_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:7541bf72daac1e784b5194b9c564fbc66831c6633aa7dd8eae3a7bd0c358c27e_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9eab1ead869fc65a1d3e0dd482f409f954d68361be09b230aff8d399970790de_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:fb19f8197c0b403cb25287b23e19230d986f0bd45c920672dea1bf532cabe52d_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:8b475114a5f77f7c041509a30246769a5f9064510724c8fc99ac29164dc3a0bb_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:892bee6e3214a69b8924f840b69a55ac0c8d66443bf042cfa88c13766bd8dce3_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa126c3f4865a2a62cba2734110418c865aa2d32f38147c056732e53fc593715_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b9889747f06f6fe48cd1a79aaf6dcafcf6a9cdd2d2ad986fb10da3f2a51c103b_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f55014b7e95512e2dcad9ebde4d36a39e136093ed22fc3436e66cf9b34091999_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:086f08c9878414065d1ccd65caaf2609aba4d6aa9656f4a0387134ffda0b231d_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:27cd6dee034e7eaafa86c955d119b86b8454b8721131ba870a534dacae48653e_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:69a3b67246d2fe32b1a1a6d726086ebd5a5f37c1ccc3c0e0021562d83caea21a_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a4cb517edd5c5a6bf9766e1fdbd9226ffce969000dc6a8070dba193299f467a9_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:55679b420af4e99bffa2ac83979bfaeb18fa2e88999be01dbb00b5912dad6f57_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:826d18a3ecd4df0c8a8d67844677b394d1f86f365141c08cda8ce0eda78f3132_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d007cac747d974c476392a703abe053dcee0603dfc0836d180175a1e2180c02b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:f5e49246468aeaf92745e513e66224698e6a280a76a129ba91f7c41fd0be1225_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:64bad8b3369eeac99384b41984e32c85e8fdee2ae32282ca2d8e4df8b9d36df5_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:74b4b594ffab3b29043c45163245df4f47aa0dea982dcac7474f09a0f6329f24_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a97741941ab1688bec159eef3918cfceaab47263a1ff0871588cde2a16f39c27_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c0fdf2c449051a44ffbdd7794c4fd6c3d6892ad7d1e30ec9e72c97ae34053127_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d86d94c67d42f5ca58f0ea102f74499cbbd0abd0f0d4bab039557981c8c18363_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:76db6178b69a489a215a5aeb295530fe6dd35210d353103139b4c5a4bfc05565_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:cb10c70bfb9d8dc3f7bc75506901cd84af0cd11e21883f78d651838eaa83c16c_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:f5047f7dea7825a5d0ad7323f433af0ce17fea83d1d3861372edd682584bb30e_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:f8c677a9fc5a608bc6c1848db7e3ff906ea93cb9cbc92af3d574c3158b2af668_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:fe48d48bb338329da213a0a21d2ac706b4b731593f154d554bfd420ad21a2912_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310528"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in Go\u0027s `encoding/gob` package is of high severity because it exposes applications to potential Denial of Service (DoS) attacks through stack exhaustion. Since `gob` relies on recursive function calls to decode nested structures, an attacker could exploit this by sending crafted messages with excessively deep nesting, causing the application to panic due to stack overflow. This risk is particularly important in scenarios where untrusted or external input is processed, as it can lead to system unavailability or crashes, undermining the reliability and availability of services.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:073d670f841132b02663a58c8eca5f6dce09f3233d8d3a6d2d55de2e78374b6c_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:2837c7bcbf44311879e67be1642b3e4e3c328da0ff138ae7def975cb169f4e03_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:98918dfb471d2c25a93a31830e308d32ba84057021c4b9312346b3f534ea0ec8_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:9dd90fe106a4c25b245ef65a66d082d3addb28a06606f7a38cb12e7e35b00ce8_s390x"
],
"known_not_affected": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:4d10cbc5518e4e6d5d2a8fc6a15afe3526865df26eaa95e265a3ece624b31e90_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:7541bf72daac1e784b5194b9c564fbc66831c6633aa7dd8eae3a7bd0c358c27e_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9eab1ead869fc65a1d3e0dd482f409f954d68361be09b230aff8d399970790de_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:fb19f8197c0b403cb25287b23e19230d986f0bd45c920672dea1bf532cabe52d_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:8b475114a5f77f7c041509a30246769a5f9064510724c8fc99ac29164dc3a0bb_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:892bee6e3214a69b8924f840b69a55ac0c8d66443bf042cfa88c13766bd8dce3_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa126c3f4865a2a62cba2734110418c865aa2d32f38147c056732e53fc593715_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b9889747f06f6fe48cd1a79aaf6dcafcf6a9cdd2d2ad986fb10da3f2a51c103b_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f55014b7e95512e2dcad9ebde4d36a39e136093ed22fc3436e66cf9b34091999_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:086f08c9878414065d1ccd65caaf2609aba4d6aa9656f4a0387134ffda0b231d_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:27cd6dee034e7eaafa86c955d119b86b8454b8721131ba870a534dacae48653e_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:69a3b67246d2fe32b1a1a6d726086ebd5a5f37c1ccc3c0e0021562d83caea21a_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a4cb517edd5c5a6bf9766e1fdbd9226ffce969000dc6a8070dba193299f467a9_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:55679b420af4e99bffa2ac83979bfaeb18fa2e88999be01dbb00b5912dad6f57_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:826d18a3ecd4df0c8a8d67844677b394d1f86f365141c08cda8ce0eda78f3132_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d007cac747d974c476392a703abe053dcee0603dfc0836d180175a1e2180c02b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:f5e49246468aeaf92745e513e66224698e6a280a76a129ba91f7c41fd0be1225_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:64bad8b3369eeac99384b41984e32c85e8fdee2ae32282ca2d8e4df8b9d36df5_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:74b4b594ffab3b29043c45163245df4f47aa0dea982dcac7474f09a0f6329f24_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a97741941ab1688bec159eef3918cfceaab47263a1ff0871588cde2a16f39c27_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c0fdf2c449051a44ffbdd7794c4fd6c3d6892ad7d1e30ec9e72c97ae34053127_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d86d94c67d42f5ca58f0ea102f74499cbbd0abd0f0d4bab039557981c8c18363_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:76db6178b69a489a215a5aeb295530fe6dd35210d353103139b4c5a4bfc05565_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:cb10c70bfb9d8dc3f7bc75506901cd84af0cd11e21883f78d651838eaa83c16c_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:f5047f7dea7825a5d0ad7323f433af0ce17fea83d1d3861372edd682584bb30e_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:f8c677a9fc5a608bc6c1848db7e3ff906ea93cb9cbc92af3d574c3158b2af668_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:fe48d48bb338329da213a0a21d2ac706b4b731593f154d554bfd420ad21a2912_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-34156"
},
{
"category": "external",
"summary": "RHBZ#2310528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310528"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-34156",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34156"
},
{
"category": "external",
"summary": "https://go.dev/cl/611239",
"url": "https://go.dev/cl/611239"
},
{
"category": "external",
"summary": "https://go.dev/issue/69139",
"url": "https://go.dev/issue/69139"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk",
"url": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3106",
"url": "https://pkg.go.dev/vuln/GO-2024-3106"
}
],
"release_date": "2024-09-06T21:15:12.020000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-26T14:52:57+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:073d670f841132b02663a58c8eca5f6dce09f3233d8d3a6d2d55de2e78374b6c_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:2837c7bcbf44311879e67be1642b3e4e3c328da0ff138ae7def975cb169f4e03_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:98918dfb471d2c25a93a31830e308d32ba84057021c4b9312346b3f534ea0ec8_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:9dd90fe106a4c25b245ef65a66d082d3addb28a06606f7a38cb12e7e35b00ce8_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22182"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:4d10cbc5518e4e6d5d2a8fc6a15afe3526865df26eaa95e265a3ece624b31e90_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:7541bf72daac1e784b5194b9c564fbc66831c6633aa7dd8eae3a7bd0c358c27e_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9eab1ead869fc65a1d3e0dd482f409f954d68361be09b230aff8d399970790de_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:fb19f8197c0b403cb25287b23e19230d986f0bd45c920672dea1bf532cabe52d_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:8b475114a5f77f7c041509a30246769a5f9064510724c8fc99ac29164dc3a0bb_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:892bee6e3214a69b8924f840b69a55ac0c8d66443bf042cfa88c13766bd8dce3_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa126c3f4865a2a62cba2734110418c865aa2d32f38147c056732e53fc593715_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b9889747f06f6fe48cd1a79aaf6dcafcf6a9cdd2d2ad986fb10da3f2a51c103b_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f55014b7e95512e2dcad9ebde4d36a39e136093ed22fc3436e66cf9b34091999_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:086f08c9878414065d1ccd65caaf2609aba4d6aa9656f4a0387134ffda0b231d_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:27cd6dee034e7eaafa86c955d119b86b8454b8721131ba870a534dacae48653e_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:69a3b67246d2fe32b1a1a6d726086ebd5a5f37c1ccc3c0e0021562d83caea21a_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a4cb517edd5c5a6bf9766e1fdbd9226ffce969000dc6a8070dba193299f467a9_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:55679b420af4e99bffa2ac83979bfaeb18fa2e88999be01dbb00b5912dad6f57_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:826d18a3ecd4df0c8a8d67844677b394d1f86f365141c08cda8ce0eda78f3132_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d007cac747d974c476392a703abe053dcee0603dfc0836d180175a1e2180c02b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:f5e49246468aeaf92745e513e66224698e6a280a76a129ba91f7c41fd0be1225_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:64bad8b3369eeac99384b41984e32c85e8fdee2ae32282ca2d8e4df8b9d36df5_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:74b4b594ffab3b29043c45163245df4f47aa0dea982dcac7474f09a0f6329f24_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a97741941ab1688bec159eef3918cfceaab47263a1ff0871588cde2a16f39c27_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c0fdf2c449051a44ffbdd7794c4fd6c3d6892ad7d1e30ec9e72c97ae34053127_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d86d94c67d42f5ca58f0ea102f74499cbbd0abd0f0d4bab039557981c8c18363_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:76db6178b69a489a215a5aeb295530fe6dd35210d353103139b4c5a4bfc05565_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:073d670f841132b02663a58c8eca5f6dce09f3233d8d3a6d2d55de2e78374b6c_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:2837c7bcbf44311879e67be1642b3e4e3c328da0ff138ae7def975cb169f4e03_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:98918dfb471d2c25a93a31830e308d32ba84057021c4b9312346b3f534ea0ec8_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:9dd90fe106a4c25b245ef65a66d082d3addb28a06606f7a38cb12e7e35b00ce8_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:cb10c70bfb9d8dc3f7bc75506901cd84af0cd11e21883f78d651838eaa83c16c_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:f5047f7dea7825a5d0ad7323f433af0ce17fea83d1d3861372edd682584bb30e_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:f8c677a9fc5a608bc6c1848db7e3ff906ea93cb9cbc92af3d574c3158b2af668_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:fe48d48bb338329da213a0a21d2ac706b4b731593f154d554bfd420ad21a2912_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:4d10cbc5518e4e6d5d2a8fc6a15afe3526865df26eaa95e265a3ece624b31e90_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:7541bf72daac1e784b5194b9c564fbc66831c6633aa7dd8eae3a7bd0c358c27e_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9eab1ead869fc65a1d3e0dd482f409f954d68361be09b230aff8d399970790de_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:fb19f8197c0b403cb25287b23e19230d986f0bd45c920672dea1bf532cabe52d_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:8b475114a5f77f7c041509a30246769a5f9064510724c8fc99ac29164dc3a0bb_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:892bee6e3214a69b8924f840b69a55ac0c8d66443bf042cfa88c13766bd8dce3_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa126c3f4865a2a62cba2734110418c865aa2d32f38147c056732e53fc593715_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b9889747f06f6fe48cd1a79aaf6dcafcf6a9cdd2d2ad986fb10da3f2a51c103b_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f55014b7e95512e2dcad9ebde4d36a39e136093ed22fc3436e66cf9b34091999_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:086f08c9878414065d1ccd65caaf2609aba4d6aa9656f4a0387134ffda0b231d_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:27cd6dee034e7eaafa86c955d119b86b8454b8721131ba870a534dacae48653e_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:69a3b67246d2fe32b1a1a6d726086ebd5a5f37c1ccc3c0e0021562d83caea21a_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a4cb517edd5c5a6bf9766e1fdbd9226ffce969000dc6a8070dba193299f467a9_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:55679b420af4e99bffa2ac83979bfaeb18fa2e88999be01dbb00b5912dad6f57_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:826d18a3ecd4df0c8a8d67844677b394d1f86f365141c08cda8ce0eda78f3132_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d007cac747d974c476392a703abe053dcee0603dfc0836d180175a1e2180c02b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:f5e49246468aeaf92745e513e66224698e6a280a76a129ba91f7c41fd0be1225_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:64bad8b3369eeac99384b41984e32c85e8fdee2ae32282ca2d8e4df8b9d36df5_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:74b4b594ffab3b29043c45163245df4f47aa0dea982dcac7474f09a0f6329f24_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a97741941ab1688bec159eef3918cfceaab47263a1ff0871588cde2a16f39c27_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c0fdf2c449051a44ffbdd7794c4fd6c3d6892ad7d1e30ec9e72c97ae34053127_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d86d94c67d42f5ca58f0ea102f74499cbbd0abd0f0d4bab039557981c8c18363_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:76db6178b69a489a215a5aeb295530fe6dd35210d353103139b4c5a4bfc05565_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:073d670f841132b02663a58c8eca5f6dce09f3233d8d3a6d2d55de2e78374b6c_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:2837c7bcbf44311879e67be1642b3e4e3c328da0ff138ae7def975cb169f4e03_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:98918dfb471d2c25a93a31830e308d32ba84057021c4b9312346b3f534ea0ec8_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:9dd90fe106a4c25b245ef65a66d082d3addb28a06606f7a38cb12e7e35b00ce8_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:cb10c70bfb9d8dc3f7bc75506901cd84af0cd11e21883f78d651838eaa83c16c_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:f5047f7dea7825a5d0ad7323f433af0ce17fea83d1d3861372edd682584bb30e_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:f8c677a9fc5a608bc6c1848db7e3ff906ea93cb9cbc92af3d574c3158b2af668_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:fe48d48bb338329da213a0a21d2ac706b4b731593f154d554bfd420ad21a2912_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion"
},
{
"cve": "CVE-2024-45337",
"cwe": {
"id": "CWE-285",
"name": "Improper Authorization"
},
"discovery_date": "2024-12-11T19:00:54.247490+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:4d10cbc5518e4e6d5d2a8fc6a15afe3526865df26eaa95e265a3ece624b31e90_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:7541bf72daac1e784b5194b9c564fbc66831c6633aa7dd8eae3a7bd0c358c27e_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9eab1ead869fc65a1d3e0dd482f409f954d68361be09b230aff8d399970790de_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:fb19f8197c0b403cb25287b23e19230d986f0bd45c920672dea1bf532cabe52d_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:8b475114a5f77f7c041509a30246769a5f9064510724c8fc99ac29164dc3a0bb_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:892bee6e3214a69b8924f840b69a55ac0c8d66443bf042cfa88c13766bd8dce3_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa126c3f4865a2a62cba2734110418c865aa2d32f38147c056732e53fc593715_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b9889747f06f6fe48cd1a79aaf6dcafcf6a9cdd2d2ad986fb10da3f2a51c103b_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f55014b7e95512e2dcad9ebde4d36a39e136093ed22fc3436e66cf9b34091999_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:086f08c9878414065d1ccd65caaf2609aba4d6aa9656f4a0387134ffda0b231d_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:27cd6dee034e7eaafa86c955d119b86b8454b8721131ba870a534dacae48653e_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:69a3b67246d2fe32b1a1a6d726086ebd5a5f37c1ccc3c0e0021562d83caea21a_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a4cb517edd5c5a6bf9766e1fdbd9226ffce969000dc6a8070dba193299f467a9_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:55679b420af4e99bffa2ac83979bfaeb18fa2e88999be01dbb00b5912dad6f57_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:826d18a3ecd4df0c8a8d67844677b394d1f86f365141c08cda8ce0eda78f3132_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d007cac747d974c476392a703abe053dcee0603dfc0836d180175a1e2180c02b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:f5e49246468aeaf92745e513e66224698e6a280a76a129ba91f7c41fd0be1225_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:64bad8b3369eeac99384b41984e32c85e8fdee2ae32282ca2d8e4df8b9d36df5_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:74b4b594ffab3b29043c45163245df4f47aa0dea982dcac7474f09a0f6329f24_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a97741941ab1688bec159eef3918cfceaab47263a1ff0871588cde2a16f39c27_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c0fdf2c449051a44ffbdd7794c4fd6c3d6892ad7d1e30ec9e72c97ae34053127_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d86d94c67d42f5ca58f0ea102f74499cbbd0abd0f0d4bab039557981c8c18363_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:76db6178b69a489a215a5aeb295530fe6dd35210d353103139b4c5a4bfc05565_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:cb10c70bfb9d8dc3f7bc75506901cd84af0cd11e21883f78d651838eaa83c16c_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:f5047f7dea7825a5d0ad7323f433af0ce17fea83d1d3861372edd682584bb30e_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:f8c677a9fc5a608bc6c1848db7e3ff906ea93cb9cbc92af3d574c3158b2af668_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:fe48d48bb338329da213a0a21d2ac706b4b731593f154d554bfd420ad21a2912_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2331720"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the x/crypto/ssh go library. Applications and libraries that misuse the ServerConfig.PublicKeyCallback callback may be susceptible to an authorization bypass. For example, an attacker may send public keys A and B and authenticate with A. PublicKeyCallback would be called only twice, first with A and then with B. A vulnerable application may then make authorization decisions based on key B, for which the attacker does not control the private key. The misuse of ServerConfig.PublicKeyCallback may cause an authorization bypass.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is classified as important rather than critical because it does not directly enable unauthorized access but rather introduces a risk of authorization bypass if the application or library misuses the PublicKeyCallback API. The vulnerability relies on incorrect assumptions made by the application when handling the sequence or state of keys provided during SSH authentication. Properly implemented systems that use the Permissions field or avoid relying on external state remain unaffected. Additionally, the vulnerability does not allow direct exploitation to gain control over a system without the presence of insecure logic in the application\u0027s handling of authentication attempts.\n\n\nRed Hat Enterprise Linux(RHEL) 8 \u0026 9 and Red Hat Openshift marked as not affected as it was determined that the problem function `ServerConfig.PublicKeyCallback`, as noted in the CVE-2024-45337 issue, is not called by Podman, Buildah, containers-common, or the gvisor-tap-vsock projects.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:073d670f841132b02663a58c8eca5f6dce09f3233d8d3a6d2d55de2e78374b6c_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:2837c7bcbf44311879e67be1642b3e4e3c328da0ff138ae7def975cb169f4e03_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:98918dfb471d2c25a93a31830e308d32ba84057021c4b9312346b3f534ea0ec8_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:9dd90fe106a4c25b245ef65a66d082d3addb28a06606f7a38cb12e7e35b00ce8_s390x"
],
"known_not_affected": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:4d10cbc5518e4e6d5d2a8fc6a15afe3526865df26eaa95e265a3ece624b31e90_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:7541bf72daac1e784b5194b9c564fbc66831c6633aa7dd8eae3a7bd0c358c27e_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9eab1ead869fc65a1d3e0dd482f409f954d68361be09b230aff8d399970790de_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:fb19f8197c0b403cb25287b23e19230d986f0bd45c920672dea1bf532cabe52d_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:8b475114a5f77f7c041509a30246769a5f9064510724c8fc99ac29164dc3a0bb_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:892bee6e3214a69b8924f840b69a55ac0c8d66443bf042cfa88c13766bd8dce3_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa126c3f4865a2a62cba2734110418c865aa2d32f38147c056732e53fc593715_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b9889747f06f6fe48cd1a79aaf6dcafcf6a9cdd2d2ad986fb10da3f2a51c103b_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f55014b7e95512e2dcad9ebde4d36a39e136093ed22fc3436e66cf9b34091999_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:086f08c9878414065d1ccd65caaf2609aba4d6aa9656f4a0387134ffda0b231d_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:27cd6dee034e7eaafa86c955d119b86b8454b8721131ba870a534dacae48653e_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:69a3b67246d2fe32b1a1a6d726086ebd5a5f37c1ccc3c0e0021562d83caea21a_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a4cb517edd5c5a6bf9766e1fdbd9226ffce969000dc6a8070dba193299f467a9_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:55679b420af4e99bffa2ac83979bfaeb18fa2e88999be01dbb00b5912dad6f57_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:826d18a3ecd4df0c8a8d67844677b394d1f86f365141c08cda8ce0eda78f3132_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d007cac747d974c476392a703abe053dcee0603dfc0836d180175a1e2180c02b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:f5e49246468aeaf92745e513e66224698e6a280a76a129ba91f7c41fd0be1225_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:64bad8b3369eeac99384b41984e32c85e8fdee2ae32282ca2d8e4df8b9d36df5_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:74b4b594ffab3b29043c45163245df4f47aa0dea982dcac7474f09a0f6329f24_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a97741941ab1688bec159eef3918cfceaab47263a1ff0871588cde2a16f39c27_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c0fdf2c449051a44ffbdd7794c4fd6c3d6892ad7d1e30ec9e72c97ae34053127_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d86d94c67d42f5ca58f0ea102f74499cbbd0abd0f0d4bab039557981c8c18363_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:76db6178b69a489a215a5aeb295530fe6dd35210d353103139b4c5a4bfc05565_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:cb10c70bfb9d8dc3f7bc75506901cd84af0cd11e21883f78d651838eaa83c16c_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:f5047f7dea7825a5d0ad7323f433af0ce17fea83d1d3861372edd682584bb30e_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:f8c677a9fc5a608bc6c1848db7e3ff906ea93cb9cbc92af3d574c3158b2af668_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:fe48d48bb338329da213a0a21d2ac706b4b731593f154d554bfd420ad21a2912_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45337"
},
{
"category": "external",
"summary": "RHBZ#2331720",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331720"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45337",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45337"
},
{
"category": "external",
"summary": "https://github.com/golang/crypto/commit/b4f1988a35dee11ec3e05d6bf3e90b695fbd8909",
"url": "https://github.com/golang/crypto/commit/b4f1988a35dee11ec3e05d6bf3e90b695fbd8909"
},
{
"category": "external",
"summary": "https://go.dev/cl/635315",
"url": "https://go.dev/cl/635315"
},
{
"category": "external",
"summary": "https://go.dev/issue/70779",
"url": "https://go.dev/issue/70779"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/-nPEi39gI4Q/m/cGVPJCqdAQAJ",
"url": "https://groups.google.com/g/golang-announce/c/-nPEi39gI4Q/m/cGVPJCqdAQAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3321",
"url": "https://pkg.go.dev/vuln/GO-2024-3321"
}
],
"release_date": "2024-12-11T18:55:58.506000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-26T14:52:57+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:073d670f841132b02663a58c8eca5f6dce09f3233d8d3a6d2d55de2e78374b6c_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:2837c7bcbf44311879e67be1642b3e4e3c328da0ff138ae7def975cb169f4e03_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:98918dfb471d2c25a93a31830e308d32ba84057021c4b9312346b3f534ea0ec8_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:9dd90fe106a4c25b245ef65a66d082d3addb28a06606f7a38cb12e7e35b00ce8_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22182"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:4d10cbc5518e4e6d5d2a8fc6a15afe3526865df26eaa95e265a3ece624b31e90_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:7541bf72daac1e784b5194b9c564fbc66831c6633aa7dd8eae3a7bd0c358c27e_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9eab1ead869fc65a1d3e0dd482f409f954d68361be09b230aff8d399970790de_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:fb19f8197c0b403cb25287b23e19230d986f0bd45c920672dea1bf532cabe52d_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:8b475114a5f77f7c041509a30246769a5f9064510724c8fc99ac29164dc3a0bb_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:892bee6e3214a69b8924f840b69a55ac0c8d66443bf042cfa88c13766bd8dce3_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa126c3f4865a2a62cba2734110418c865aa2d32f38147c056732e53fc593715_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b9889747f06f6fe48cd1a79aaf6dcafcf6a9cdd2d2ad986fb10da3f2a51c103b_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f55014b7e95512e2dcad9ebde4d36a39e136093ed22fc3436e66cf9b34091999_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:086f08c9878414065d1ccd65caaf2609aba4d6aa9656f4a0387134ffda0b231d_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:27cd6dee034e7eaafa86c955d119b86b8454b8721131ba870a534dacae48653e_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:69a3b67246d2fe32b1a1a6d726086ebd5a5f37c1ccc3c0e0021562d83caea21a_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a4cb517edd5c5a6bf9766e1fdbd9226ffce969000dc6a8070dba193299f467a9_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:55679b420af4e99bffa2ac83979bfaeb18fa2e88999be01dbb00b5912dad6f57_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:826d18a3ecd4df0c8a8d67844677b394d1f86f365141c08cda8ce0eda78f3132_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d007cac747d974c476392a703abe053dcee0603dfc0836d180175a1e2180c02b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:f5e49246468aeaf92745e513e66224698e6a280a76a129ba91f7c41fd0be1225_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:64bad8b3369eeac99384b41984e32c85e8fdee2ae32282ca2d8e4df8b9d36df5_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:74b4b594ffab3b29043c45163245df4f47aa0dea982dcac7474f09a0f6329f24_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a97741941ab1688bec159eef3918cfceaab47263a1ff0871588cde2a16f39c27_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c0fdf2c449051a44ffbdd7794c4fd6c3d6892ad7d1e30ec9e72c97ae34053127_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d86d94c67d42f5ca58f0ea102f74499cbbd0abd0f0d4bab039557981c8c18363_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:76db6178b69a489a215a5aeb295530fe6dd35210d353103139b4c5a4bfc05565_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:073d670f841132b02663a58c8eca5f6dce09f3233d8d3a6d2d55de2e78374b6c_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:2837c7bcbf44311879e67be1642b3e4e3c328da0ff138ae7def975cb169f4e03_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:98918dfb471d2c25a93a31830e308d32ba84057021c4b9312346b3f534ea0ec8_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:9dd90fe106a4c25b245ef65a66d082d3addb28a06606f7a38cb12e7e35b00ce8_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:cb10c70bfb9d8dc3f7bc75506901cd84af0cd11e21883f78d651838eaa83c16c_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:f5047f7dea7825a5d0ad7323f433af0ce17fea83d1d3861372edd682584bb30e_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:f8c677a9fc5a608bc6c1848db7e3ff906ea93cb9cbc92af3d574c3158b2af668_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:fe48d48bb338329da213a0a21d2ac706b4b731593f154d554bfd420ad21a2912_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:4d10cbc5518e4e6d5d2a8fc6a15afe3526865df26eaa95e265a3ece624b31e90_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:7541bf72daac1e784b5194b9c564fbc66831c6633aa7dd8eae3a7bd0c358c27e_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9eab1ead869fc65a1d3e0dd482f409f954d68361be09b230aff8d399970790de_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:fb19f8197c0b403cb25287b23e19230d986f0bd45c920672dea1bf532cabe52d_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:8b475114a5f77f7c041509a30246769a5f9064510724c8fc99ac29164dc3a0bb_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:892bee6e3214a69b8924f840b69a55ac0c8d66443bf042cfa88c13766bd8dce3_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa126c3f4865a2a62cba2734110418c865aa2d32f38147c056732e53fc593715_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b9889747f06f6fe48cd1a79aaf6dcafcf6a9cdd2d2ad986fb10da3f2a51c103b_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f55014b7e95512e2dcad9ebde4d36a39e136093ed22fc3436e66cf9b34091999_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:086f08c9878414065d1ccd65caaf2609aba4d6aa9656f4a0387134ffda0b231d_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:27cd6dee034e7eaafa86c955d119b86b8454b8721131ba870a534dacae48653e_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:69a3b67246d2fe32b1a1a6d726086ebd5a5f37c1ccc3c0e0021562d83caea21a_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a4cb517edd5c5a6bf9766e1fdbd9226ffce969000dc6a8070dba193299f467a9_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:55679b420af4e99bffa2ac83979bfaeb18fa2e88999be01dbb00b5912dad6f57_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:826d18a3ecd4df0c8a8d67844677b394d1f86f365141c08cda8ce0eda78f3132_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d007cac747d974c476392a703abe053dcee0603dfc0836d180175a1e2180c02b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:f5e49246468aeaf92745e513e66224698e6a280a76a129ba91f7c41fd0be1225_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:64bad8b3369eeac99384b41984e32c85e8fdee2ae32282ca2d8e4df8b9d36df5_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:74b4b594ffab3b29043c45163245df4f47aa0dea982dcac7474f09a0f6329f24_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a97741941ab1688bec159eef3918cfceaab47263a1ff0871588cde2a16f39c27_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c0fdf2c449051a44ffbdd7794c4fd6c3d6892ad7d1e30ec9e72c97ae34053127_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d86d94c67d42f5ca58f0ea102f74499cbbd0abd0f0d4bab039557981c8c18363_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:76db6178b69a489a215a5aeb295530fe6dd35210d353103139b4c5a4bfc05565_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:073d670f841132b02663a58c8eca5f6dce09f3233d8d3a6d2d55de2e78374b6c_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:2837c7bcbf44311879e67be1642b3e4e3c328da0ff138ae7def975cb169f4e03_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:98918dfb471d2c25a93a31830e308d32ba84057021c4b9312346b3f534ea0ec8_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:9dd90fe106a4c25b245ef65a66d082d3addb28a06606f7a38cb12e7e35b00ce8_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:cb10c70bfb9d8dc3f7bc75506901cd84af0cd11e21883f78d651838eaa83c16c_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:f5047f7dea7825a5d0ad7323f433af0ce17fea83d1d3861372edd682584bb30e_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:f8c677a9fc5a608bc6c1848db7e3ff906ea93cb9cbc92af3d574c3158b2af668_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:fe48d48bb338329da213a0a21d2ac706b4b731593f154d554bfd420ad21a2912_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto"
},
{
"cve": "CVE-2024-45338",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-12-18T21:00:59.938173+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:4d10cbc5518e4e6d5d2a8fc6a15afe3526865df26eaa95e265a3ece624b31e90_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:7541bf72daac1e784b5194b9c564fbc66831c6633aa7dd8eae3a7bd0c358c27e_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9eab1ead869fc65a1d3e0dd482f409f954d68361be09b230aff8d399970790de_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:fb19f8197c0b403cb25287b23e19230d986f0bd45c920672dea1bf532cabe52d_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:8b475114a5f77f7c041509a30246769a5f9064510724c8fc99ac29164dc3a0bb_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:892bee6e3214a69b8924f840b69a55ac0c8d66443bf042cfa88c13766bd8dce3_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa126c3f4865a2a62cba2734110418c865aa2d32f38147c056732e53fc593715_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b9889747f06f6fe48cd1a79aaf6dcafcf6a9cdd2d2ad986fb10da3f2a51c103b_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f55014b7e95512e2dcad9ebde4d36a39e136093ed22fc3436e66cf9b34091999_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:086f08c9878414065d1ccd65caaf2609aba4d6aa9656f4a0387134ffda0b231d_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:27cd6dee034e7eaafa86c955d119b86b8454b8721131ba870a534dacae48653e_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:69a3b67246d2fe32b1a1a6d726086ebd5a5f37c1ccc3c0e0021562d83caea21a_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a4cb517edd5c5a6bf9766e1fdbd9226ffce969000dc6a8070dba193299f467a9_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:55679b420af4e99bffa2ac83979bfaeb18fa2e88999be01dbb00b5912dad6f57_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:826d18a3ecd4df0c8a8d67844677b394d1f86f365141c08cda8ce0eda78f3132_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d007cac747d974c476392a703abe053dcee0603dfc0836d180175a1e2180c02b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:f5e49246468aeaf92745e513e66224698e6a280a76a129ba91f7c41fd0be1225_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:64bad8b3369eeac99384b41984e32c85e8fdee2ae32282ca2d8e4df8b9d36df5_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:74b4b594ffab3b29043c45163245df4f47aa0dea982dcac7474f09a0f6329f24_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a97741941ab1688bec159eef3918cfceaab47263a1ff0871588cde2a16f39c27_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c0fdf2c449051a44ffbdd7794c4fd6c3d6892ad7d1e30ec9e72c97ae34053127_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d86d94c67d42f5ca58f0ea102f74499cbbd0abd0f0d4bab039557981c8c18363_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:76db6178b69a489a215a5aeb295530fe6dd35210d353103139b4c5a4bfc05565_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:cb10c70bfb9d8dc3f7bc75506901cd84af0cd11e21883f78d651838eaa83c16c_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:f5047f7dea7825a5d0ad7323f433af0ce17fea83d1d3861372edd682584bb30e_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:f8c677a9fc5a608bc6c1848db7e3ff906ea93cb9cbc92af3d574c3158b2af668_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:fe48d48bb338329da213a0a21d2ac706b4b731593f154d554bfd420ad21a2912_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2333122"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/net/html. This flaw allows an attacker to craft input to the parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This issue can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as an Important severity because an attacker can craft malicious input that causes the parsing functions to process data non-linearly, resulting in significant delays which leads to a denial of service by exhausting system resources.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:073d670f841132b02663a58c8eca5f6dce09f3233d8d3a6d2d55de2e78374b6c_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:2837c7bcbf44311879e67be1642b3e4e3c328da0ff138ae7def975cb169f4e03_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:98918dfb471d2c25a93a31830e308d32ba84057021c4b9312346b3f534ea0ec8_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:9dd90fe106a4c25b245ef65a66d082d3addb28a06606f7a38cb12e7e35b00ce8_s390x"
],
"known_not_affected": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:4d10cbc5518e4e6d5d2a8fc6a15afe3526865df26eaa95e265a3ece624b31e90_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:7541bf72daac1e784b5194b9c564fbc66831c6633aa7dd8eae3a7bd0c358c27e_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9eab1ead869fc65a1d3e0dd482f409f954d68361be09b230aff8d399970790de_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:fb19f8197c0b403cb25287b23e19230d986f0bd45c920672dea1bf532cabe52d_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:8b475114a5f77f7c041509a30246769a5f9064510724c8fc99ac29164dc3a0bb_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:892bee6e3214a69b8924f840b69a55ac0c8d66443bf042cfa88c13766bd8dce3_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa126c3f4865a2a62cba2734110418c865aa2d32f38147c056732e53fc593715_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b9889747f06f6fe48cd1a79aaf6dcafcf6a9cdd2d2ad986fb10da3f2a51c103b_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f55014b7e95512e2dcad9ebde4d36a39e136093ed22fc3436e66cf9b34091999_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:086f08c9878414065d1ccd65caaf2609aba4d6aa9656f4a0387134ffda0b231d_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:27cd6dee034e7eaafa86c955d119b86b8454b8721131ba870a534dacae48653e_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:69a3b67246d2fe32b1a1a6d726086ebd5a5f37c1ccc3c0e0021562d83caea21a_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a4cb517edd5c5a6bf9766e1fdbd9226ffce969000dc6a8070dba193299f467a9_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:55679b420af4e99bffa2ac83979bfaeb18fa2e88999be01dbb00b5912dad6f57_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:826d18a3ecd4df0c8a8d67844677b394d1f86f365141c08cda8ce0eda78f3132_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d007cac747d974c476392a703abe053dcee0603dfc0836d180175a1e2180c02b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:f5e49246468aeaf92745e513e66224698e6a280a76a129ba91f7c41fd0be1225_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:64bad8b3369eeac99384b41984e32c85e8fdee2ae32282ca2d8e4df8b9d36df5_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:74b4b594ffab3b29043c45163245df4f47aa0dea982dcac7474f09a0f6329f24_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a97741941ab1688bec159eef3918cfceaab47263a1ff0871588cde2a16f39c27_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c0fdf2c449051a44ffbdd7794c4fd6c3d6892ad7d1e30ec9e72c97ae34053127_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d86d94c67d42f5ca58f0ea102f74499cbbd0abd0f0d4bab039557981c8c18363_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:76db6178b69a489a215a5aeb295530fe6dd35210d353103139b4c5a4bfc05565_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:cb10c70bfb9d8dc3f7bc75506901cd84af0cd11e21883f78d651838eaa83c16c_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:f5047f7dea7825a5d0ad7323f433af0ce17fea83d1d3861372edd682584bb30e_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:f8c677a9fc5a608bc6c1848db7e3ff906ea93cb9cbc92af3d574c3158b2af668_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:fe48d48bb338329da213a0a21d2ac706b4b731593f154d554bfd420ad21a2912_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45338"
},
{
"category": "external",
"summary": "RHBZ#2333122",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333122"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45338"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338"
},
{
"category": "external",
"summary": "https://go.dev/cl/637536",
"url": "https://go.dev/cl/637536"
},
{
"category": "external",
"summary": "https://go.dev/issue/70906",
"url": "https://go.dev/issue/70906"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ",
"url": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3333",
"url": "https://pkg.go.dev/vuln/GO-2024-3333"
}
],
"release_date": "2024-12-18T20:38:22.660000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-26T14:52:57+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:073d670f841132b02663a58c8eca5f6dce09f3233d8d3a6d2d55de2e78374b6c_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:2837c7bcbf44311879e67be1642b3e4e3c328da0ff138ae7def975cb169f4e03_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:98918dfb471d2c25a93a31830e308d32ba84057021c4b9312346b3f534ea0ec8_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:9dd90fe106a4c25b245ef65a66d082d3addb28a06606f7a38cb12e7e35b00ce8_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22182"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:4d10cbc5518e4e6d5d2a8fc6a15afe3526865df26eaa95e265a3ece624b31e90_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:7541bf72daac1e784b5194b9c564fbc66831c6633aa7dd8eae3a7bd0c358c27e_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9eab1ead869fc65a1d3e0dd482f409f954d68361be09b230aff8d399970790de_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:fb19f8197c0b403cb25287b23e19230d986f0bd45c920672dea1bf532cabe52d_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:8b475114a5f77f7c041509a30246769a5f9064510724c8fc99ac29164dc3a0bb_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:892bee6e3214a69b8924f840b69a55ac0c8d66443bf042cfa88c13766bd8dce3_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa126c3f4865a2a62cba2734110418c865aa2d32f38147c056732e53fc593715_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b9889747f06f6fe48cd1a79aaf6dcafcf6a9cdd2d2ad986fb10da3f2a51c103b_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f55014b7e95512e2dcad9ebde4d36a39e136093ed22fc3436e66cf9b34091999_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:086f08c9878414065d1ccd65caaf2609aba4d6aa9656f4a0387134ffda0b231d_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:27cd6dee034e7eaafa86c955d119b86b8454b8721131ba870a534dacae48653e_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:69a3b67246d2fe32b1a1a6d726086ebd5a5f37c1ccc3c0e0021562d83caea21a_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a4cb517edd5c5a6bf9766e1fdbd9226ffce969000dc6a8070dba193299f467a9_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:55679b420af4e99bffa2ac83979bfaeb18fa2e88999be01dbb00b5912dad6f57_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:826d18a3ecd4df0c8a8d67844677b394d1f86f365141c08cda8ce0eda78f3132_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d007cac747d974c476392a703abe053dcee0603dfc0836d180175a1e2180c02b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:f5e49246468aeaf92745e513e66224698e6a280a76a129ba91f7c41fd0be1225_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:64bad8b3369eeac99384b41984e32c85e8fdee2ae32282ca2d8e4df8b9d36df5_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:74b4b594ffab3b29043c45163245df4f47aa0dea982dcac7474f09a0f6329f24_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a97741941ab1688bec159eef3918cfceaab47263a1ff0871588cde2a16f39c27_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c0fdf2c449051a44ffbdd7794c4fd6c3d6892ad7d1e30ec9e72c97ae34053127_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d86d94c67d42f5ca58f0ea102f74499cbbd0abd0f0d4bab039557981c8c18363_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:76db6178b69a489a215a5aeb295530fe6dd35210d353103139b4c5a4bfc05565_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:073d670f841132b02663a58c8eca5f6dce09f3233d8d3a6d2d55de2e78374b6c_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:2837c7bcbf44311879e67be1642b3e4e3c328da0ff138ae7def975cb169f4e03_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:98918dfb471d2c25a93a31830e308d32ba84057021c4b9312346b3f534ea0ec8_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:9dd90fe106a4c25b245ef65a66d082d3addb28a06606f7a38cb12e7e35b00ce8_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:cb10c70bfb9d8dc3f7bc75506901cd84af0cd11e21883f78d651838eaa83c16c_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:f5047f7dea7825a5d0ad7323f433af0ce17fea83d1d3861372edd682584bb30e_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:f8c677a9fc5a608bc6c1848db7e3ff906ea93cb9cbc92af3d574c3158b2af668_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:fe48d48bb338329da213a0a21d2ac706b4b731593f154d554bfd420ad21a2912_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html"
},
{
"cve": "CVE-2025-59420",
"cwe": {
"id": "CWE-440",
"name": "Expected Behavior Violation"
},
"discovery_date": "2025-09-22T18:01:35.379361+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:4d10cbc5518e4e6d5d2a8fc6a15afe3526865df26eaa95e265a3ece624b31e90_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:7541bf72daac1e784b5194b9c564fbc66831c6633aa7dd8eae3a7bd0c358c27e_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9eab1ead869fc65a1d3e0dd482f409f954d68361be09b230aff8d399970790de_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:fb19f8197c0b403cb25287b23e19230d986f0bd45c920672dea1bf532cabe52d_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:8b475114a5f77f7c041509a30246769a5f9064510724c8fc99ac29164dc3a0bb_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:892bee6e3214a69b8924f840b69a55ac0c8d66443bf042cfa88c13766bd8dce3_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa126c3f4865a2a62cba2734110418c865aa2d32f38147c056732e53fc593715_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b9889747f06f6fe48cd1a79aaf6dcafcf6a9cdd2d2ad986fb10da3f2a51c103b_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f55014b7e95512e2dcad9ebde4d36a39e136093ed22fc3436e66cf9b34091999_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:086f08c9878414065d1ccd65caaf2609aba4d6aa9656f4a0387134ffda0b231d_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:27cd6dee034e7eaafa86c955d119b86b8454b8721131ba870a534dacae48653e_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:69a3b67246d2fe32b1a1a6d726086ebd5a5f37c1ccc3c0e0021562d83caea21a_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a4cb517edd5c5a6bf9766e1fdbd9226ffce969000dc6a8070dba193299f467a9_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:55679b420af4e99bffa2ac83979bfaeb18fa2e88999be01dbb00b5912dad6f57_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:826d18a3ecd4df0c8a8d67844677b394d1f86f365141c08cda8ce0eda78f3132_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d007cac747d974c476392a703abe053dcee0603dfc0836d180175a1e2180c02b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:f5e49246468aeaf92745e513e66224698e6a280a76a129ba91f7c41fd0be1225_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:64bad8b3369eeac99384b41984e32c85e8fdee2ae32282ca2d8e4df8b9d36df5_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:74b4b594ffab3b29043c45163245df4f47aa0dea982dcac7474f09a0f6329f24_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a97741941ab1688bec159eef3918cfceaab47263a1ff0871588cde2a16f39c27_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c0fdf2c449051a44ffbdd7794c4fd6c3d6892ad7d1e30ec9e72c97ae34053127_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d86d94c67d42f5ca58f0ea102f74499cbbd0abd0f0d4bab039557981c8c18363_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:76db6178b69a489a215a5aeb295530fe6dd35210d353103139b4c5a4bfc05565_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:073d670f841132b02663a58c8eca5f6dce09f3233d8d3a6d2d55de2e78374b6c_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:2837c7bcbf44311879e67be1642b3e4e3c328da0ff138ae7def975cb169f4e03_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:98918dfb471d2c25a93a31830e308d32ba84057021c4b9312346b3f534ea0ec8_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:9dd90fe106a4c25b245ef65a66d082d3addb28a06606f7a38cb12e7e35b00ce8_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2397460"
}
],
"notes": [
{
"category": "description",
"text": "Authlib\u2019s JWS verification accepts tokens that declare unknown critical header parameters (crit), violating RFC 7515 \u201cmust\u2011understand\u201d semantics. An attacker can craft a signed token with a critical header (for example, bork or cnf) that strict verifiers reject but Authlib accepts. In mixed\u2011language fleets, this enables split\u2011brain verification and can lead to policy bypass, replay, or privilege escalation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "authlib: Authlib RFC violation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:cb10c70bfb9d8dc3f7bc75506901cd84af0cd11e21883f78d651838eaa83c16c_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:f5047f7dea7825a5d0ad7323f433af0ce17fea83d1d3861372edd682584bb30e_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:f8c677a9fc5a608bc6c1848db7e3ff906ea93cb9cbc92af3d574c3158b2af668_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:fe48d48bb338329da213a0a21d2ac706b4b731593f154d554bfd420ad21a2912_arm64"
],
"known_not_affected": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:4d10cbc5518e4e6d5d2a8fc6a15afe3526865df26eaa95e265a3ece624b31e90_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:7541bf72daac1e784b5194b9c564fbc66831c6633aa7dd8eae3a7bd0c358c27e_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9eab1ead869fc65a1d3e0dd482f409f954d68361be09b230aff8d399970790de_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:fb19f8197c0b403cb25287b23e19230d986f0bd45c920672dea1bf532cabe52d_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:8b475114a5f77f7c041509a30246769a5f9064510724c8fc99ac29164dc3a0bb_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:892bee6e3214a69b8924f840b69a55ac0c8d66443bf042cfa88c13766bd8dce3_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa126c3f4865a2a62cba2734110418c865aa2d32f38147c056732e53fc593715_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b9889747f06f6fe48cd1a79aaf6dcafcf6a9cdd2d2ad986fb10da3f2a51c103b_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f55014b7e95512e2dcad9ebde4d36a39e136093ed22fc3436e66cf9b34091999_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:086f08c9878414065d1ccd65caaf2609aba4d6aa9656f4a0387134ffda0b231d_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:27cd6dee034e7eaafa86c955d119b86b8454b8721131ba870a534dacae48653e_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:69a3b67246d2fe32b1a1a6d726086ebd5a5f37c1ccc3c0e0021562d83caea21a_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a4cb517edd5c5a6bf9766e1fdbd9226ffce969000dc6a8070dba193299f467a9_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:55679b420af4e99bffa2ac83979bfaeb18fa2e88999be01dbb00b5912dad6f57_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:826d18a3ecd4df0c8a8d67844677b394d1f86f365141c08cda8ce0eda78f3132_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d007cac747d974c476392a703abe053dcee0603dfc0836d180175a1e2180c02b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:f5e49246468aeaf92745e513e66224698e6a280a76a129ba91f7c41fd0be1225_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:64bad8b3369eeac99384b41984e32c85e8fdee2ae32282ca2d8e4df8b9d36df5_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:74b4b594ffab3b29043c45163245df4f47aa0dea982dcac7474f09a0f6329f24_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a97741941ab1688bec159eef3918cfceaab47263a1ff0871588cde2a16f39c27_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c0fdf2c449051a44ffbdd7794c4fd6c3d6892ad7d1e30ec9e72c97ae34053127_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d86d94c67d42f5ca58f0ea102f74499cbbd0abd0f0d4bab039557981c8c18363_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:76db6178b69a489a215a5aeb295530fe6dd35210d353103139b4c5a4bfc05565_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:073d670f841132b02663a58c8eca5f6dce09f3233d8d3a6d2d55de2e78374b6c_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:2837c7bcbf44311879e67be1642b3e4e3c328da0ff138ae7def975cb169f4e03_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:98918dfb471d2c25a93a31830e308d32ba84057021c4b9312346b3f534ea0ec8_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:9dd90fe106a4c25b245ef65a66d082d3addb28a06606f7a38cb12e7e35b00ce8_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59420"
},
{
"category": "external",
"summary": "RHBZ#2397460",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2397460"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59420",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59420"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59420",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59420"
},
{
"category": "external",
"summary": "https://github.com/authlib/authlib/commit/6b1813e4392eb7c168c276099ff7783b176479df",
"url": "https://github.com/authlib/authlib/commit/6b1813e4392eb7c168c276099ff7783b176479df"
},
{
"category": "external",
"summary": "https://github.com/authlib/authlib/security/advisories/GHSA-9ggr-2464-2j32",
"url": "https://github.com/authlib/authlib/security/advisories/GHSA-9ggr-2464-2j32"
}
],
"release_date": "2025-09-22T17:28:53.869000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-26T14:52:57+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:cb10c70bfb9d8dc3f7bc75506901cd84af0cd11e21883f78d651838eaa83c16c_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:f5047f7dea7825a5d0ad7323f433af0ce17fea83d1d3861372edd682584bb30e_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:f8c677a9fc5a608bc6c1848db7e3ff906ea93cb9cbc92af3d574c3158b2af668_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:fe48d48bb338329da213a0a21d2ac706b4b731593f154d554bfd420ad21a2912_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22182"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:4d10cbc5518e4e6d5d2a8fc6a15afe3526865df26eaa95e265a3ece624b31e90_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:7541bf72daac1e784b5194b9c564fbc66831c6633aa7dd8eae3a7bd0c358c27e_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9eab1ead869fc65a1d3e0dd482f409f954d68361be09b230aff8d399970790de_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:fb19f8197c0b403cb25287b23e19230d986f0bd45c920672dea1bf532cabe52d_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:8b475114a5f77f7c041509a30246769a5f9064510724c8fc99ac29164dc3a0bb_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:892bee6e3214a69b8924f840b69a55ac0c8d66443bf042cfa88c13766bd8dce3_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa126c3f4865a2a62cba2734110418c865aa2d32f38147c056732e53fc593715_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b9889747f06f6fe48cd1a79aaf6dcafcf6a9cdd2d2ad986fb10da3f2a51c103b_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f55014b7e95512e2dcad9ebde4d36a39e136093ed22fc3436e66cf9b34091999_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:086f08c9878414065d1ccd65caaf2609aba4d6aa9656f4a0387134ffda0b231d_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:27cd6dee034e7eaafa86c955d119b86b8454b8721131ba870a534dacae48653e_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:69a3b67246d2fe32b1a1a6d726086ebd5a5f37c1ccc3c0e0021562d83caea21a_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a4cb517edd5c5a6bf9766e1fdbd9226ffce969000dc6a8070dba193299f467a9_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:55679b420af4e99bffa2ac83979bfaeb18fa2e88999be01dbb00b5912dad6f57_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:826d18a3ecd4df0c8a8d67844677b394d1f86f365141c08cda8ce0eda78f3132_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d007cac747d974c476392a703abe053dcee0603dfc0836d180175a1e2180c02b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:f5e49246468aeaf92745e513e66224698e6a280a76a129ba91f7c41fd0be1225_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:64bad8b3369eeac99384b41984e32c85e8fdee2ae32282ca2d8e4df8b9d36df5_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:74b4b594ffab3b29043c45163245df4f47aa0dea982dcac7474f09a0f6329f24_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a97741941ab1688bec159eef3918cfceaab47263a1ff0871588cde2a16f39c27_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c0fdf2c449051a44ffbdd7794c4fd6c3d6892ad7d1e30ec9e72c97ae34053127_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d86d94c67d42f5ca58f0ea102f74499cbbd0abd0f0d4bab039557981c8c18363_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:76db6178b69a489a215a5aeb295530fe6dd35210d353103139b4c5a4bfc05565_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:073d670f841132b02663a58c8eca5f6dce09f3233d8d3a6d2d55de2e78374b6c_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:2837c7bcbf44311879e67be1642b3e4e3c328da0ff138ae7def975cb169f4e03_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:98918dfb471d2c25a93a31830e308d32ba84057021c4b9312346b3f534ea0ec8_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:9dd90fe106a4c25b245ef65a66d082d3addb28a06606f7a38cb12e7e35b00ce8_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:cb10c70bfb9d8dc3f7bc75506901cd84af0cd11e21883f78d651838eaa83c16c_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:f5047f7dea7825a5d0ad7323f433af0ce17fea83d1d3861372edd682584bb30e_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:f8c677a9fc5a608bc6c1848db7e3ff906ea93cb9cbc92af3d574c3158b2af668_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:fe48d48bb338329da213a0a21d2ac706b4b731593f154d554bfd420ad21a2912_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:4d10cbc5518e4e6d5d2a8fc6a15afe3526865df26eaa95e265a3ece624b31e90_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:7541bf72daac1e784b5194b9c564fbc66831c6633aa7dd8eae3a7bd0c358c27e_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9eab1ead869fc65a1d3e0dd482f409f954d68361be09b230aff8d399970790de_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:fb19f8197c0b403cb25287b23e19230d986f0bd45c920672dea1bf532cabe52d_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:8b475114a5f77f7c041509a30246769a5f9064510724c8fc99ac29164dc3a0bb_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:892bee6e3214a69b8924f840b69a55ac0c8d66443bf042cfa88c13766bd8dce3_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa126c3f4865a2a62cba2734110418c865aa2d32f38147c056732e53fc593715_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b9889747f06f6fe48cd1a79aaf6dcafcf6a9cdd2d2ad986fb10da3f2a51c103b_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f55014b7e95512e2dcad9ebde4d36a39e136093ed22fc3436e66cf9b34091999_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:086f08c9878414065d1ccd65caaf2609aba4d6aa9656f4a0387134ffda0b231d_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:27cd6dee034e7eaafa86c955d119b86b8454b8721131ba870a534dacae48653e_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:69a3b67246d2fe32b1a1a6d726086ebd5a5f37c1ccc3c0e0021562d83caea21a_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a4cb517edd5c5a6bf9766e1fdbd9226ffce969000dc6a8070dba193299f467a9_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:55679b420af4e99bffa2ac83979bfaeb18fa2e88999be01dbb00b5912dad6f57_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:826d18a3ecd4df0c8a8d67844677b394d1f86f365141c08cda8ce0eda78f3132_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d007cac747d974c476392a703abe053dcee0603dfc0836d180175a1e2180c02b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:f5e49246468aeaf92745e513e66224698e6a280a76a129ba91f7c41fd0be1225_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:64bad8b3369eeac99384b41984e32c85e8fdee2ae32282ca2d8e4df8b9d36df5_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:74b4b594ffab3b29043c45163245df4f47aa0dea982dcac7474f09a0f6329f24_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a97741941ab1688bec159eef3918cfceaab47263a1ff0871588cde2a16f39c27_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c0fdf2c449051a44ffbdd7794c4fd6c3d6892ad7d1e30ec9e72c97ae34053127_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d86d94c67d42f5ca58f0ea102f74499cbbd0abd0f0d4bab039557981c8c18363_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:76db6178b69a489a215a5aeb295530fe6dd35210d353103139b4c5a4bfc05565_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:073d670f841132b02663a58c8eca5f6dce09f3233d8d3a6d2d55de2e78374b6c_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:2837c7bcbf44311879e67be1642b3e4e3c328da0ff138ae7def975cb169f4e03_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:98918dfb471d2c25a93a31830e308d32ba84057021c4b9312346b3f534ea0ec8_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:9dd90fe106a4c25b245ef65a66d082d3addb28a06606f7a38cb12e7e35b00ce8_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:cb10c70bfb9d8dc3f7bc75506901cd84af0cd11e21883f78d651838eaa83c16c_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:f5047f7dea7825a5d0ad7323f433af0ce17fea83d1d3861372edd682584bb30e_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:f8c677a9fc5a608bc6c1848db7e3ff906ea93cb9cbc92af3d574c3158b2af668_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:fe48d48bb338329da213a0a21d2ac706b4b731593f154d554bfd420ad21a2912_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "authlib: Authlib RFC violation"
},
{
"cve": "CVE-2025-61920",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-10-10T20:01:12.833962+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:4d10cbc5518e4e6d5d2a8fc6a15afe3526865df26eaa95e265a3ece624b31e90_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:7541bf72daac1e784b5194b9c564fbc66831c6633aa7dd8eae3a7bd0c358c27e_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9eab1ead869fc65a1d3e0dd482f409f954d68361be09b230aff8d399970790de_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:fb19f8197c0b403cb25287b23e19230d986f0bd45c920672dea1bf532cabe52d_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:8b475114a5f77f7c041509a30246769a5f9064510724c8fc99ac29164dc3a0bb_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:892bee6e3214a69b8924f840b69a55ac0c8d66443bf042cfa88c13766bd8dce3_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa126c3f4865a2a62cba2734110418c865aa2d32f38147c056732e53fc593715_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b9889747f06f6fe48cd1a79aaf6dcafcf6a9cdd2d2ad986fb10da3f2a51c103b_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f55014b7e95512e2dcad9ebde4d36a39e136093ed22fc3436e66cf9b34091999_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:086f08c9878414065d1ccd65caaf2609aba4d6aa9656f4a0387134ffda0b231d_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:27cd6dee034e7eaafa86c955d119b86b8454b8721131ba870a534dacae48653e_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:69a3b67246d2fe32b1a1a6d726086ebd5a5f37c1ccc3c0e0021562d83caea21a_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a4cb517edd5c5a6bf9766e1fdbd9226ffce969000dc6a8070dba193299f467a9_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:55679b420af4e99bffa2ac83979bfaeb18fa2e88999be01dbb00b5912dad6f57_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:826d18a3ecd4df0c8a8d67844677b394d1f86f365141c08cda8ce0eda78f3132_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d007cac747d974c476392a703abe053dcee0603dfc0836d180175a1e2180c02b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:f5e49246468aeaf92745e513e66224698e6a280a76a129ba91f7c41fd0be1225_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:64bad8b3369eeac99384b41984e32c85e8fdee2ae32282ca2d8e4df8b9d36df5_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:74b4b594ffab3b29043c45163245df4f47aa0dea982dcac7474f09a0f6329f24_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a97741941ab1688bec159eef3918cfceaab47263a1ff0871588cde2a16f39c27_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c0fdf2c449051a44ffbdd7794c4fd6c3d6892ad7d1e30ec9e72c97ae34053127_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d86d94c67d42f5ca58f0ea102f74499cbbd0abd0f0d4bab039557981c8c18363_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:76db6178b69a489a215a5aeb295530fe6dd35210d353103139b4c5a4bfc05565_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:073d670f841132b02663a58c8eca5f6dce09f3233d8d3a6d2d55de2e78374b6c_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:2837c7bcbf44311879e67be1642b3e4e3c328da0ff138ae7def975cb169f4e03_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:98918dfb471d2c25a93a31830e308d32ba84057021c4b9312346b3f534ea0ec8_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:9dd90fe106a4c25b245ef65a66d082d3addb28a06606f7a38cb12e7e35b00ce8_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2403179"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service flaw has been discovered in the python Authlib package. Authlib\u2019s JOSE implementation accepts unbounded JWS/JWT header and signature segments. A remote attacker can craft a token whose base64url\u2011encoded header or signature spans hundreds of megabytes. During verification, Authlib decodes and parses the full input before it is rejected, driving CPU and memory consumption to hostile levels and enabling denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "authlib: Authlib Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:cb10c70bfb9d8dc3f7bc75506901cd84af0cd11e21883f78d651838eaa83c16c_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:f5047f7dea7825a5d0ad7323f433af0ce17fea83d1d3861372edd682584bb30e_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:f8c677a9fc5a608bc6c1848db7e3ff906ea93cb9cbc92af3d574c3158b2af668_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:fe48d48bb338329da213a0a21d2ac706b4b731593f154d554bfd420ad21a2912_arm64"
],
"known_not_affected": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:4d10cbc5518e4e6d5d2a8fc6a15afe3526865df26eaa95e265a3ece624b31e90_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:7541bf72daac1e784b5194b9c564fbc66831c6633aa7dd8eae3a7bd0c358c27e_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9eab1ead869fc65a1d3e0dd482f409f954d68361be09b230aff8d399970790de_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:fb19f8197c0b403cb25287b23e19230d986f0bd45c920672dea1bf532cabe52d_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:8b475114a5f77f7c041509a30246769a5f9064510724c8fc99ac29164dc3a0bb_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:892bee6e3214a69b8924f840b69a55ac0c8d66443bf042cfa88c13766bd8dce3_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa126c3f4865a2a62cba2734110418c865aa2d32f38147c056732e53fc593715_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b9889747f06f6fe48cd1a79aaf6dcafcf6a9cdd2d2ad986fb10da3f2a51c103b_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f55014b7e95512e2dcad9ebde4d36a39e136093ed22fc3436e66cf9b34091999_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:086f08c9878414065d1ccd65caaf2609aba4d6aa9656f4a0387134ffda0b231d_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:27cd6dee034e7eaafa86c955d119b86b8454b8721131ba870a534dacae48653e_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:69a3b67246d2fe32b1a1a6d726086ebd5a5f37c1ccc3c0e0021562d83caea21a_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a4cb517edd5c5a6bf9766e1fdbd9226ffce969000dc6a8070dba193299f467a9_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:55679b420af4e99bffa2ac83979bfaeb18fa2e88999be01dbb00b5912dad6f57_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:826d18a3ecd4df0c8a8d67844677b394d1f86f365141c08cda8ce0eda78f3132_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d007cac747d974c476392a703abe053dcee0603dfc0836d180175a1e2180c02b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:f5e49246468aeaf92745e513e66224698e6a280a76a129ba91f7c41fd0be1225_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:64bad8b3369eeac99384b41984e32c85e8fdee2ae32282ca2d8e4df8b9d36df5_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:74b4b594ffab3b29043c45163245df4f47aa0dea982dcac7474f09a0f6329f24_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a97741941ab1688bec159eef3918cfceaab47263a1ff0871588cde2a16f39c27_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c0fdf2c449051a44ffbdd7794c4fd6c3d6892ad7d1e30ec9e72c97ae34053127_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d86d94c67d42f5ca58f0ea102f74499cbbd0abd0f0d4bab039557981c8c18363_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:76db6178b69a489a215a5aeb295530fe6dd35210d353103139b4c5a4bfc05565_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:073d670f841132b02663a58c8eca5f6dce09f3233d8d3a6d2d55de2e78374b6c_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:2837c7bcbf44311879e67be1642b3e4e3c328da0ff138ae7def975cb169f4e03_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:98918dfb471d2c25a93a31830e308d32ba84057021c4b9312346b3f534ea0ec8_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:9dd90fe106a4c25b245ef65a66d082d3addb28a06606f7a38cb12e7e35b00ce8_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61920"
},
{
"category": "external",
"summary": "RHBZ#2403179",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2403179"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61920",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61920"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61920",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61920"
},
{
"category": "external",
"summary": "https://github.com/authlib/authlib/commit/867e3f87b072347a1ae9cf6983cc8bbf88447e5e",
"url": "https://github.com/authlib/authlib/commit/867e3f87b072347a1ae9cf6983cc8bbf88447e5e"
},
{
"category": "external",
"summary": "https://github.com/authlib/authlib/security/advisories/GHSA-pq5p-34cr-23v9",
"url": "https://github.com/authlib/authlib/security/advisories/GHSA-pq5p-34cr-23v9"
}
],
"release_date": "2025-10-10T19:25:07.679000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-26T14:52:57+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:cb10c70bfb9d8dc3f7bc75506901cd84af0cd11e21883f78d651838eaa83c16c_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:f5047f7dea7825a5d0ad7323f433af0ce17fea83d1d3861372edd682584bb30e_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:f8c677a9fc5a608bc6c1848db7e3ff906ea93cb9cbc92af3d574c3158b2af668_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:fe48d48bb338329da213a0a21d2ac706b4b731593f154d554bfd420ad21a2912_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22182"
},
{
"category": "workaround",
"details": "Users unable to upgrade may manually enforce input size limits before handing tokens to Authlib and/or use application-level throttling to reduce amplification risk.",
"product_ids": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:4d10cbc5518e4e6d5d2a8fc6a15afe3526865df26eaa95e265a3ece624b31e90_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:7541bf72daac1e784b5194b9c564fbc66831c6633aa7dd8eae3a7bd0c358c27e_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9eab1ead869fc65a1d3e0dd482f409f954d68361be09b230aff8d399970790de_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:fb19f8197c0b403cb25287b23e19230d986f0bd45c920672dea1bf532cabe52d_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:8b475114a5f77f7c041509a30246769a5f9064510724c8fc99ac29164dc3a0bb_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:892bee6e3214a69b8924f840b69a55ac0c8d66443bf042cfa88c13766bd8dce3_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa126c3f4865a2a62cba2734110418c865aa2d32f38147c056732e53fc593715_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b9889747f06f6fe48cd1a79aaf6dcafcf6a9cdd2d2ad986fb10da3f2a51c103b_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f55014b7e95512e2dcad9ebde4d36a39e136093ed22fc3436e66cf9b34091999_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:086f08c9878414065d1ccd65caaf2609aba4d6aa9656f4a0387134ffda0b231d_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:27cd6dee034e7eaafa86c955d119b86b8454b8721131ba870a534dacae48653e_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:69a3b67246d2fe32b1a1a6d726086ebd5a5f37c1ccc3c0e0021562d83caea21a_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a4cb517edd5c5a6bf9766e1fdbd9226ffce969000dc6a8070dba193299f467a9_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:55679b420af4e99bffa2ac83979bfaeb18fa2e88999be01dbb00b5912dad6f57_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:826d18a3ecd4df0c8a8d67844677b394d1f86f365141c08cda8ce0eda78f3132_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d007cac747d974c476392a703abe053dcee0603dfc0836d180175a1e2180c02b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:f5e49246468aeaf92745e513e66224698e6a280a76a129ba91f7c41fd0be1225_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:64bad8b3369eeac99384b41984e32c85e8fdee2ae32282ca2d8e4df8b9d36df5_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:74b4b594ffab3b29043c45163245df4f47aa0dea982dcac7474f09a0f6329f24_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a97741941ab1688bec159eef3918cfceaab47263a1ff0871588cde2a16f39c27_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c0fdf2c449051a44ffbdd7794c4fd6c3d6892ad7d1e30ec9e72c97ae34053127_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d86d94c67d42f5ca58f0ea102f74499cbbd0abd0f0d4bab039557981c8c18363_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:76db6178b69a489a215a5aeb295530fe6dd35210d353103139b4c5a4bfc05565_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:073d670f841132b02663a58c8eca5f6dce09f3233d8d3a6d2d55de2e78374b6c_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:2837c7bcbf44311879e67be1642b3e4e3c328da0ff138ae7def975cb169f4e03_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:98918dfb471d2c25a93a31830e308d32ba84057021c4b9312346b3f534ea0ec8_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:9dd90fe106a4c25b245ef65a66d082d3addb28a06606f7a38cb12e7e35b00ce8_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:cb10c70bfb9d8dc3f7bc75506901cd84af0cd11e21883f78d651838eaa83c16c_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:f5047f7dea7825a5d0ad7323f433af0ce17fea83d1d3861372edd682584bb30e_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:f8c677a9fc5a608bc6c1848db7e3ff906ea93cb9cbc92af3d574c3158b2af668_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:fe48d48bb338329da213a0a21d2ac706b4b731593f154d554bfd420ad21a2912_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:4d10cbc5518e4e6d5d2a8fc6a15afe3526865df26eaa95e265a3ece624b31e90_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:7541bf72daac1e784b5194b9c564fbc66831c6633aa7dd8eae3a7bd0c358c27e_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:9eab1ead869fc65a1d3e0dd482f409f954d68361be09b230aff8d399970790de_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/clair-rhel8@sha256:fb19f8197c0b403cb25287b23e19230d986f0bd45c920672dea1bf532cabe52d_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:8b475114a5f77f7c041509a30246769a5f9064510724c8fc99ac29164dc3a0bb_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:892bee6e3214a69b8924f840b69a55ac0c8d66443bf042cfa88c13766bd8dce3_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:aa126c3f4865a2a62cba2734110418c865aa2d32f38147c056732e53fc593715_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b9889747f06f6fe48cd1a79aaf6dcafcf6a9cdd2d2ad986fb10da3f2a51c103b_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:f55014b7e95512e2dcad9ebde4d36a39e136093ed22fc3436e66cf9b34091999_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:086f08c9878414065d1ccd65caaf2609aba4d6aa9656f4a0387134ffda0b231d_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:27cd6dee034e7eaafa86c955d119b86b8454b8721131ba870a534dacae48653e_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:69a3b67246d2fe32b1a1a6d726086ebd5a5f37c1ccc3c0e0021562d83caea21a_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a4cb517edd5c5a6bf9766e1fdbd9226ffce969000dc6a8070dba193299f467a9_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:55679b420af4e99bffa2ac83979bfaeb18fa2e88999be01dbb00b5912dad6f57_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:826d18a3ecd4df0c8a8d67844677b394d1f86f365141c08cda8ce0eda78f3132_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:d007cac747d974c476392a703abe053dcee0603dfc0836d180175a1e2180c02b_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-builder-rhel8@sha256:f5e49246468aeaf92745e513e66224698e6a280a76a129ba91f7c41fd0be1225_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:64bad8b3369eeac99384b41984e32c85e8fdee2ae32282ca2d8e4df8b9d36df5_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:74b4b594ffab3b29043c45163245df4f47aa0dea982dcac7474f09a0f6329f24_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:a97741941ab1688bec159eef3918cfceaab47263a1ff0871588cde2a16f39c27_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c0fdf2c449051a44ffbdd7794c4fd6c3d6892ad7d1e30ec9e72c97ae34053127_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:d86d94c67d42f5ca58f0ea102f74499cbbd0abd0f0d4bab039557981c8c18363_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-bundle@sha256:76db6178b69a489a215a5aeb295530fe6dd35210d353103139b4c5a4bfc05565_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:073d670f841132b02663a58c8eca5f6dce09f3233d8d3a6d2d55de2e78374b6c_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:2837c7bcbf44311879e67be1642b3e4e3c328da0ff138ae7def975cb169f4e03_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:98918dfb471d2c25a93a31830e308d32ba84057021c4b9312346b3f534ea0ec8_arm64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-operator-rhel8@sha256:9dd90fe106a4c25b245ef65a66d082d3addb28a06606f7a38cb12e7e35b00ce8_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:cb10c70bfb9d8dc3f7bc75506901cd84af0cd11e21883f78d651838eaa83c16c_amd64",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:f5047f7dea7825a5d0ad7323f433af0ce17fea83d1d3861372edd682584bb30e_ppc64le",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:f8c677a9fc5a608bc6c1848db7e3ff906ea93cb9cbc92af3d574c3158b2af668_s390x",
"Red Hat Quay 3.10:registry.redhat.io/quay/quay-rhel8@sha256:fe48d48bb338329da213a0a21d2ac706b4b731593f154d554bfd420ad21a2912_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "authlib: Authlib Denial of Service"
}
]
}
RHSA-2025:22287
Vulnerability from csaf_redhat - Published: 2025-11-27 14:54 - Updated: 2026-07-01 14:46A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:278facca3eaf0c2091ad8575e85ac03aef6e8a52227511e7ee5f62bc2842dac8_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:71a6e23a69d7c4723a2653f630c8b02057545c1be65e5f4401490f0364f0d43c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:a6e6c1f865e6c3e237c36bbb58b3c0e533171303e21cbe4d829d05b497fcd5c7_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:f4ab11e6a09b983a4af87723877338a79b45c36b3848b0e8032963a330d98467_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:02ced94ebfcce3e21bcc71af6aa1c11db50822c91dd05cec4fb41a34e6669112_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:42a67bb2e5ab681eadc253b413f0bf557d63f282f270e6064f5768fecf6886e5_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:880c746eb5822f68e41ca7b60d97799115c30f39bdc7e458f7a4101e2af36c8c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:ad995b723102f4472e4190257b61582de5c6b058b908bcee7cebe683ae77be75_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:49db4fa7375da6397c45b6c09e10e20f5855348e21812d64474c3adec7f1cbdd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:235d66a1ef93f2ae13266709a30698d444d6e481b8edbdb252d49d9aea4b76ce_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:26a27da8aa0da9a6673907fe35de61cc93932386070dc3d7ad348e8c086b19d7_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:97dd28bc0b588ffc8fd9a171a946580c0572eb6fb34c85d5e1b799a12cf22574_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b6179970b9060f74475ccd25cbb8f8a098ed5e71afb444058156e91e8a51d5a9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:60638663af472a24a79cc4a6ec7d4d78a3d10b0e09eec80f6da6855277ff139b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8ca3e5903314362c191c6acd1d3865436d85daf50e284760da21e28f473a8ee5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9a8d1b2e4b0497f96cbbdfa90d96239da9da8329917adca696ea6f0e20d2c2c0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c622550fb4630be48a1a6e1a8f9337718e4f934b5e5cd23bcc4300beb03eeeae_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:76dd5f7b326afb6c72515daed8e65331f98cb7ad514612c06c85f14de6b525e4_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:7cfa21df6e22c2157d2eb65b5e226863a121c8e661a1869b585ca0656fb6013a_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:9b69aadfde5c4cbde98f496c54ce396d1daa5277b8f59577f22855345604442e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:decf4b7e1917a2c551ea095c9798a65237879369e9f736a44b885e2589e5c05b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:878b011b86512d01021feb10cdd54608a3ab68d2f3db5a1d53ce8feaa9e56878_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:54003d9396862c6e3b675455ac8c0159662a6640bb889ffb34516d2d091275de_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5f2ba97f71eefadd2a84b031e536619dcf1a0b76ae9225592c05b99ec87ca9dc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8458e32483b897e156a5688ec6d96af2ff897e8c14dafb396c945f7c76b4c368_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ac042b538a7498bf3020c20234966fdbc9b6817aae343985f3bf8ba9fcfdb6d6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:ce217da657cabd3cf9beaff3a3b096309738c33932f2ad33d46b03870598f0c4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:628dd4acfe11aef376cc6d75dc7c337c1e487113c2e78e003a3377472b22f488_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:a6813e5bf29916abf84b2d120a30cda07edf06f735c860ee4d0510ed0c59633b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c7c6fe7ff2592c0fdf51d6e3b0ce657dffcd131c60c00ce680acd89c5c286cee_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f0814d33be7a101b6326fb8a536efc0fe66df764d1efa8ddda021e90e61afda9_arm64 | — |
Workaround
|
A flaw was found in the x/crypto/ssh go library. Applications and libraries that misuse the ServerConfig.PublicKeyCallback callback may be susceptible to an authorization bypass. For example, an attacker may send public keys A and B and authenticate with A. PublicKeyCallback would be called only twice, first with A and then with B. A vulnerable application may then make authorization decisions based on key B, for which the attacker does not control the private key. The misuse of ServerConfig.PublicKeyCallback may cause an authorization bypass.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:278facca3eaf0c2091ad8575e85ac03aef6e8a52227511e7ee5f62bc2842dac8_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:71a6e23a69d7c4723a2653f630c8b02057545c1be65e5f4401490f0364f0d43c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:a6e6c1f865e6c3e237c36bbb58b3c0e533171303e21cbe4d829d05b497fcd5c7_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:f4ab11e6a09b983a4af87723877338a79b45c36b3848b0e8032963a330d98467_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:02ced94ebfcce3e21bcc71af6aa1c11db50822c91dd05cec4fb41a34e6669112_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:42a67bb2e5ab681eadc253b413f0bf557d63f282f270e6064f5768fecf6886e5_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:880c746eb5822f68e41ca7b60d97799115c30f39bdc7e458f7a4101e2af36c8c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:ad995b723102f4472e4190257b61582de5c6b058b908bcee7cebe683ae77be75_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:49db4fa7375da6397c45b6c09e10e20f5855348e21812d64474c3adec7f1cbdd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:235d66a1ef93f2ae13266709a30698d444d6e481b8edbdb252d49d9aea4b76ce_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:26a27da8aa0da9a6673907fe35de61cc93932386070dc3d7ad348e8c086b19d7_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:97dd28bc0b588ffc8fd9a171a946580c0572eb6fb34c85d5e1b799a12cf22574_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b6179970b9060f74475ccd25cbb8f8a098ed5e71afb444058156e91e8a51d5a9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:60638663af472a24a79cc4a6ec7d4d78a3d10b0e09eec80f6da6855277ff139b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8ca3e5903314362c191c6acd1d3865436d85daf50e284760da21e28f473a8ee5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9a8d1b2e4b0497f96cbbdfa90d96239da9da8329917adca696ea6f0e20d2c2c0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c622550fb4630be48a1a6e1a8f9337718e4f934b5e5cd23bcc4300beb03eeeae_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:76dd5f7b326afb6c72515daed8e65331f98cb7ad514612c06c85f14de6b525e4_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:7cfa21df6e22c2157d2eb65b5e226863a121c8e661a1869b585ca0656fb6013a_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:9b69aadfde5c4cbde98f496c54ce396d1daa5277b8f59577f22855345604442e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:decf4b7e1917a2c551ea095c9798a65237879369e9f736a44b885e2589e5c05b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:878b011b86512d01021feb10cdd54608a3ab68d2f3db5a1d53ce8feaa9e56878_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:54003d9396862c6e3b675455ac8c0159662a6640bb889ffb34516d2d091275de_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5f2ba97f71eefadd2a84b031e536619dcf1a0b76ae9225592c05b99ec87ca9dc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8458e32483b897e156a5688ec6d96af2ff897e8c14dafb396c945f7c76b4c368_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ac042b538a7498bf3020c20234966fdbc9b6817aae343985f3bf8ba9fcfdb6d6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:ce217da657cabd3cf9beaff3a3b096309738c33932f2ad33d46b03870598f0c4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:628dd4acfe11aef376cc6d75dc7c337c1e487113c2e78e003a3377472b22f488_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:a6813e5bf29916abf84b2d120a30cda07edf06f735c860ee4d0510ed0c59633b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c7c6fe7ff2592c0fdf51d6e3b0ce657dffcd131c60c00ce680acd89c5c286cee_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f0814d33be7a101b6326fb8a536efc0fe66df764d1efa8ddda021e90e61afda9_arm64 | — |
Workaround
|
A flaw was found in golang.org/x/net/html. This flaw allows an attacker to craft input to the parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This issue can cause a denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:278facca3eaf0c2091ad8575e85ac03aef6e8a52227511e7ee5f62bc2842dac8_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:71a6e23a69d7c4723a2653f630c8b02057545c1be65e5f4401490f0364f0d43c_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:a6e6c1f865e6c3e237c36bbb58b3c0e533171303e21cbe4d829d05b497fcd5c7_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:f4ab11e6a09b983a4af87723877338a79b45c36b3848b0e8032963a330d98467_amd64 | — |
Vendor Fix
fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:02ced94ebfcce3e21bcc71af6aa1c11db50822c91dd05cec4fb41a34e6669112_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:42a67bb2e5ab681eadc253b413f0bf557d63f282f270e6064f5768fecf6886e5_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:880c746eb5822f68e41ca7b60d97799115c30f39bdc7e458f7a4101e2af36c8c_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:ad995b723102f4472e4190257b61582de5c6b058b908bcee7cebe683ae77be75_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:49db4fa7375da6397c45b6c09e10e20f5855348e21812d64474c3adec7f1cbdd_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:235d66a1ef93f2ae13266709a30698d444d6e481b8edbdb252d49d9aea4b76ce_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:26a27da8aa0da9a6673907fe35de61cc93932386070dc3d7ad348e8c086b19d7_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:97dd28bc0b588ffc8fd9a171a946580c0572eb6fb34c85d5e1b799a12cf22574_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b6179970b9060f74475ccd25cbb8f8a098ed5e71afb444058156e91e8a51d5a9_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:60638663af472a24a79cc4a6ec7d4d78a3d10b0e09eec80f6da6855277ff139b_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8ca3e5903314362c191c6acd1d3865436d85daf50e284760da21e28f473a8ee5_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9a8d1b2e4b0497f96cbbdfa90d96239da9da8329917adca696ea6f0e20d2c2c0_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c622550fb4630be48a1a6e1a8f9337718e4f934b5e5cd23bcc4300beb03eeeae_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:76dd5f7b326afb6c72515daed8e65331f98cb7ad514612c06c85f14de6b525e4_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:7cfa21df6e22c2157d2eb65b5e226863a121c8e661a1869b585ca0656fb6013a_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:9b69aadfde5c4cbde98f496c54ce396d1daa5277b8f59577f22855345604442e_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:decf4b7e1917a2c551ea095c9798a65237879369e9f736a44b885e2589e5c05b_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:878b011b86512d01021feb10cdd54608a3ab68d2f3db5a1d53ce8feaa9e56878_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:54003d9396862c6e3b675455ac8c0159662a6640bb889ffb34516d2d091275de_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5f2ba97f71eefadd2a84b031e536619dcf1a0b76ae9225592c05b99ec87ca9dc_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8458e32483b897e156a5688ec6d96af2ff897e8c14dafb396c945f7c76b4c368_arm64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ac042b538a7498bf3020c20234966fdbc9b6817aae343985f3bf8ba9fcfdb6d6_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:ce217da657cabd3cf9beaff3a3b096309738c33932f2ad33d46b03870598f0c4_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:628dd4acfe11aef376cc6d75dc7c337c1e487113c2e78e003a3377472b22f488_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:a6813e5bf29916abf84b2d120a30cda07edf06f735c860ee4d0510ed0c59633b_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c7c6fe7ff2592c0fdf51d6e3b0ce657dffcd131c60c00ce680acd89c5c286cee_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f0814d33be7a101b6326fb8a536efc0fe66df764d1efa8ddda021e90e61afda9_arm64 | — |
Authlib’s JWS verification accepts tokens that declare unknown critical header parameters (crit), violating RFC 7515 “must‑understand” semantics. An attacker can craft a signed token with a critical header (for example, bork or cnf) that strict verifiers reject but Authlib accepts. In mixed‑language fleets, this enables split‑brain verification and can lead to policy bypass, replay, or privilege escalation.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:628dd4acfe11aef376cc6d75dc7c337c1e487113c2e78e003a3377472b22f488_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:a6813e5bf29916abf84b2d120a30cda07edf06f735c860ee4d0510ed0c59633b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c7c6fe7ff2592c0fdf51d6e3b0ce657dffcd131c60c00ce680acd89c5c286cee_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f0814d33be7a101b6326fb8a536efc0fe66df764d1efa8ddda021e90e61afda9_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:02ced94ebfcce3e21bcc71af6aa1c11db50822c91dd05cec4fb41a34e6669112_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:42a67bb2e5ab681eadc253b413f0bf557d63f282f270e6064f5768fecf6886e5_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:880c746eb5822f68e41ca7b60d97799115c30f39bdc7e458f7a4101e2af36c8c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:ad995b723102f4472e4190257b61582de5c6b058b908bcee7cebe683ae77be75_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:49db4fa7375da6397c45b6c09e10e20f5855348e21812d64474c3adec7f1cbdd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:235d66a1ef93f2ae13266709a30698d444d6e481b8edbdb252d49d9aea4b76ce_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:26a27da8aa0da9a6673907fe35de61cc93932386070dc3d7ad348e8c086b19d7_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:97dd28bc0b588ffc8fd9a171a946580c0572eb6fb34c85d5e1b799a12cf22574_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b6179970b9060f74475ccd25cbb8f8a098ed5e71afb444058156e91e8a51d5a9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:60638663af472a24a79cc4a6ec7d4d78a3d10b0e09eec80f6da6855277ff139b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8ca3e5903314362c191c6acd1d3865436d85daf50e284760da21e28f473a8ee5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9a8d1b2e4b0497f96cbbdfa90d96239da9da8329917adca696ea6f0e20d2c2c0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c622550fb4630be48a1a6e1a8f9337718e4f934b5e5cd23bcc4300beb03eeeae_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:76dd5f7b326afb6c72515daed8e65331f98cb7ad514612c06c85f14de6b525e4_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:7cfa21df6e22c2157d2eb65b5e226863a121c8e661a1869b585ca0656fb6013a_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:9b69aadfde5c4cbde98f496c54ce396d1daa5277b8f59577f22855345604442e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:decf4b7e1917a2c551ea095c9798a65237879369e9f736a44b885e2589e5c05b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:878b011b86512d01021feb10cdd54608a3ab68d2f3db5a1d53ce8feaa9e56878_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:54003d9396862c6e3b675455ac8c0159662a6640bb889ffb34516d2d091275de_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5f2ba97f71eefadd2a84b031e536619dcf1a0b76ae9225592c05b99ec87ca9dc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8458e32483b897e156a5688ec6d96af2ff897e8c14dafb396c945f7c76b4c368_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ac042b538a7498bf3020c20234966fdbc9b6817aae343985f3bf8ba9fcfdb6d6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:ce217da657cabd3cf9beaff3a3b096309738c33932f2ad33d46b03870598f0c4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:278facca3eaf0c2091ad8575e85ac03aef6e8a52227511e7ee5f62bc2842dac8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:71a6e23a69d7c4723a2653f630c8b02057545c1be65e5f4401490f0364f0d43c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:a6e6c1f865e6c3e237c36bbb58b3c0e533171303e21cbe4d829d05b497fcd5c7_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:f4ab11e6a09b983a4af87723877338a79b45c36b3848b0e8032963a330d98467_amd64 | — |
Workaround
|
A denial of service flaw has been discovered in the python Authlib package. Authlib’s JOSE implementation accepts unbounded JWS/JWT header and signature segments. A remote attacker can craft a token whose base64url‑encoded header or signature spans hundreds of megabytes. During verification, Authlib decodes and parses the full input before it is rejected, driving CPU and memory consumption to hostile levels and enabling denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:628dd4acfe11aef376cc6d75dc7c337c1e487113c2e78e003a3377472b22f488_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:a6813e5bf29916abf84b2d120a30cda07edf06f735c860ee4d0510ed0c59633b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c7c6fe7ff2592c0fdf51d6e3b0ce657dffcd131c60c00ce680acd89c5c286cee_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f0814d33be7a101b6326fb8a536efc0fe66df764d1efa8ddda021e90e61afda9_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:02ced94ebfcce3e21bcc71af6aa1c11db50822c91dd05cec4fb41a34e6669112_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:42a67bb2e5ab681eadc253b413f0bf557d63f282f270e6064f5768fecf6886e5_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:880c746eb5822f68e41ca7b60d97799115c30f39bdc7e458f7a4101e2af36c8c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:ad995b723102f4472e4190257b61582de5c6b058b908bcee7cebe683ae77be75_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:49db4fa7375da6397c45b6c09e10e20f5855348e21812d64474c3adec7f1cbdd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:235d66a1ef93f2ae13266709a30698d444d6e481b8edbdb252d49d9aea4b76ce_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:26a27da8aa0da9a6673907fe35de61cc93932386070dc3d7ad348e8c086b19d7_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:97dd28bc0b588ffc8fd9a171a946580c0572eb6fb34c85d5e1b799a12cf22574_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b6179970b9060f74475ccd25cbb8f8a098ed5e71afb444058156e91e8a51d5a9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:60638663af472a24a79cc4a6ec7d4d78a3d10b0e09eec80f6da6855277ff139b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8ca3e5903314362c191c6acd1d3865436d85daf50e284760da21e28f473a8ee5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9a8d1b2e4b0497f96cbbdfa90d96239da9da8329917adca696ea6f0e20d2c2c0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c622550fb4630be48a1a6e1a8f9337718e4f934b5e5cd23bcc4300beb03eeeae_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:76dd5f7b326afb6c72515daed8e65331f98cb7ad514612c06c85f14de6b525e4_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:7cfa21df6e22c2157d2eb65b5e226863a121c8e661a1869b585ca0656fb6013a_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:9b69aadfde5c4cbde98f496c54ce396d1daa5277b8f59577f22855345604442e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:decf4b7e1917a2c551ea095c9798a65237879369e9f736a44b885e2589e5c05b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:878b011b86512d01021feb10cdd54608a3ab68d2f3db5a1d53ce8feaa9e56878_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:54003d9396862c6e3b675455ac8c0159662a6640bb889ffb34516d2d091275de_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5f2ba97f71eefadd2a84b031e536619dcf1a0b76ae9225592c05b99ec87ca9dc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8458e32483b897e156a5688ec6d96af2ff897e8c14dafb396c945f7c76b4c368_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ac042b538a7498bf3020c20234966fdbc9b6817aae343985f3bf8ba9fcfdb6d6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:ce217da657cabd3cf9beaff3a3b096309738c33932f2ad33d46b03870598f0c4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:278facca3eaf0c2091ad8575e85ac03aef6e8a52227511e7ee5f62bc2842dac8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:71a6e23a69d7c4723a2653f630c8b02057545c1be65e5f4401490f0364f0d43c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:a6e6c1f865e6c3e237c36bbb58b3c0e533171303e21cbe4d829d05b497fcd5c7_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:f4ab11e6a09b983a4af87723877338a79b45c36b3848b0e8032963a330d98467_amd64 | — |
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat Quay 3.9 is now available with bug fixes.",
"title": "Topic"
},
{
"category": "general",
"text": "Quay 3.9",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:22287",
"url": "https://access.redhat.com/errata/RHSA-2025:22287"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-34156",
"url": "https://access.redhat.com/security/cve/CVE-2024-34156"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-45337",
"url": "https://access.redhat.com/security/cve/CVE-2024-45337"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-45338",
"url": "https://access.redhat.com/security/cve/CVE-2024-45338"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-59420",
"url": "https://access.redhat.com/security/cve/CVE-2025-59420"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61920",
"url": "https://access.redhat.com/security/cve/CVE-2025-61920"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_22287.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Quay 3.9",
"tracking": {
"current_release_date": "2026-07-01T14:46:57+00:00",
"generator": {
"date": "2026-07-01T14:46:57+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2025:22287",
"initial_release_date": "2025-11-27T14:54:51+00:00",
"revision_history": [
{
"date": "2025-11-27T14:54:51+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-11-27T14:54:59+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-01T14:46:57+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Quay 3.9",
"product": {
"name": "Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:quay:3.9::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Quay"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:878b011b86512d01021feb10cdd54608a3ab68d2f3db5a1d53ce8feaa9e56878_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:878b011b86512d01021feb10cdd54608a3ab68d2f3db5a1d53ce8feaa9e56878_amd64",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:878b011b86512d01021feb10cdd54608a3ab68d2f3db5a1d53ce8feaa9e56878_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-bundle@sha256%3A878b011b86512d01021feb10cdd54608a3ab68d2f3db5a1d53ce8feaa9e56878?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=3.9.17-1764254756"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:54003d9396862c6e3b675455ac8c0159662a6640bb889ffb34516d2d091275de_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:54003d9396862c6e3b675455ac8c0159662a6640bb889ffb34516d2d091275de_amd64",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:54003d9396862c6e3b675455ac8c0159662a6640bb889ffb34516d2d091275de_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3A54003d9396862c6e3b675455ac8c0159662a6640bb889ffb34516d2d091275de?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=3.9.17-1764254756"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:49db4fa7375da6397c45b6c09e10e20f5855348e21812d64474c3adec7f1cbdd_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:49db4fa7375da6397c45b6c09e10e20f5855348e21812d64474c3adec7f1cbdd_amd64",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:49db4fa7375da6397c45b6c09e10e20f5855348e21812d64474c3adec7f1cbdd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-bundle@sha256%3A49db4fa7375da6397c45b6c09e10e20f5855348e21812d64474c3adec7f1cbdd?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=3.9.17-1764254756"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:235d66a1ef93f2ae13266709a30698d444d6e481b8edbdb252d49d9aea4b76ce_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:235d66a1ef93f2ae13266709a30698d444d6e481b8edbdb252d49d9aea4b76ce_amd64",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:235d66a1ef93f2ae13266709a30698d444d6e481b8edbdb252d49d9aea4b76ce_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3A235d66a1ef93f2ae13266709a30698d444d6e481b8edbdb252d49d9aea4b76ce?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=3.9-1764254756"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8ca3e5903314362c191c6acd1d3865436d85daf50e284760da21e28f473a8ee5_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8ca3e5903314362c191c6acd1d3865436d85daf50e284760da21e28f473a8ee5_amd64",
"product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8ca3e5903314362c191c6acd1d3865436d85daf50e284760da21e28f473a8ee5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3A8ca3e5903314362c191c6acd1d3865436d85daf50e284760da21e28f473a8ee5?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=3.14-1764254756"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:9b69aadfde5c4cbde98f496c54ce396d1daa5277b8f59577f22855345604442e_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:9b69aadfde5c4cbde98f496c54ce396d1daa5277b8f59577f22855345604442e_amd64",
"product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:9b69aadfde5c4cbde98f496c54ce396d1daa5277b8f59577f22855345604442e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel8@sha256%3A9b69aadfde5c4cbde98f496c54ce396d1daa5277b8f59577f22855345604442e?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=8.10-1764254756"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel8@sha256:02ced94ebfcce3e21bcc71af6aa1c11db50822c91dd05cec4fb41a34e6669112_amd64",
"product": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:02ced94ebfcce3e21bcc71af6aa1c11db50822c91dd05cec4fb41a34e6669112_amd64",
"product_id": "registry.redhat.io/quay/clair-rhel8@sha256:02ced94ebfcce3e21bcc71af6aa1c11db50822c91dd05cec4fb41a34e6669112_amd64",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel8@sha256%3A02ced94ebfcce3e21bcc71af6aa1c11db50822c91dd05cec4fb41a34e6669112?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=v3.9.0-1764254756"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:ce217da657cabd3cf9beaff3a3b096309738c33932f2ad33d46b03870598f0c4_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:ce217da657cabd3cf9beaff3a3b096309738c33932f2ad33d46b03870598f0c4_amd64",
"product_id": "registry.redhat.io/quay/quay-operator-bundle@sha256:ce217da657cabd3cf9beaff3a3b096309738c33932f2ad33d46b03870598f0c4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-bundle@sha256%3Ace217da657cabd3cf9beaff3a3b096309738c33932f2ad33d46b03870598f0c4?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=3.9.17-1764254756"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:f4ab11e6a09b983a4af87723877338a79b45c36b3848b0e8032963a330d98467_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:f4ab11e6a09b983a4af87723877338a79b45c36b3848b0e8032963a330d98467_amd64",
"product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:f4ab11e6a09b983a4af87723877338a79b45c36b3848b0e8032963a330d98467_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel8@sha256%3Af4ab11e6a09b983a4af87723877338a79b45c36b3848b0e8032963a330d98467?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=3.9.17-1764254756"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel8@sha256:a6813e5bf29916abf84b2d120a30cda07edf06f735c860ee4d0510ed0c59633b_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:a6813e5bf29916abf84b2d120a30cda07edf06f735c860ee4d0510ed0c59633b_amd64",
"product_id": "registry.redhat.io/quay/quay-rhel8@sha256:a6813e5bf29916abf84b2d120a30cda07edf06f735c860ee4d0510ed0c59633b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8@sha256%3Aa6813e5bf29916abf84b2d120a30cda07edf06f735c860ee4d0510ed0c59633b?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=3.9-1764254756"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8458e32483b897e156a5688ec6d96af2ff897e8c14dafb396c945f7c76b4c368_arm64",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8458e32483b897e156a5688ec6d96af2ff897e8c14dafb396c945f7c76b4c368_arm64",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8458e32483b897e156a5688ec6d96af2ff897e8c14dafb396c945f7c76b4c368_arm64",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3A8458e32483b897e156a5688ec6d96af2ff897e8c14dafb396c945f7c76b4c368?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=3.9.17-1764254756"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:97dd28bc0b588ffc8fd9a171a946580c0572eb6fb34c85d5e1b799a12cf22574_arm64",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:97dd28bc0b588ffc8fd9a171a946580c0572eb6fb34c85d5e1b799a12cf22574_arm64",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:97dd28bc0b588ffc8fd9a171a946580c0572eb6fb34c85d5e1b799a12cf22574_arm64",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3A97dd28bc0b588ffc8fd9a171a946580c0572eb6fb34c85d5e1b799a12cf22574?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=3.9-1764254756"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:60638663af472a24a79cc4a6ec7d4d78a3d10b0e09eec80f6da6855277ff139b_arm64",
"product": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:60638663af472a24a79cc4a6ec7d4d78a3d10b0e09eec80f6da6855277ff139b_arm64",
"product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:60638663af472a24a79cc4a6ec7d4d78a3d10b0e09eec80f6da6855277ff139b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3A60638663af472a24a79cc4a6ec7d4d78a3d10b0e09eec80f6da6855277ff139b?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=3.14-1764254756"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:76dd5f7b326afb6c72515daed8e65331f98cb7ad514612c06c85f14de6b525e4_arm64",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:76dd5f7b326afb6c72515daed8e65331f98cb7ad514612c06c85f14de6b525e4_arm64",
"product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:76dd5f7b326afb6c72515daed8e65331f98cb7ad514612c06c85f14de6b525e4_arm64",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel8@sha256%3A76dd5f7b326afb6c72515daed8e65331f98cb7ad514612c06c85f14de6b525e4?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=8.10-1764254756"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel8@sha256:ad995b723102f4472e4190257b61582de5c6b058b908bcee7cebe683ae77be75_arm64",
"product": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:ad995b723102f4472e4190257b61582de5c6b058b908bcee7cebe683ae77be75_arm64",
"product_id": "registry.redhat.io/quay/clair-rhel8@sha256:ad995b723102f4472e4190257b61582de5c6b058b908bcee7cebe683ae77be75_arm64",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel8@sha256%3Aad995b723102f4472e4190257b61582de5c6b058b908bcee7cebe683ae77be75?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=v3.9.0-1764254756"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:a6e6c1f865e6c3e237c36bbb58b3c0e533171303e21cbe4d829d05b497fcd5c7_arm64",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:a6e6c1f865e6c3e237c36bbb58b3c0e533171303e21cbe4d829d05b497fcd5c7_arm64",
"product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:a6e6c1f865e6c3e237c36bbb58b3c0e533171303e21cbe4d829d05b497fcd5c7_arm64",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel8@sha256%3Aa6e6c1f865e6c3e237c36bbb58b3c0e533171303e21cbe4d829d05b497fcd5c7?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=3.9.17-1764254756"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel8@sha256:f0814d33be7a101b6326fb8a536efc0fe66df764d1efa8ddda021e90e61afda9_arm64",
"product": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:f0814d33be7a101b6326fb8a536efc0fe66df764d1efa8ddda021e90e61afda9_arm64",
"product_id": "registry.redhat.io/quay/quay-rhel8@sha256:f0814d33be7a101b6326fb8a536efc0fe66df764d1efa8ddda021e90e61afda9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8@sha256%3Af0814d33be7a101b6326fb8a536efc0fe66df764d1efa8ddda021e90e61afda9?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=3.9-1764254756"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ac042b538a7498bf3020c20234966fdbc9b6817aae343985f3bf8ba9fcfdb6d6_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ac042b538a7498bf3020c20234966fdbc9b6817aae343985f3bf8ba9fcfdb6d6_ppc64le",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ac042b538a7498bf3020c20234966fdbc9b6817aae343985f3bf8ba9fcfdb6d6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3Aac042b538a7498bf3020c20234966fdbc9b6817aae343985f3bf8ba9fcfdb6d6?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=3.9.17-1764254756"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:26a27da8aa0da9a6673907fe35de61cc93932386070dc3d7ad348e8c086b19d7_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:26a27da8aa0da9a6673907fe35de61cc93932386070dc3d7ad348e8c086b19d7_ppc64le",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:26a27da8aa0da9a6673907fe35de61cc93932386070dc3d7ad348e8c086b19d7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3A26a27da8aa0da9a6673907fe35de61cc93932386070dc3d7ad348e8c086b19d7?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=3.9-1764254756"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9a8d1b2e4b0497f96cbbdfa90d96239da9da8329917adca696ea6f0e20d2c2c0_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9a8d1b2e4b0497f96cbbdfa90d96239da9da8329917adca696ea6f0e20d2c2c0_ppc64le",
"product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9a8d1b2e4b0497f96cbbdfa90d96239da9da8329917adca696ea6f0e20d2c2c0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3A9a8d1b2e4b0497f96cbbdfa90d96239da9da8329917adca696ea6f0e20d2c2c0?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=3.14-1764254756"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:decf4b7e1917a2c551ea095c9798a65237879369e9f736a44b885e2589e5c05b_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:decf4b7e1917a2c551ea095c9798a65237879369e9f736a44b885e2589e5c05b_ppc64le",
"product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:decf4b7e1917a2c551ea095c9798a65237879369e9f736a44b885e2589e5c05b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel8@sha256%3Adecf4b7e1917a2c551ea095c9798a65237879369e9f736a44b885e2589e5c05b?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=8.10-1764254756"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel8@sha256:42a67bb2e5ab681eadc253b413f0bf557d63f282f270e6064f5768fecf6886e5_ppc64le",
"product": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:42a67bb2e5ab681eadc253b413f0bf557d63f282f270e6064f5768fecf6886e5_ppc64le",
"product_id": "registry.redhat.io/quay/clair-rhel8@sha256:42a67bb2e5ab681eadc253b413f0bf557d63f282f270e6064f5768fecf6886e5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel8@sha256%3A42a67bb2e5ab681eadc253b413f0bf557d63f282f270e6064f5768fecf6886e5?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=v3.9.0-1764254756"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:71a6e23a69d7c4723a2653f630c8b02057545c1be65e5f4401490f0364f0d43c_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:71a6e23a69d7c4723a2653f630c8b02057545c1be65e5f4401490f0364f0d43c_ppc64le",
"product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:71a6e23a69d7c4723a2653f630c8b02057545c1be65e5f4401490f0364f0d43c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel8@sha256%3A71a6e23a69d7c4723a2653f630c8b02057545c1be65e5f4401490f0364f0d43c?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=3.9.17-1764254756"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel8@sha256:628dd4acfe11aef376cc6d75dc7c337c1e487113c2e78e003a3377472b22f488_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:628dd4acfe11aef376cc6d75dc7c337c1e487113c2e78e003a3377472b22f488_ppc64le",
"product_id": "registry.redhat.io/quay/quay-rhel8@sha256:628dd4acfe11aef376cc6d75dc7c337c1e487113c2e78e003a3377472b22f488_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8@sha256%3A628dd4acfe11aef376cc6d75dc7c337c1e487113c2e78e003a3377472b22f488?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=3.9-1764254756"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5f2ba97f71eefadd2a84b031e536619dcf1a0b76ae9225592c05b99ec87ca9dc_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5f2ba97f71eefadd2a84b031e536619dcf1a0b76ae9225592c05b99ec87ca9dc_s390x",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5f2ba97f71eefadd2a84b031e536619dcf1a0b76ae9225592c05b99ec87ca9dc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3A5f2ba97f71eefadd2a84b031e536619dcf1a0b76ae9225592c05b99ec87ca9dc?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=3.9.17-1764254756"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b6179970b9060f74475ccd25cbb8f8a098ed5e71afb444058156e91e8a51d5a9_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b6179970b9060f74475ccd25cbb8f8a098ed5e71afb444058156e91e8a51d5a9_s390x",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b6179970b9060f74475ccd25cbb8f8a098ed5e71afb444058156e91e8a51d5a9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3Ab6179970b9060f74475ccd25cbb8f8a098ed5e71afb444058156e91e8a51d5a9?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=3.9-1764254756"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c622550fb4630be48a1a6e1a8f9337718e4f934b5e5cd23bcc4300beb03eeeae_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c622550fb4630be48a1a6e1a8f9337718e4f934b5e5cd23bcc4300beb03eeeae_s390x",
"product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c622550fb4630be48a1a6e1a8f9337718e4f934b5e5cd23bcc4300beb03eeeae_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3Ac622550fb4630be48a1a6e1a8f9337718e4f934b5e5cd23bcc4300beb03eeeae?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=3.14-1764254756"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:7cfa21df6e22c2157d2eb65b5e226863a121c8e661a1869b585ca0656fb6013a_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:7cfa21df6e22c2157d2eb65b5e226863a121c8e661a1869b585ca0656fb6013a_s390x",
"product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:7cfa21df6e22c2157d2eb65b5e226863a121c8e661a1869b585ca0656fb6013a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel8@sha256%3A7cfa21df6e22c2157d2eb65b5e226863a121c8e661a1869b585ca0656fb6013a?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=8.10-1764254756"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel8@sha256:880c746eb5822f68e41ca7b60d97799115c30f39bdc7e458f7a4101e2af36c8c_s390x",
"product": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:880c746eb5822f68e41ca7b60d97799115c30f39bdc7e458f7a4101e2af36c8c_s390x",
"product_id": "registry.redhat.io/quay/clair-rhel8@sha256:880c746eb5822f68e41ca7b60d97799115c30f39bdc7e458f7a4101e2af36c8c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel8@sha256%3A880c746eb5822f68e41ca7b60d97799115c30f39bdc7e458f7a4101e2af36c8c?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=v3.9.0-1764254756"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:278facca3eaf0c2091ad8575e85ac03aef6e8a52227511e7ee5f62bc2842dac8_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:278facca3eaf0c2091ad8575e85ac03aef6e8a52227511e7ee5f62bc2842dac8_s390x",
"product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:278facca3eaf0c2091ad8575e85ac03aef6e8a52227511e7ee5f62bc2842dac8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel8@sha256%3A278facca3eaf0c2091ad8575e85ac03aef6e8a52227511e7ee5f62bc2842dac8?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=3.9.17-1764254756"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel8@sha256:c7c6fe7ff2592c0fdf51d6e3b0ce657dffcd131c60c00ce680acd89c5c286cee_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:c7c6fe7ff2592c0fdf51d6e3b0ce657dffcd131c60c00ce680acd89c5c286cee_s390x",
"product_id": "registry.redhat.io/quay/quay-rhel8@sha256:c7c6fe7ff2592c0fdf51d6e3b0ce657dffcd131c60c00ce680acd89c5c286cee_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8@sha256%3Ac7c6fe7ff2592c0fdf51d6e3b0ce657dffcd131c60c00ce680acd89c5c286cee?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=3.9-1764254756"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:02ced94ebfcce3e21bcc71af6aa1c11db50822c91dd05cec4fb41a34e6669112_amd64 as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:02ced94ebfcce3e21bcc71af6aa1c11db50822c91dd05cec4fb41a34e6669112_amd64"
},
"product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:02ced94ebfcce3e21bcc71af6aa1c11db50822c91dd05cec4fb41a34e6669112_amd64",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:42a67bb2e5ab681eadc253b413f0bf557d63f282f270e6064f5768fecf6886e5_ppc64le as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:42a67bb2e5ab681eadc253b413f0bf557d63f282f270e6064f5768fecf6886e5_ppc64le"
},
"product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:42a67bb2e5ab681eadc253b413f0bf557d63f282f270e6064f5768fecf6886e5_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:880c746eb5822f68e41ca7b60d97799115c30f39bdc7e458f7a4101e2af36c8c_s390x as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:880c746eb5822f68e41ca7b60d97799115c30f39bdc7e458f7a4101e2af36c8c_s390x"
},
"product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:880c746eb5822f68e41ca7b60d97799115c30f39bdc7e458f7a4101e2af36c8c_s390x",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:ad995b723102f4472e4190257b61582de5c6b058b908bcee7cebe683ae77be75_arm64 as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:ad995b723102f4472e4190257b61582de5c6b058b908bcee7cebe683ae77be75_arm64"
},
"product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:ad995b723102f4472e4190257b61582de5c6b058b908bcee7cebe683ae77be75_arm64",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:49db4fa7375da6397c45b6c09e10e20f5855348e21812d64474c3adec7f1cbdd_amd64 as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:49db4fa7375da6397c45b6c09e10e20f5855348e21812d64474c3adec7f1cbdd_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:49db4fa7375da6397c45b6c09e10e20f5855348e21812d64474c3adec7f1cbdd_amd64",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:235d66a1ef93f2ae13266709a30698d444d6e481b8edbdb252d49d9aea4b76ce_amd64 as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:235d66a1ef93f2ae13266709a30698d444d6e481b8edbdb252d49d9aea4b76ce_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:235d66a1ef93f2ae13266709a30698d444d6e481b8edbdb252d49d9aea4b76ce_amd64",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:26a27da8aa0da9a6673907fe35de61cc93932386070dc3d7ad348e8c086b19d7_ppc64le as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:26a27da8aa0da9a6673907fe35de61cc93932386070dc3d7ad348e8c086b19d7_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:26a27da8aa0da9a6673907fe35de61cc93932386070dc3d7ad348e8c086b19d7_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:97dd28bc0b588ffc8fd9a171a946580c0572eb6fb34c85d5e1b799a12cf22574_arm64 as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:97dd28bc0b588ffc8fd9a171a946580c0572eb6fb34c85d5e1b799a12cf22574_arm64"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:97dd28bc0b588ffc8fd9a171a946580c0572eb6fb34c85d5e1b799a12cf22574_arm64",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b6179970b9060f74475ccd25cbb8f8a098ed5e71afb444058156e91e8a51d5a9_s390x as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b6179970b9060f74475ccd25cbb8f8a098ed5e71afb444058156e91e8a51d5a9_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b6179970b9060f74475ccd25cbb8f8a098ed5e71afb444058156e91e8a51d5a9_s390x",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:60638663af472a24a79cc4a6ec7d4d78a3d10b0e09eec80f6da6855277ff139b_arm64 as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:60638663af472a24a79cc4a6ec7d4d78a3d10b0e09eec80f6da6855277ff139b_arm64"
},
"product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:60638663af472a24a79cc4a6ec7d4d78a3d10b0e09eec80f6da6855277ff139b_arm64",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8ca3e5903314362c191c6acd1d3865436d85daf50e284760da21e28f473a8ee5_amd64 as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8ca3e5903314362c191c6acd1d3865436d85daf50e284760da21e28f473a8ee5_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8ca3e5903314362c191c6acd1d3865436d85daf50e284760da21e28f473a8ee5_amd64",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9a8d1b2e4b0497f96cbbdfa90d96239da9da8329917adca696ea6f0e20d2c2c0_ppc64le as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9a8d1b2e4b0497f96cbbdfa90d96239da9da8329917adca696ea6f0e20d2c2c0_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9a8d1b2e4b0497f96cbbdfa90d96239da9da8329917adca696ea6f0e20d2c2c0_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c622550fb4630be48a1a6e1a8f9337718e4f934b5e5cd23bcc4300beb03eeeae_s390x as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c622550fb4630be48a1a6e1a8f9337718e4f934b5e5cd23bcc4300beb03eeeae_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c622550fb4630be48a1a6e1a8f9337718e4f934b5e5cd23bcc4300beb03eeeae_s390x",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:76dd5f7b326afb6c72515daed8e65331f98cb7ad514612c06c85f14de6b525e4_arm64 as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:76dd5f7b326afb6c72515daed8e65331f98cb7ad514612c06c85f14de6b525e4_arm64"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:76dd5f7b326afb6c72515daed8e65331f98cb7ad514612c06c85f14de6b525e4_arm64",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:7cfa21df6e22c2157d2eb65b5e226863a121c8e661a1869b585ca0656fb6013a_s390x as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:7cfa21df6e22c2157d2eb65b5e226863a121c8e661a1869b585ca0656fb6013a_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:7cfa21df6e22c2157d2eb65b5e226863a121c8e661a1869b585ca0656fb6013a_s390x",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:9b69aadfde5c4cbde98f496c54ce396d1daa5277b8f59577f22855345604442e_amd64 as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:9b69aadfde5c4cbde98f496c54ce396d1daa5277b8f59577f22855345604442e_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:9b69aadfde5c4cbde98f496c54ce396d1daa5277b8f59577f22855345604442e_amd64",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:decf4b7e1917a2c551ea095c9798a65237879369e9f736a44b885e2589e5c05b_ppc64le as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:decf4b7e1917a2c551ea095c9798a65237879369e9f736a44b885e2589e5c05b_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:decf4b7e1917a2c551ea095c9798a65237879369e9f736a44b885e2589e5c05b_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:878b011b86512d01021feb10cdd54608a3ab68d2f3db5a1d53ce8feaa9e56878_amd64 as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:878b011b86512d01021feb10cdd54608a3ab68d2f3db5a1d53ce8feaa9e56878_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:878b011b86512d01021feb10cdd54608a3ab68d2f3db5a1d53ce8feaa9e56878_amd64",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:54003d9396862c6e3b675455ac8c0159662a6640bb889ffb34516d2d091275de_amd64 as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:54003d9396862c6e3b675455ac8c0159662a6640bb889ffb34516d2d091275de_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:54003d9396862c6e3b675455ac8c0159662a6640bb889ffb34516d2d091275de_amd64",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5f2ba97f71eefadd2a84b031e536619dcf1a0b76ae9225592c05b99ec87ca9dc_s390x as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5f2ba97f71eefadd2a84b031e536619dcf1a0b76ae9225592c05b99ec87ca9dc_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5f2ba97f71eefadd2a84b031e536619dcf1a0b76ae9225592c05b99ec87ca9dc_s390x",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8458e32483b897e156a5688ec6d96af2ff897e8c14dafb396c945f7c76b4c368_arm64 as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8458e32483b897e156a5688ec6d96af2ff897e8c14dafb396c945f7c76b4c368_arm64"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8458e32483b897e156a5688ec6d96af2ff897e8c14dafb396c945f7c76b4c368_arm64",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ac042b538a7498bf3020c20234966fdbc9b6817aae343985f3bf8ba9fcfdb6d6_ppc64le as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ac042b538a7498bf3020c20234966fdbc9b6817aae343985f3bf8ba9fcfdb6d6_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ac042b538a7498bf3020c20234966fdbc9b6817aae343985f3bf8ba9fcfdb6d6_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:ce217da657cabd3cf9beaff3a3b096309738c33932f2ad33d46b03870598f0c4_amd64 as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:ce217da657cabd3cf9beaff3a3b096309738c33932f2ad33d46b03870598f0c4_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-operator-bundle@sha256:ce217da657cabd3cf9beaff3a3b096309738c33932f2ad33d46b03870598f0c4_amd64",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:278facca3eaf0c2091ad8575e85ac03aef6e8a52227511e7ee5f62bc2842dac8_s390x as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:278facca3eaf0c2091ad8575e85ac03aef6e8a52227511e7ee5f62bc2842dac8_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:278facca3eaf0c2091ad8575e85ac03aef6e8a52227511e7ee5f62bc2842dac8_s390x",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:71a6e23a69d7c4723a2653f630c8b02057545c1be65e5f4401490f0364f0d43c_ppc64le as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:71a6e23a69d7c4723a2653f630c8b02057545c1be65e5f4401490f0364f0d43c_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:71a6e23a69d7c4723a2653f630c8b02057545c1be65e5f4401490f0364f0d43c_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:a6e6c1f865e6c3e237c36bbb58b3c0e533171303e21cbe4d829d05b497fcd5c7_arm64 as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:a6e6c1f865e6c3e237c36bbb58b3c0e533171303e21cbe4d829d05b497fcd5c7_arm64"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:a6e6c1f865e6c3e237c36bbb58b3c0e533171303e21cbe4d829d05b497fcd5c7_arm64",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:f4ab11e6a09b983a4af87723877338a79b45c36b3848b0e8032963a330d98467_amd64 as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:f4ab11e6a09b983a4af87723877338a79b45c36b3848b0e8032963a330d98467_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:f4ab11e6a09b983a4af87723877338a79b45c36b3848b0e8032963a330d98467_amd64",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:628dd4acfe11aef376cc6d75dc7c337c1e487113c2e78e003a3377472b22f488_ppc64le as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:628dd4acfe11aef376cc6d75dc7c337c1e487113c2e78e003a3377472b22f488_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:628dd4acfe11aef376cc6d75dc7c337c1e487113c2e78e003a3377472b22f488_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:a6813e5bf29916abf84b2d120a30cda07edf06f735c860ee4d0510ed0c59633b_amd64 as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:a6813e5bf29916abf84b2d120a30cda07edf06f735c860ee4d0510ed0c59633b_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:a6813e5bf29916abf84b2d120a30cda07edf06f735c860ee4d0510ed0c59633b_amd64",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:c7c6fe7ff2592c0fdf51d6e3b0ce657dffcd131c60c00ce680acd89c5c286cee_s390x as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c7c6fe7ff2592c0fdf51d6e3b0ce657dffcd131c60c00ce680acd89c5c286cee_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:c7c6fe7ff2592c0fdf51d6e3b0ce657dffcd131c60c00ce680acd89c5c286cee_s390x",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:f0814d33be7a101b6326fb8a536efc0fe66df764d1efa8ddda021e90e61afda9_arm64 as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f0814d33be7a101b6326fb8a536efc0fe66df764d1efa8ddda021e90e61afda9_arm64"
},
"product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:f0814d33be7a101b6326fb8a536efc0fe66df764d1efa8ddda021e90e61afda9_arm64",
"relates_to_product_reference": "Red Hat Quay 3.9"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-34156",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2024-09-06T21:20:09.377905+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:02ced94ebfcce3e21bcc71af6aa1c11db50822c91dd05cec4fb41a34e6669112_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:42a67bb2e5ab681eadc253b413f0bf557d63f282f270e6064f5768fecf6886e5_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:880c746eb5822f68e41ca7b60d97799115c30f39bdc7e458f7a4101e2af36c8c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:ad995b723102f4472e4190257b61582de5c6b058b908bcee7cebe683ae77be75_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:49db4fa7375da6397c45b6c09e10e20f5855348e21812d64474c3adec7f1cbdd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:235d66a1ef93f2ae13266709a30698d444d6e481b8edbdb252d49d9aea4b76ce_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:26a27da8aa0da9a6673907fe35de61cc93932386070dc3d7ad348e8c086b19d7_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:97dd28bc0b588ffc8fd9a171a946580c0572eb6fb34c85d5e1b799a12cf22574_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b6179970b9060f74475ccd25cbb8f8a098ed5e71afb444058156e91e8a51d5a9_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:60638663af472a24a79cc4a6ec7d4d78a3d10b0e09eec80f6da6855277ff139b_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8ca3e5903314362c191c6acd1d3865436d85daf50e284760da21e28f473a8ee5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9a8d1b2e4b0497f96cbbdfa90d96239da9da8329917adca696ea6f0e20d2c2c0_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c622550fb4630be48a1a6e1a8f9337718e4f934b5e5cd23bcc4300beb03eeeae_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:76dd5f7b326afb6c72515daed8e65331f98cb7ad514612c06c85f14de6b525e4_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:7cfa21df6e22c2157d2eb65b5e226863a121c8e661a1869b585ca0656fb6013a_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:9b69aadfde5c4cbde98f496c54ce396d1daa5277b8f59577f22855345604442e_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:decf4b7e1917a2c551ea095c9798a65237879369e9f736a44b885e2589e5c05b_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:878b011b86512d01021feb10cdd54608a3ab68d2f3db5a1d53ce8feaa9e56878_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:54003d9396862c6e3b675455ac8c0159662a6640bb889ffb34516d2d091275de_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5f2ba97f71eefadd2a84b031e536619dcf1a0b76ae9225592c05b99ec87ca9dc_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8458e32483b897e156a5688ec6d96af2ff897e8c14dafb396c945f7c76b4c368_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ac042b538a7498bf3020c20234966fdbc9b6817aae343985f3bf8ba9fcfdb6d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:ce217da657cabd3cf9beaff3a3b096309738c33932f2ad33d46b03870598f0c4_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:628dd4acfe11aef376cc6d75dc7c337c1e487113c2e78e003a3377472b22f488_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:a6813e5bf29916abf84b2d120a30cda07edf06f735c860ee4d0510ed0c59633b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c7c6fe7ff2592c0fdf51d6e3b0ce657dffcd131c60c00ce680acd89c5c286cee_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f0814d33be7a101b6326fb8a536efc0fe66df764d1efa8ddda021e90e61afda9_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310528"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in Go\u0027s `encoding/gob` package is of high severity because it exposes applications to potential Denial of Service (DoS) attacks through stack exhaustion. Since `gob` relies on recursive function calls to decode nested structures, an attacker could exploit this by sending crafted messages with excessively deep nesting, causing the application to panic due to stack overflow. This risk is particularly important in scenarios where untrusted or external input is processed, as it can lead to system unavailability or crashes, undermining the reliability and availability of services.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:278facca3eaf0c2091ad8575e85ac03aef6e8a52227511e7ee5f62bc2842dac8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:71a6e23a69d7c4723a2653f630c8b02057545c1be65e5f4401490f0364f0d43c_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:a6e6c1f865e6c3e237c36bbb58b3c0e533171303e21cbe4d829d05b497fcd5c7_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:f4ab11e6a09b983a4af87723877338a79b45c36b3848b0e8032963a330d98467_amd64"
],
"known_not_affected": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:02ced94ebfcce3e21bcc71af6aa1c11db50822c91dd05cec4fb41a34e6669112_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:42a67bb2e5ab681eadc253b413f0bf557d63f282f270e6064f5768fecf6886e5_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:880c746eb5822f68e41ca7b60d97799115c30f39bdc7e458f7a4101e2af36c8c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:ad995b723102f4472e4190257b61582de5c6b058b908bcee7cebe683ae77be75_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:49db4fa7375da6397c45b6c09e10e20f5855348e21812d64474c3adec7f1cbdd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:235d66a1ef93f2ae13266709a30698d444d6e481b8edbdb252d49d9aea4b76ce_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:26a27da8aa0da9a6673907fe35de61cc93932386070dc3d7ad348e8c086b19d7_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:97dd28bc0b588ffc8fd9a171a946580c0572eb6fb34c85d5e1b799a12cf22574_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b6179970b9060f74475ccd25cbb8f8a098ed5e71afb444058156e91e8a51d5a9_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:60638663af472a24a79cc4a6ec7d4d78a3d10b0e09eec80f6da6855277ff139b_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8ca3e5903314362c191c6acd1d3865436d85daf50e284760da21e28f473a8ee5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9a8d1b2e4b0497f96cbbdfa90d96239da9da8329917adca696ea6f0e20d2c2c0_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c622550fb4630be48a1a6e1a8f9337718e4f934b5e5cd23bcc4300beb03eeeae_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:76dd5f7b326afb6c72515daed8e65331f98cb7ad514612c06c85f14de6b525e4_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:7cfa21df6e22c2157d2eb65b5e226863a121c8e661a1869b585ca0656fb6013a_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:9b69aadfde5c4cbde98f496c54ce396d1daa5277b8f59577f22855345604442e_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:decf4b7e1917a2c551ea095c9798a65237879369e9f736a44b885e2589e5c05b_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:878b011b86512d01021feb10cdd54608a3ab68d2f3db5a1d53ce8feaa9e56878_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:54003d9396862c6e3b675455ac8c0159662a6640bb889ffb34516d2d091275de_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5f2ba97f71eefadd2a84b031e536619dcf1a0b76ae9225592c05b99ec87ca9dc_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8458e32483b897e156a5688ec6d96af2ff897e8c14dafb396c945f7c76b4c368_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ac042b538a7498bf3020c20234966fdbc9b6817aae343985f3bf8ba9fcfdb6d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:ce217da657cabd3cf9beaff3a3b096309738c33932f2ad33d46b03870598f0c4_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:628dd4acfe11aef376cc6d75dc7c337c1e487113c2e78e003a3377472b22f488_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:a6813e5bf29916abf84b2d120a30cda07edf06f735c860ee4d0510ed0c59633b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c7c6fe7ff2592c0fdf51d6e3b0ce657dffcd131c60c00ce680acd89c5c286cee_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f0814d33be7a101b6326fb8a536efc0fe66df764d1efa8ddda021e90e61afda9_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-34156"
},
{
"category": "external",
"summary": "RHBZ#2310528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310528"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-34156",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34156"
},
{
"category": "external",
"summary": "https://go.dev/cl/611239",
"url": "https://go.dev/cl/611239"
},
{
"category": "external",
"summary": "https://go.dev/issue/69139",
"url": "https://go.dev/issue/69139"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk",
"url": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3106",
"url": "https://pkg.go.dev/vuln/GO-2024-3106"
}
],
"release_date": "2024-09-06T21:15:12.020000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-27T14:54:51+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:278facca3eaf0c2091ad8575e85ac03aef6e8a52227511e7ee5f62bc2842dac8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:71a6e23a69d7c4723a2653f630c8b02057545c1be65e5f4401490f0364f0d43c_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:a6e6c1f865e6c3e237c36bbb58b3c0e533171303e21cbe4d829d05b497fcd5c7_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:f4ab11e6a09b983a4af87723877338a79b45c36b3848b0e8032963a330d98467_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22287"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:02ced94ebfcce3e21bcc71af6aa1c11db50822c91dd05cec4fb41a34e6669112_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:42a67bb2e5ab681eadc253b413f0bf557d63f282f270e6064f5768fecf6886e5_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:880c746eb5822f68e41ca7b60d97799115c30f39bdc7e458f7a4101e2af36c8c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:ad995b723102f4472e4190257b61582de5c6b058b908bcee7cebe683ae77be75_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:49db4fa7375da6397c45b6c09e10e20f5855348e21812d64474c3adec7f1cbdd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:235d66a1ef93f2ae13266709a30698d444d6e481b8edbdb252d49d9aea4b76ce_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:26a27da8aa0da9a6673907fe35de61cc93932386070dc3d7ad348e8c086b19d7_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:97dd28bc0b588ffc8fd9a171a946580c0572eb6fb34c85d5e1b799a12cf22574_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b6179970b9060f74475ccd25cbb8f8a098ed5e71afb444058156e91e8a51d5a9_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:60638663af472a24a79cc4a6ec7d4d78a3d10b0e09eec80f6da6855277ff139b_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8ca3e5903314362c191c6acd1d3865436d85daf50e284760da21e28f473a8ee5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9a8d1b2e4b0497f96cbbdfa90d96239da9da8329917adca696ea6f0e20d2c2c0_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c622550fb4630be48a1a6e1a8f9337718e4f934b5e5cd23bcc4300beb03eeeae_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:76dd5f7b326afb6c72515daed8e65331f98cb7ad514612c06c85f14de6b525e4_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:7cfa21df6e22c2157d2eb65b5e226863a121c8e661a1869b585ca0656fb6013a_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:9b69aadfde5c4cbde98f496c54ce396d1daa5277b8f59577f22855345604442e_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:decf4b7e1917a2c551ea095c9798a65237879369e9f736a44b885e2589e5c05b_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:878b011b86512d01021feb10cdd54608a3ab68d2f3db5a1d53ce8feaa9e56878_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:54003d9396862c6e3b675455ac8c0159662a6640bb889ffb34516d2d091275de_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5f2ba97f71eefadd2a84b031e536619dcf1a0b76ae9225592c05b99ec87ca9dc_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8458e32483b897e156a5688ec6d96af2ff897e8c14dafb396c945f7c76b4c368_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ac042b538a7498bf3020c20234966fdbc9b6817aae343985f3bf8ba9fcfdb6d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:ce217da657cabd3cf9beaff3a3b096309738c33932f2ad33d46b03870598f0c4_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:278facca3eaf0c2091ad8575e85ac03aef6e8a52227511e7ee5f62bc2842dac8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:71a6e23a69d7c4723a2653f630c8b02057545c1be65e5f4401490f0364f0d43c_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:a6e6c1f865e6c3e237c36bbb58b3c0e533171303e21cbe4d829d05b497fcd5c7_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:f4ab11e6a09b983a4af87723877338a79b45c36b3848b0e8032963a330d98467_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:628dd4acfe11aef376cc6d75dc7c337c1e487113c2e78e003a3377472b22f488_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:a6813e5bf29916abf84b2d120a30cda07edf06f735c860ee4d0510ed0c59633b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c7c6fe7ff2592c0fdf51d6e3b0ce657dffcd131c60c00ce680acd89c5c286cee_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f0814d33be7a101b6326fb8a536efc0fe66df764d1efa8ddda021e90e61afda9_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:02ced94ebfcce3e21bcc71af6aa1c11db50822c91dd05cec4fb41a34e6669112_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:42a67bb2e5ab681eadc253b413f0bf557d63f282f270e6064f5768fecf6886e5_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:880c746eb5822f68e41ca7b60d97799115c30f39bdc7e458f7a4101e2af36c8c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:ad995b723102f4472e4190257b61582de5c6b058b908bcee7cebe683ae77be75_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:49db4fa7375da6397c45b6c09e10e20f5855348e21812d64474c3adec7f1cbdd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:235d66a1ef93f2ae13266709a30698d444d6e481b8edbdb252d49d9aea4b76ce_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:26a27da8aa0da9a6673907fe35de61cc93932386070dc3d7ad348e8c086b19d7_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:97dd28bc0b588ffc8fd9a171a946580c0572eb6fb34c85d5e1b799a12cf22574_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b6179970b9060f74475ccd25cbb8f8a098ed5e71afb444058156e91e8a51d5a9_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:60638663af472a24a79cc4a6ec7d4d78a3d10b0e09eec80f6da6855277ff139b_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8ca3e5903314362c191c6acd1d3865436d85daf50e284760da21e28f473a8ee5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9a8d1b2e4b0497f96cbbdfa90d96239da9da8329917adca696ea6f0e20d2c2c0_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c622550fb4630be48a1a6e1a8f9337718e4f934b5e5cd23bcc4300beb03eeeae_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:76dd5f7b326afb6c72515daed8e65331f98cb7ad514612c06c85f14de6b525e4_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:7cfa21df6e22c2157d2eb65b5e226863a121c8e661a1869b585ca0656fb6013a_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:9b69aadfde5c4cbde98f496c54ce396d1daa5277b8f59577f22855345604442e_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:decf4b7e1917a2c551ea095c9798a65237879369e9f736a44b885e2589e5c05b_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:878b011b86512d01021feb10cdd54608a3ab68d2f3db5a1d53ce8feaa9e56878_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:54003d9396862c6e3b675455ac8c0159662a6640bb889ffb34516d2d091275de_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5f2ba97f71eefadd2a84b031e536619dcf1a0b76ae9225592c05b99ec87ca9dc_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8458e32483b897e156a5688ec6d96af2ff897e8c14dafb396c945f7c76b4c368_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ac042b538a7498bf3020c20234966fdbc9b6817aae343985f3bf8ba9fcfdb6d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:ce217da657cabd3cf9beaff3a3b096309738c33932f2ad33d46b03870598f0c4_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:278facca3eaf0c2091ad8575e85ac03aef6e8a52227511e7ee5f62bc2842dac8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:71a6e23a69d7c4723a2653f630c8b02057545c1be65e5f4401490f0364f0d43c_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:a6e6c1f865e6c3e237c36bbb58b3c0e533171303e21cbe4d829d05b497fcd5c7_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:f4ab11e6a09b983a4af87723877338a79b45c36b3848b0e8032963a330d98467_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:628dd4acfe11aef376cc6d75dc7c337c1e487113c2e78e003a3377472b22f488_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:a6813e5bf29916abf84b2d120a30cda07edf06f735c860ee4d0510ed0c59633b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c7c6fe7ff2592c0fdf51d6e3b0ce657dffcd131c60c00ce680acd89c5c286cee_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f0814d33be7a101b6326fb8a536efc0fe66df764d1efa8ddda021e90e61afda9_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion"
},
{
"cve": "CVE-2024-45337",
"cwe": {
"id": "CWE-285",
"name": "Improper Authorization"
},
"discovery_date": "2024-12-11T19:00:54.247490+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:02ced94ebfcce3e21bcc71af6aa1c11db50822c91dd05cec4fb41a34e6669112_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:42a67bb2e5ab681eadc253b413f0bf557d63f282f270e6064f5768fecf6886e5_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:880c746eb5822f68e41ca7b60d97799115c30f39bdc7e458f7a4101e2af36c8c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:ad995b723102f4472e4190257b61582de5c6b058b908bcee7cebe683ae77be75_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:49db4fa7375da6397c45b6c09e10e20f5855348e21812d64474c3adec7f1cbdd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:235d66a1ef93f2ae13266709a30698d444d6e481b8edbdb252d49d9aea4b76ce_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:26a27da8aa0da9a6673907fe35de61cc93932386070dc3d7ad348e8c086b19d7_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:97dd28bc0b588ffc8fd9a171a946580c0572eb6fb34c85d5e1b799a12cf22574_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b6179970b9060f74475ccd25cbb8f8a098ed5e71afb444058156e91e8a51d5a9_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:60638663af472a24a79cc4a6ec7d4d78a3d10b0e09eec80f6da6855277ff139b_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8ca3e5903314362c191c6acd1d3865436d85daf50e284760da21e28f473a8ee5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9a8d1b2e4b0497f96cbbdfa90d96239da9da8329917adca696ea6f0e20d2c2c0_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c622550fb4630be48a1a6e1a8f9337718e4f934b5e5cd23bcc4300beb03eeeae_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:76dd5f7b326afb6c72515daed8e65331f98cb7ad514612c06c85f14de6b525e4_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:7cfa21df6e22c2157d2eb65b5e226863a121c8e661a1869b585ca0656fb6013a_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:9b69aadfde5c4cbde98f496c54ce396d1daa5277b8f59577f22855345604442e_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:decf4b7e1917a2c551ea095c9798a65237879369e9f736a44b885e2589e5c05b_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:878b011b86512d01021feb10cdd54608a3ab68d2f3db5a1d53ce8feaa9e56878_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:54003d9396862c6e3b675455ac8c0159662a6640bb889ffb34516d2d091275de_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5f2ba97f71eefadd2a84b031e536619dcf1a0b76ae9225592c05b99ec87ca9dc_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8458e32483b897e156a5688ec6d96af2ff897e8c14dafb396c945f7c76b4c368_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ac042b538a7498bf3020c20234966fdbc9b6817aae343985f3bf8ba9fcfdb6d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:ce217da657cabd3cf9beaff3a3b096309738c33932f2ad33d46b03870598f0c4_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:628dd4acfe11aef376cc6d75dc7c337c1e487113c2e78e003a3377472b22f488_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:a6813e5bf29916abf84b2d120a30cda07edf06f735c860ee4d0510ed0c59633b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c7c6fe7ff2592c0fdf51d6e3b0ce657dffcd131c60c00ce680acd89c5c286cee_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f0814d33be7a101b6326fb8a536efc0fe66df764d1efa8ddda021e90e61afda9_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2331720"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the x/crypto/ssh go library. Applications and libraries that misuse the ServerConfig.PublicKeyCallback callback may be susceptible to an authorization bypass. For example, an attacker may send public keys A and B and authenticate with A. PublicKeyCallback would be called only twice, first with A and then with B. A vulnerable application may then make authorization decisions based on key B, for which the attacker does not control the private key. The misuse of ServerConfig.PublicKeyCallback may cause an authorization bypass.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is classified as important rather than critical because it does not directly enable unauthorized access but rather introduces a risk of authorization bypass if the application or library misuses the PublicKeyCallback API. The vulnerability relies on incorrect assumptions made by the application when handling the sequence or state of keys provided during SSH authentication. Properly implemented systems that use the Permissions field or avoid relying on external state remain unaffected. Additionally, the vulnerability does not allow direct exploitation to gain control over a system without the presence of insecure logic in the application\u0027s handling of authentication attempts.\n\n\nRed Hat Enterprise Linux(RHEL) 8 \u0026 9 and Red Hat Openshift marked as not affected as it was determined that the problem function `ServerConfig.PublicKeyCallback`, as noted in the CVE-2024-45337 issue, is not called by Podman, Buildah, containers-common, or the gvisor-tap-vsock projects.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:278facca3eaf0c2091ad8575e85ac03aef6e8a52227511e7ee5f62bc2842dac8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:71a6e23a69d7c4723a2653f630c8b02057545c1be65e5f4401490f0364f0d43c_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:a6e6c1f865e6c3e237c36bbb58b3c0e533171303e21cbe4d829d05b497fcd5c7_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:f4ab11e6a09b983a4af87723877338a79b45c36b3848b0e8032963a330d98467_amd64"
],
"known_not_affected": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:02ced94ebfcce3e21bcc71af6aa1c11db50822c91dd05cec4fb41a34e6669112_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:42a67bb2e5ab681eadc253b413f0bf557d63f282f270e6064f5768fecf6886e5_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:880c746eb5822f68e41ca7b60d97799115c30f39bdc7e458f7a4101e2af36c8c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:ad995b723102f4472e4190257b61582de5c6b058b908bcee7cebe683ae77be75_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:49db4fa7375da6397c45b6c09e10e20f5855348e21812d64474c3adec7f1cbdd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:235d66a1ef93f2ae13266709a30698d444d6e481b8edbdb252d49d9aea4b76ce_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:26a27da8aa0da9a6673907fe35de61cc93932386070dc3d7ad348e8c086b19d7_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:97dd28bc0b588ffc8fd9a171a946580c0572eb6fb34c85d5e1b799a12cf22574_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b6179970b9060f74475ccd25cbb8f8a098ed5e71afb444058156e91e8a51d5a9_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:60638663af472a24a79cc4a6ec7d4d78a3d10b0e09eec80f6da6855277ff139b_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8ca3e5903314362c191c6acd1d3865436d85daf50e284760da21e28f473a8ee5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9a8d1b2e4b0497f96cbbdfa90d96239da9da8329917adca696ea6f0e20d2c2c0_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c622550fb4630be48a1a6e1a8f9337718e4f934b5e5cd23bcc4300beb03eeeae_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:76dd5f7b326afb6c72515daed8e65331f98cb7ad514612c06c85f14de6b525e4_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:7cfa21df6e22c2157d2eb65b5e226863a121c8e661a1869b585ca0656fb6013a_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:9b69aadfde5c4cbde98f496c54ce396d1daa5277b8f59577f22855345604442e_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:decf4b7e1917a2c551ea095c9798a65237879369e9f736a44b885e2589e5c05b_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:878b011b86512d01021feb10cdd54608a3ab68d2f3db5a1d53ce8feaa9e56878_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:54003d9396862c6e3b675455ac8c0159662a6640bb889ffb34516d2d091275de_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5f2ba97f71eefadd2a84b031e536619dcf1a0b76ae9225592c05b99ec87ca9dc_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8458e32483b897e156a5688ec6d96af2ff897e8c14dafb396c945f7c76b4c368_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ac042b538a7498bf3020c20234966fdbc9b6817aae343985f3bf8ba9fcfdb6d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:ce217da657cabd3cf9beaff3a3b096309738c33932f2ad33d46b03870598f0c4_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:628dd4acfe11aef376cc6d75dc7c337c1e487113c2e78e003a3377472b22f488_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:a6813e5bf29916abf84b2d120a30cda07edf06f735c860ee4d0510ed0c59633b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c7c6fe7ff2592c0fdf51d6e3b0ce657dffcd131c60c00ce680acd89c5c286cee_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f0814d33be7a101b6326fb8a536efc0fe66df764d1efa8ddda021e90e61afda9_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45337"
},
{
"category": "external",
"summary": "RHBZ#2331720",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331720"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45337",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45337"
},
{
"category": "external",
"summary": "https://github.com/golang/crypto/commit/b4f1988a35dee11ec3e05d6bf3e90b695fbd8909",
"url": "https://github.com/golang/crypto/commit/b4f1988a35dee11ec3e05d6bf3e90b695fbd8909"
},
{
"category": "external",
"summary": "https://go.dev/cl/635315",
"url": "https://go.dev/cl/635315"
},
{
"category": "external",
"summary": "https://go.dev/issue/70779",
"url": "https://go.dev/issue/70779"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/-nPEi39gI4Q/m/cGVPJCqdAQAJ",
"url": "https://groups.google.com/g/golang-announce/c/-nPEi39gI4Q/m/cGVPJCqdAQAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3321",
"url": "https://pkg.go.dev/vuln/GO-2024-3321"
}
],
"release_date": "2024-12-11T18:55:58.506000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-27T14:54:51+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:278facca3eaf0c2091ad8575e85ac03aef6e8a52227511e7ee5f62bc2842dac8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:71a6e23a69d7c4723a2653f630c8b02057545c1be65e5f4401490f0364f0d43c_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:a6e6c1f865e6c3e237c36bbb58b3c0e533171303e21cbe4d829d05b497fcd5c7_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:f4ab11e6a09b983a4af87723877338a79b45c36b3848b0e8032963a330d98467_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22287"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:02ced94ebfcce3e21bcc71af6aa1c11db50822c91dd05cec4fb41a34e6669112_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:42a67bb2e5ab681eadc253b413f0bf557d63f282f270e6064f5768fecf6886e5_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:880c746eb5822f68e41ca7b60d97799115c30f39bdc7e458f7a4101e2af36c8c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:ad995b723102f4472e4190257b61582de5c6b058b908bcee7cebe683ae77be75_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:49db4fa7375da6397c45b6c09e10e20f5855348e21812d64474c3adec7f1cbdd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:235d66a1ef93f2ae13266709a30698d444d6e481b8edbdb252d49d9aea4b76ce_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:26a27da8aa0da9a6673907fe35de61cc93932386070dc3d7ad348e8c086b19d7_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:97dd28bc0b588ffc8fd9a171a946580c0572eb6fb34c85d5e1b799a12cf22574_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b6179970b9060f74475ccd25cbb8f8a098ed5e71afb444058156e91e8a51d5a9_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:60638663af472a24a79cc4a6ec7d4d78a3d10b0e09eec80f6da6855277ff139b_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8ca3e5903314362c191c6acd1d3865436d85daf50e284760da21e28f473a8ee5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9a8d1b2e4b0497f96cbbdfa90d96239da9da8329917adca696ea6f0e20d2c2c0_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c622550fb4630be48a1a6e1a8f9337718e4f934b5e5cd23bcc4300beb03eeeae_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:76dd5f7b326afb6c72515daed8e65331f98cb7ad514612c06c85f14de6b525e4_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:7cfa21df6e22c2157d2eb65b5e226863a121c8e661a1869b585ca0656fb6013a_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:9b69aadfde5c4cbde98f496c54ce396d1daa5277b8f59577f22855345604442e_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:decf4b7e1917a2c551ea095c9798a65237879369e9f736a44b885e2589e5c05b_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:878b011b86512d01021feb10cdd54608a3ab68d2f3db5a1d53ce8feaa9e56878_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:54003d9396862c6e3b675455ac8c0159662a6640bb889ffb34516d2d091275de_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5f2ba97f71eefadd2a84b031e536619dcf1a0b76ae9225592c05b99ec87ca9dc_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8458e32483b897e156a5688ec6d96af2ff897e8c14dafb396c945f7c76b4c368_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ac042b538a7498bf3020c20234966fdbc9b6817aae343985f3bf8ba9fcfdb6d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:ce217da657cabd3cf9beaff3a3b096309738c33932f2ad33d46b03870598f0c4_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:278facca3eaf0c2091ad8575e85ac03aef6e8a52227511e7ee5f62bc2842dac8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:71a6e23a69d7c4723a2653f630c8b02057545c1be65e5f4401490f0364f0d43c_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:a6e6c1f865e6c3e237c36bbb58b3c0e533171303e21cbe4d829d05b497fcd5c7_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:f4ab11e6a09b983a4af87723877338a79b45c36b3848b0e8032963a330d98467_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:628dd4acfe11aef376cc6d75dc7c337c1e487113c2e78e003a3377472b22f488_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:a6813e5bf29916abf84b2d120a30cda07edf06f735c860ee4d0510ed0c59633b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c7c6fe7ff2592c0fdf51d6e3b0ce657dffcd131c60c00ce680acd89c5c286cee_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f0814d33be7a101b6326fb8a536efc0fe66df764d1efa8ddda021e90e61afda9_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:02ced94ebfcce3e21bcc71af6aa1c11db50822c91dd05cec4fb41a34e6669112_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:42a67bb2e5ab681eadc253b413f0bf557d63f282f270e6064f5768fecf6886e5_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:880c746eb5822f68e41ca7b60d97799115c30f39bdc7e458f7a4101e2af36c8c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:ad995b723102f4472e4190257b61582de5c6b058b908bcee7cebe683ae77be75_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:49db4fa7375da6397c45b6c09e10e20f5855348e21812d64474c3adec7f1cbdd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:235d66a1ef93f2ae13266709a30698d444d6e481b8edbdb252d49d9aea4b76ce_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:26a27da8aa0da9a6673907fe35de61cc93932386070dc3d7ad348e8c086b19d7_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:97dd28bc0b588ffc8fd9a171a946580c0572eb6fb34c85d5e1b799a12cf22574_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b6179970b9060f74475ccd25cbb8f8a098ed5e71afb444058156e91e8a51d5a9_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:60638663af472a24a79cc4a6ec7d4d78a3d10b0e09eec80f6da6855277ff139b_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8ca3e5903314362c191c6acd1d3865436d85daf50e284760da21e28f473a8ee5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9a8d1b2e4b0497f96cbbdfa90d96239da9da8329917adca696ea6f0e20d2c2c0_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c622550fb4630be48a1a6e1a8f9337718e4f934b5e5cd23bcc4300beb03eeeae_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:76dd5f7b326afb6c72515daed8e65331f98cb7ad514612c06c85f14de6b525e4_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:7cfa21df6e22c2157d2eb65b5e226863a121c8e661a1869b585ca0656fb6013a_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:9b69aadfde5c4cbde98f496c54ce396d1daa5277b8f59577f22855345604442e_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:decf4b7e1917a2c551ea095c9798a65237879369e9f736a44b885e2589e5c05b_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:878b011b86512d01021feb10cdd54608a3ab68d2f3db5a1d53ce8feaa9e56878_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:54003d9396862c6e3b675455ac8c0159662a6640bb889ffb34516d2d091275de_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5f2ba97f71eefadd2a84b031e536619dcf1a0b76ae9225592c05b99ec87ca9dc_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8458e32483b897e156a5688ec6d96af2ff897e8c14dafb396c945f7c76b4c368_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ac042b538a7498bf3020c20234966fdbc9b6817aae343985f3bf8ba9fcfdb6d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:ce217da657cabd3cf9beaff3a3b096309738c33932f2ad33d46b03870598f0c4_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:278facca3eaf0c2091ad8575e85ac03aef6e8a52227511e7ee5f62bc2842dac8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:71a6e23a69d7c4723a2653f630c8b02057545c1be65e5f4401490f0364f0d43c_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:a6e6c1f865e6c3e237c36bbb58b3c0e533171303e21cbe4d829d05b497fcd5c7_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:f4ab11e6a09b983a4af87723877338a79b45c36b3848b0e8032963a330d98467_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:628dd4acfe11aef376cc6d75dc7c337c1e487113c2e78e003a3377472b22f488_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:a6813e5bf29916abf84b2d120a30cda07edf06f735c860ee4d0510ed0c59633b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c7c6fe7ff2592c0fdf51d6e3b0ce657dffcd131c60c00ce680acd89c5c286cee_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f0814d33be7a101b6326fb8a536efc0fe66df764d1efa8ddda021e90e61afda9_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto"
},
{
"cve": "CVE-2024-45338",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-12-18T21:00:59.938173+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:02ced94ebfcce3e21bcc71af6aa1c11db50822c91dd05cec4fb41a34e6669112_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:42a67bb2e5ab681eadc253b413f0bf557d63f282f270e6064f5768fecf6886e5_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:880c746eb5822f68e41ca7b60d97799115c30f39bdc7e458f7a4101e2af36c8c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:ad995b723102f4472e4190257b61582de5c6b058b908bcee7cebe683ae77be75_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:49db4fa7375da6397c45b6c09e10e20f5855348e21812d64474c3adec7f1cbdd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:235d66a1ef93f2ae13266709a30698d444d6e481b8edbdb252d49d9aea4b76ce_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:26a27da8aa0da9a6673907fe35de61cc93932386070dc3d7ad348e8c086b19d7_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:97dd28bc0b588ffc8fd9a171a946580c0572eb6fb34c85d5e1b799a12cf22574_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b6179970b9060f74475ccd25cbb8f8a098ed5e71afb444058156e91e8a51d5a9_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:60638663af472a24a79cc4a6ec7d4d78a3d10b0e09eec80f6da6855277ff139b_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8ca3e5903314362c191c6acd1d3865436d85daf50e284760da21e28f473a8ee5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9a8d1b2e4b0497f96cbbdfa90d96239da9da8329917adca696ea6f0e20d2c2c0_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c622550fb4630be48a1a6e1a8f9337718e4f934b5e5cd23bcc4300beb03eeeae_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:76dd5f7b326afb6c72515daed8e65331f98cb7ad514612c06c85f14de6b525e4_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:7cfa21df6e22c2157d2eb65b5e226863a121c8e661a1869b585ca0656fb6013a_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:9b69aadfde5c4cbde98f496c54ce396d1daa5277b8f59577f22855345604442e_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:decf4b7e1917a2c551ea095c9798a65237879369e9f736a44b885e2589e5c05b_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:878b011b86512d01021feb10cdd54608a3ab68d2f3db5a1d53ce8feaa9e56878_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:54003d9396862c6e3b675455ac8c0159662a6640bb889ffb34516d2d091275de_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5f2ba97f71eefadd2a84b031e536619dcf1a0b76ae9225592c05b99ec87ca9dc_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8458e32483b897e156a5688ec6d96af2ff897e8c14dafb396c945f7c76b4c368_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ac042b538a7498bf3020c20234966fdbc9b6817aae343985f3bf8ba9fcfdb6d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:ce217da657cabd3cf9beaff3a3b096309738c33932f2ad33d46b03870598f0c4_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:628dd4acfe11aef376cc6d75dc7c337c1e487113c2e78e003a3377472b22f488_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:a6813e5bf29916abf84b2d120a30cda07edf06f735c860ee4d0510ed0c59633b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c7c6fe7ff2592c0fdf51d6e3b0ce657dffcd131c60c00ce680acd89c5c286cee_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f0814d33be7a101b6326fb8a536efc0fe66df764d1efa8ddda021e90e61afda9_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2333122"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/net/html. This flaw allows an attacker to craft input to the parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This issue can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as an Important severity because an attacker can craft malicious input that causes the parsing functions to process data non-linearly, resulting in significant delays which leads to a denial of service by exhausting system resources.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:278facca3eaf0c2091ad8575e85ac03aef6e8a52227511e7ee5f62bc2842dac8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:71a6e23a69d7c4723a2653f630c8b02057545c1be65e5f4401490f0364f0d43c_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:a6e6c1f865e6c3e237c36bbb58b3c0e533171303e21cbe4d829d05b497fcd5c7_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:f4ab11e6a09b983a4af87723877338a79b45c36b3848b0e8032963a330d98467_amd64"
],
"known_not_affected": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:02ced94ebfcce3e21bcc71af6aa1c11db50822c91dd05cec4fb41a34e6669112_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:42a67bb2e5ab681eadc253b413f0bf557d63f282f270e6064f5768fecf6886e5_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:880c746eb5822f68e41ca7b60d97799115c30f39bdc7e458f7a4101e2af36c8c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:ad995b723102f4472e4190257b61582de5c6b058b908bcee7cebe683ae77be75_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:49db4fa7375da6397c45b6c09e10e20f5855348e21812d64474c3adec7f1cbdd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:235d66a1ef93f2ae13266709a30698d444d6e481b8edbdb252d49d9aea4b76ce_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:26a27da8aa0da9a6673907fe35de61cc93932386070dc3d7ad348e8c086b19d7_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:97dd28bc0b588ffc8fd9a171a946580c0572eb6fb34c85d5e1b799a12cf22574_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b6179970b9060f74475ccd25cbb8f8a098ed5e71afb444058156e91e8a51d5a9_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:60638663af472a24a79cc4a6ec7d4d78a3d10b0e09eec80f6da6855277ff139b_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8ca3e5903314362c191c6acd1d3865436d85daf50e284760da21e28f473a8ee5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9a8d1b2e4b0497f96cbbdfa90d96239da9da8329917adca696ea6f0e20d2c2c0_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c622550fb4630be48a1a6e1a8f9337718e4f934b5e5cd23bcc4300beb03eeeae_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:76dd5f7b326afb6c72515daed8e65331f98cb7ad514612c06c85f14de6b525e4_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:7cfa21df6e22c2157d2eb65b5e226863a121c8e661a1869b585ca0656fb6013a_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:9b69aadfde5c4cbde98f496c54ce396d1daa5277b8f59577f22855345604442e_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:decf4b7e1917a2c551ea095c9798a65237879369e9f736a44b885e2589e5c05b_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:878b011b86512d01021feb10cdd54608a3ab68d2f3db5a1d53ce8feaa9e56878_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:54003d9396862c6e3b675455ac8c0159662a6640bb889ffb34516d2d091275de_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5f2ba97f71eefadd2a84b031e536619dcf1a0b76ae9225592c05b99ec87ca9dc_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8458e32483b897e156a5688ec6d96af2ff897e8c14dafb396c945f7c76b4c368_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ac042b538a7498bf3020c20234966fdbc9b6817aae343985f3bf8ba9fcfdb6d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:ce217da657cabd3cf9beaff3a3b096309738c33932f2ad33d46b03870598f0c4_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:628dd4acfe11aef376cc6d75dc7c337c1e487113c2e78e003a3377472b22f488_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:a6813e5bf29916abf84b2d120a30cda07edf06f735c860ee4d0510ed0c59633b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c7c6fe7ff2592c0fdf51d6e3b0ce657dffcd131c60c00ce680acd89c5c286cee_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f0814d33be7a101b6326fb8a536efc0fe66df764d1efa8ddda021e90e61afda9_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45338"
},
{
"category": "external",
"summary": "RHBZ#2333122",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333122"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45338"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338"
},
{
"category": "external",
"summary": "https://go.dev/cl/637536",
"url": "https://go.dev/cl/637536"
},
{
"category": "external",
"summary": "https://go.dev/issue/70906",
"url": "https://go.dev/issue/70906"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ",
"url": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3333",
"url": "https://pkg.go.dev/vuln/GO-2024-3333"
}
],
"release_date": "2024-12-18T20:38:22.660000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-27T14:54:51+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:278facca3eaf0c2091ad8575e85ac03aef6e8a52227511e7ee5f62bc2842dac8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:71a6e23a69d7c4723a2653f630c8b02057545c1be65e5f4401490f0364f0d43c_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:a6e6c1f865e6c3e237c36bbb58b3c0e533171303e21cbe4d829d05b497fcd5c7_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:f4ab11e6a09b983a4af87723877338a79b45c36b3848b0e8032963a330d98467_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22287"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:02ced94ebfcce3e21bcc71af6aa1c11db50822c91dd05cec4fb41a34e6669112_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:42a67bb2e5ab681eadc253b413f0bf557d63f282f270e6064f5768fecf6886e5_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:880c746eb5822f68e41ca7b60d97799115c30f39bdc7e458f7a4101e2af36c8c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:ad995b723102f4472e4190257b61582de5c6b058b908bcee7cebe683ae77be75_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:49db4fa7375da6397c45b6c09e10e20f5855348e21812d64474c3adec7f1cbdd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:235d66a1ef93f2ae13266709a30698d444d6e481b8edbdb252d49d9aea4b76ce_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:26a27da8aa0da9a6673907fe35de61cc93932386070dc3d7ad348e8c086b19d7_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:97dd28bc0b588ffc8fd9a171a946580c0572eb6fb34c85d5e1b799a12cf22574_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b6179970b9060f74475ccd25cbb8f8a098ed5e71afb444058156e91e8a51d5a9_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:60638663af472a24a79cc4a6ec7d4d78a3d10b0e09eec80f6da6855277ff139b_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8ca3e5903314362c191c6acd1d3865436d85daf50e284760da21e28f473a8ee5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9a8d1b2e4b0497f96cbbdfa90d96239da9da8329917adca696ea6f0e20d2c2c0_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c622550fb4630be48a1a6e1a8f9337718e4f934b5e5cd23bcc4300beb03eeeae_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:76dd5f7b326afb6c72515daed8e65331f98cb7ad514612c06c85f14de6b525e4_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:7cfa21df6e22c2157d2eb65b5e226863a121c8e661a1869b585ca0656fb6013a_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:9b69aadfde5c4cbde98f496c54ce396d1daa5277b8f59577f22855345604442e_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:decf4b7e1917a2c551ea095c9798a65237879369e9f736a44b885e2589e5c05b_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:878b011b86512d01021feb10cdd54608a3ab68d2f3db5a1d53ce8feaa9e56878_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:54003d9396862c6e3b675455ac8c0159662a6640bb889ffb34516d2d091275de_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5f2ba97f71eefadd2a84b031e536619dcf1a0b76ae9225592c05b99ec87ca9dc_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8458e32483b897e156a5688ec6d96af2ff897e8c14dafb396c945f7c76b4c368_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ac042b538a7498bf3020c20234966fdbc9b6817aae343985f3bf8ba9fcfdb6d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:ce217da657cabd3cf9beaff3a3b096309738c33932f2ad33d46b03870598f0c4_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:278facca3eaf0c2091ad8575e85ac03aef6e8a52227511e7ee5f62bc2842dac8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:71a6e23a69d7c4723a2653f630c8b02057545c1be65e5f4401490f0364f0d43c_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:a6e6c1f865e6c3e237c36bbb58b3c0e533171303e21cbe4d829d05b497fcd5c7_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:f4ab11e6a09b983a4af87723877338a79b45c36b3848b0e8032963a330d98467_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:628dd4acfe11aef376cc6d75dc7c337c1e487113c2e78e003a3377472b22f488_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:a6813e5bf29916abf84b2d120a30cda07edf06f735c860ee4d0510ed0c59633b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c7c6fe7ff2592c0fdf51d6e3b0ce657dffcd131c60c00ce680acd89c5c286cee_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f0814d33be7a101b6326fb8a536efc0fe66df764d1efa8ddda021e90e61afda9_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html"
},
{
"cve": "CVE-2025-59420",
"cwe": {
"id": "CWE-440",
"name": "Expected Behavior Violation"
},
"discovery_date": "2025-09-22T18:01:35.379361+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:02ced94ebfcce3e21bcc71af6aa1c11db50822c91dd05cec4fb41a34e6669112_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:42a67bb2e5ab681eadc253b413f0bf557d63f282f270e6064f5768fecf6886e5_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:880c746eb5822f68e41ca7b60d97799115c30f39bdc7e458f7a4101e2af36c8c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:ad995b723102f4472e4190257b61582de5c6b058b908bcee7cebe683ae77be75_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:49db4fa7375da6397c45b6c09e10e20f5855348e21812d64474c3adec7f1cbdd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:235d66a1ef93f2ae13266709a30698d444d6e481b8edbdb252d49d9aea4b76ce_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:26a27da8aa0da9a6673907fe35de61cc93932386070dc3d7ad348e8c086b19d7_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:97dd28bc0b588ffc8fd9a171a946580c0572eb6fb34c85d5e1b799a12cf22574_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b6179970b9060f74475ccd25cbb8f8a098ed5e71afb444058156e91e8a51d5a9_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:60638663af472a24a79cc4a6ec7d4d78a3d10b0e09eec80f6da6855277ff139b_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8ca3e5903314362c191c6acd1d3865436d85daf50e284760da21e28f473a8ee5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9a8d1b2e4b0497f96cbbdfa90d96239da9da8329917adca696ea6f0e20d2c2c0_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c622550fb4630be48a1a6e1a8f9337718e4f934b5e5cd23bcc4300beb03eeeae_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:76dd5f7b326afb6c72515daed8e65331f98cb7ad514612c06c85f14de6b525e4_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:7cfa21df6e22c2157d2eb65b5e226863a121c8e661a1869b585ca0656fb6013a_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:9b69aadfde5c4cbde98f496c54ce396d1daa5277b8f59577f22855345604442e_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:decf4b7e1917a2c551ea095c9798a65237879369e9f736a44b885e2589e5c05b_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:878b011b86512d01021feb10cdd54608a3ab68d2f3db5a1d53ce8feaa9e56878_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:54003d9396862c6e3b675455ac8c0159662a6640bb889ffb34516d2d091275de_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5f2ba97f71eefadd2a84b031e536619dcf1a0b76ae9225592c05b99ec87ca9dc_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8458e32483b897e156a5688ec6d96af2ff897e8c14dafb396c945f7c76b4c368_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ac042b538a7498bf3020c20234966fdbc9b6817aae343985f3bf8ba9fcfdb6d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:ce217da657cabd3cf9beaff3a3b096309738c33932f2ad33d46b03870598f0c4_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:278facca3eaf0c2091ad8575e85ac03aef6e8a52227511e7ee5f62bc2842dac8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:71a6e23a69d7c4723a2653f630c8b02057545c1be65e5f4401490f0364f0d43c_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:a6e6c1f865e6c3e237c36bbb58b3c0e533171303e21cbe4d829d05b497fcd5c7_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:f4ab11e6a09b983a4af87723877338a79b45c36b3848b0e8032963a330d98467_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2397460"
}
],
"notes": [
{
"category": "description",
"text": "Authlib\u2019s JWS verification accepts tokens that declare unknown critical header parameters (crit), violating RFC 7515 \u201cmust\u2011understand\u201d semantics. An attacker can craft a signed token with a critical header (for example, bork or cnf) that strict verifiers reject but Authlib accepts. In mixed\u2011language fleets, this enables split\u2011brain verification and can lead to policy bypass, replay, or privilege escalation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "authlib: Authlib RFC violation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:628dd4acfe11aef376cc6d75dc7c337c1e487113c2e78e003a3377472b22f488_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:a6813e5bf29916abf84b2d120a30cda07edf06f735c860ee4d0510ed0c59633b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c7c6fe7ff2592c0fdf51d6e3b0ce657dffcd131c60c00ce680acd89c5c286cee_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f0814d33be7a101b6326fb8a536efc0fe66df764d1efa8ddda021e90e61afda9_arm64"
],
"known_not_affected": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:02ced94ebfcce3e21bcc71af6aa1c11db50822c91dd05cec4fb41a34e6669112_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:42a67bb2e5ab681eadc253b413f0bf557d63f282f270e6064f5768fecf6886e5_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:880c746eb5822f68e41ca7b60d97799115c30f39bdc7e458f7a4101e2af36c8c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:ad995b723102f4472e4190257b61582de5c6b058b908bcee7cebe683ae77be75_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:49db4fa7375da6397c45b6c09e10e20f5855348e21812d64474c3adec7f1cbdd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:235d66a1ef93f2ae13266709a30698d444d6e481b8edbdb252d49d9aea4b76ce_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:26a27da8aa0da9a6673907fe35de61cc93932386070dc3d7ad348e8c086b19d7_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:97dd28bc0b588ffc8fd9a171a946580c0572eb6fb34c85d5e1b799a12cf22574_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b6179970b9060f74475ccd25cbb8f8a098ed5e71afb444058156e91e8a51d5a9_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:60638663af472a24a79cc4a6ec7d4d78a3d10b0e09eec80f6da6855277ff139b_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8ca3e5903314362c191c6acd1d3865436d85daf50e284760da21e28f473a8ee5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9a8d1b2e4b0497f96cbbdfa90d96239da9da8329917adca696ea6f0e20d2c2c0_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c622550fb4630be48a1a6e1a8f9337718e4f934b5e5cd23bcc4300beb03eeeae_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:76dd5f7b326afb6c72515daed8e65331f98cb7ad514612c06c85f14de6b525e4_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:7cfa21df6e22c2157d2eb65b5e226863a121c8e661a1869b585ca0656fb6013a_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:9b69aadfde5c4cbde98f496c54ce396d1daa5277b8f59577f22855345604442e_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:decf4b7e1917a2c551ea095c9798a65237879369e9f736a44b885e2589e5c05b_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:878b011b86512d01021feb10cdd54608a3ab68d2f3db5a1d53ce8feaa9e56878_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:54003d9396862c6e3b675455ac8c0159662a6640bb889ffb34516d2d091275de_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5f2ba97f71eefadd2a84b031e536619dcf1a0b76ae9225592c05b99ec87ca9dc_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8458e32483b897e156a5688ec6d96af2ff897e8c14dafb396c945f7c76b4c368_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ac042b538a7498bf3020c20234966fdbc9b6817aae343985f3bf8ba9fcfdb6d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:ce217da657cabd3cf9beaff3a3b096309738c33932f2ad33d46b03870598f0c4_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:278facca3eaf0c2091ad8575e85ac03aef6e8a52227511e7ee5f62bc2842dac8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:71a6e23a69d7c4723a2653f630c8b02057545c1be65e5f4401490f0364f0d43c_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:a6e6c1f865e6c3e237c36bbb58b3c0e533171303e21cbe4d829d05b497fcd5c7_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:f4ab11e6a09b983a4af87723877338a79b45c36b3848b0e8032963a330d98467_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59420"
},
{
"category": "external",
"summary": "RHBZ#2397460",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2397460"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59420",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59420"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59420",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59420"
},
{
"category": "external",
"summary": "https://github.com/authlib/authlib/commit/6b1813e4392eb7c168c276099ff7783b176479df",
"url": "https://github.com/authlib/authlib/commit/6b1813e4392eb7c168c276099ff7783b176479df"
},
{
"category": "external",
"summary": "https://github.com/authlib/authlib/security/advisories/GHSA-9ggr-2464-2j32",
"url": "https://github.com/authlib/authlib/security/advisories/GHSA-9ggr-2464-2j32"
}
],
"release_date": "2025-09-22T17:28:53.869000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-27T14:54:51+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:628dd4acfe11aef376cc6d75dc7c337c1e487113c2e78e003a3377472b22f488_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:a6813e5bf29916abf84b2d120a30cda07edf06f735c860ee4d0510ed0c59633b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c7c6fe7ff2592c0fdf51d6e3b0ce657dffcd131c60c00ce680acd89c5c286cee_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f0814d33be7a101b6326fb8a536efc0fe66df764d1efa8ddda021e90e61afda9_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22287"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:02ced94ebfcce3e21bcc71af6aa1c11db50822c91dd05cec4fb41a34e6669112_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:42a67bb2e5ab681eadc253b413f0bf557d63f282f270e6064f5768fecf6886e5_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:880c746eb5822f68e41ca7b60d97799115c30f39bdc7e458f7a4101e2af36c8c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:ad995b723102f4472e4190257b61582de5c6b058b908bcee7cebe683ae77be75_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:49db4fa7375da6397c45b6c09e10e20f5855348e21812d64474c3adec7f1cbdd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:235d66a1ef93f2ae13266709a30698d444d6e481b8edbdb252d49d9aea4b76ce_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:26a27da8aa0da9a6673907fe35de61cc93932386070dc3d7ad348e8c086b19d7_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:97dd28bc0b588ffc8fd9a171a946580c0572eb6fb34c85d5e1b799a12cf22574_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b6179970b9060f74475ccd25cbb8f8a098ed5e71afb444058156e91e8a51d5a9_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:60638663af472a24a79cc4a6ec7d4d78a3d10b0e09eec80f6da6855277ff139b_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8ca3e5903314362c191c6acd1d3865436d85daf50e284760da21e28f473a8ee5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9a8d1b2e4b0497f96cbbdfa90d96239da9da8329917adca696ea6f0e20d2c2c0_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c622550fb4630be48a1a6e1a8f9337718e4f934b5e5cd23bcc4300beb03eeeae_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:76dd5f7b326afb6c72515daed8e65331f98cb7ad514612c06c85f14de6b525e4_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:7cfa21df6e22c2157d2eb65b5e226863a121c8e661a1869b585ca0656fb6013a_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:9b69aadfde5c4cbde98f496c54ce396d1daa5277b8f59577f22855345604442e_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:decf4b7e1917a2c551ea095c9798a65237879369e9f736a44b885e2589e5c05b_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:878b011b86512d01021feb10cdd54608a3ab68d2f3db5a1d53ce8feaa9e56878_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:54003d9396862c6e3b675455ac8c0159662a6640bb889ffb34516d2d091275de_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5f2ba97f71eefadd2a84b031e536619dcf1a0b76ae9225592c05b99ec87ca9dc_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8458e32483b897e156a5688ec6d96af2ff897e8c14dafb396c945f7c76b4c368_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ac042b538a7498bf3020c20234966fdbc9b6817aae343985f3bf8ba9fcfdb6d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:ce217da657cabd3cf9beaff3a3b096309738c33932f2ad33d46b03870598f0c4_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:278facca3eaf0c2091ad8575e85ac03aef6e8a52227511e7ee5f62bc2842dac8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:71a6e23a69d7c4723a2653f630c8b02057545c1be65e5f4401490f0364f0d43c_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:a6e6c1f865e6c3e237c36bbb58b3c0e533171303e21cbe4d829d05b497fcd5c7_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:f4ab11e6a09b983a4af87723877338a79b45c36b3848b0e8032963a330d98467_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:628dd4acfe11aef376cc6d75dc7c337c1e487113c2e78e003a3377472b22f488_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:a6813e5bf29916abf84b2d120a30cda07edf06f735c860ee4d0510ed0c59633b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c7c6fe7ff2592c0fdf51d6e3b0ce657dffcd131c60c00ce680acd89c5c286cee_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f0814d33be7a101b6326fb8a536efc0fe66df764d1efa8ddda021e90e61afda9_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:02ced94ebfcce3e21bcc71af6aa1c11db50822c91dd05cec4fb41a34e6669112_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:42a67bb2e5ab681eadc253b413f0bf557d63f282f270e6064f5768fecf6886e5_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:880c746eb5822f68e41ca7b60d97799115c30f39bdc7e458f7a4101e2af36c8c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:ad995b723102f4472e4190257b61582de5c6b058b908bcee7cebe683ae77be75_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:49db4fa7375da6397c45b6c09e10e20f5855348e21812d64474c3adec7f1cbdd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:235d66a1ef93f2ae13266709a30698d444d6e481b8edbdb252d49d9aea4b76ce_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:26a27da8aa0da9a6673907fe35de61cc93932386070dc3d7ad348e8c086b19d7_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:97dd28bc0b588ffc8fd9a171a946580c0572eb6fb34c85d5e1b799a12cf22574_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b6179970b9060f74475ccd25cbb8f8a098ed5e71afb444058156e91e8a51d5a9_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:60638663af472a24a79cc4a6ec7d4d78a3d10b0e09eec80f6da6855277ff139b_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8ca3e5903314362c191c6acd1d3865436d85daf50e284760da21e28f473a8ee5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9a8d1b2e4b0497f96cbbdfa90d96239da9da8329917adca696ea6f0e20d2c2c0_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c622550fb4630be48a1a6e1a8f9337718e4f934b5e5cd23bcc4300beb03eeeae_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:76dd5f7b326afb6c72515daed8e65331f98cb7ad514612c06c85f14de6b525e4_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:7cfa21df6e22c2157d2eb65b5e226863a121c8e661a1869b585ca0656fb6013a_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:9b69aadfde5c4cbde98f496c54ce396d1daa5277b8f59577f22855345604442e_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:decf4b7e1917a2c551ea095c9798a65237879369e9f736a44b885e2589e5c05b_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:878b011b86512d01021feb10cdd54608a3ab68d2f3db5a1d53ce8feaa9e56878_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:54003d9396862c6e3b675455ac8c0159662a6640bb889ffb34516d2d091275de_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5f2ba97f71eefadd2a84b031e536619dcf1a0b76ae9225592c05b99ec87ca9dc_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8458e32483b897e156a5688ec6d96af2ff897e8c14dafb396c945f7c76b4c368_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ac042b538a7498bf3020c20234966fdbc9b6817aae343985f3bf8ba9fcfdb6d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:ce217da657cabd3cf9beaff3a3b096309738c33932f2ad33d46b03870598f0c4_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:278facca3eaf0c2091ad8575e85ac03aef6e8a52227511e7ee5f62bc2842dac8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:71a6e23a69d7c4723a2653f630c8b02057545c1be65e5f4401490f0364f0d43c_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:a6e6c1f865e6c3e237c36bbb58b3c0e533171303e21cbe4d829d05b497fcd5c7_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:f4ab11e6a09b983a4af87723877338a79b45c36b3848b0e8032963a330d98467_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:628dd4acfe11aef376cc6d75dc7c337c1e487113c2e78e003a3377472b22f488_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:a6813e5bf29916abf84b2d120a30cda07edf06f735c860ee4d0510ed0c59633b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c7c6fe7ff2592c0fdf51d6e3b0ce657dffcd131c60c00ce680acd89c5c286cee_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f0814d33be7a101b6326fb8a536efc0fe66df764d1efa8ddda021e90e61afda9_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "authlib: Authlib RFC violation"
},
{
"cve": "CVE-2025-61920",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-10-10T20:01:12.833962+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:02ced94ebfcce3e21bcc71af6aa1c11db50822c91dd05cec4fb41a34e6669112_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:42a67bb2e5ab681eadc253b413f0bf557d63f282f270e6064f5768fecf6886e5_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:880c746eb5822f68e41ca7b60d97799115c30f39bdc7e458f7a4101e2af36c8c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:ad995b723102f4472e4190257b61582de5c6b058b908bcee7cebe683ae77be75_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:49db4fa7375da6397c45b6c09e10e20f5855348e21812d64474c3adec7f1cbdd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:235d66a1ef93f2ae13266709a30698d444d6e481b8edbdb252d49d9aea4b76ce_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:26a27da8aa0da9a6673907fe35de61cc93932386070dc3d7ad348e8c086b19d7_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:97dd28bc0b588ffc8fd9a171a946580c0572eb6fb34c85d5e1b799a12cf22574_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b6179970b9060f74475ccd25cbb8f8a098ed5e71afb444058156e91e8a51d5a9_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:60638663af472a24a79cc4a6ec7d4d78a3d10b0e09eec80f6da6855277ff139b_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8ca3e5903314362c191c6acd1d3865436d85daf50e284760da21e28f473a8ee5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9a8d1b2e4b0497f96cbbdfa90d96239da9da8329917adca696ea6f0e20d2c2c0_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c622550fb4630be48a1a6e1a8f9337718e4f934b5e5cd23bcc4300beb03eeeae_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:76dd5f7b326afb6c72515daed8e65331f98cb7ad514612c06c85f14de6b525e4_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:7cfa21df6e22c2157d2eb65b5e226863a121c8e661a1869b585ca0656fb6013a_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:9b69aadfde5c4cbde98f496c54ce396d1daa5277b8f59577f22855345604442e_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:decf4b7e1917a2c551ea095c9798a65237879369e9f736a44b885e2589e5c05b_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:878b011b86512d01021feb10cdd54608a3ab68d2f3db5a1d53ce8feaa9e56878_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:54003d9396862c6e3b675455ac8c0159662a6640bb889ffb34516d2d091275de_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5f2ba97f71eefadd2a84b031e536619dcf1a0b76ae9225592c05b99ec87ca9dc_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8458e32483b897e156a5688ec6d96af2ff897e8c14dafb396c945f7c76b4c368_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ac042b538a7498bf3020c20234966fdbc9b6817aae343985f3bf8ba9fcfdb6d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:ce217da657cabd3cf9beaff3a3b096309738c33932f2ad33d46b03870598f0c4_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:278facca3eaf0c2091ad8575e85ac03aef6e8a52227511e7ee5f62bc2842dac8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:71a6e23a69d7c4723a2653f630c8b02057545c1be65e5f4401490f0364f0d43c_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:a6e6c1f865e6c3e237c36bbb58b3c0e533171303e21cbe4d829d05b497fcd5c7_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:f4ab11e6a09b983a4af87723877338a79b45c36b3848b0e8032963a330d98467_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2403179"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service flaw has been discovered in the python Authlib package. Authlib\u2019s JOSE implementation accepts unbounded JWS/JWT header and signature segments. A remote attacker can craft a token whose base64url\u2011encoded header or signature spans hundreds of megabytes. During verification, Authlib decodes and parses the full input before it is rejected, driving CPU and memory consumption to hostile levels and enabling denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "authlib: Authlib Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:628dd4acfe11aef376cc6d75dc7c337c1e487113c2e78e003a3377472b22f488_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:a6813e5bf29916abf84b2d120a30cda07edf06f735c860ee4d0510ed0c59633b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c7c6fe7ff2592c0fdf51d6e3b0ce657dffcd131c60c00ce680acd89c5c286cee_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f0814d33be7a101b6326fb8a536efc0fe66df764d1efa8ddda021e90e61afda9_arm64"
],
"known_not_affected": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:02ced94ebfcce3e21bcc71af6aa1c11db50822c91dd05cec4fb41a34e6669112_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:42a67bb2e5ab681eadc253b413f0bf557d63f282f270e6064f5768fecf6886e5_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:880c746eb5822f68e41ca7b60d97799115c30f39bdc7e458f7a4101e2af36c8c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:ad995b723102f4472e4190257b61582de5c6b058b908bcee7cebe683ae77be75_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:49db4fa7375da6397c45b6c09e10e20f5855348e21812d64474c3adec7f1cbdd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:235d66a1ef93f2ae13266709a30698d444d6e481b8edbdb252d49d9aea4b76ce_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:26a27da8aa0da9a6673907fe35de61cc93932386070dc3d7ad348e8c086b19d7_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:97dd28bc0b588ffc8fd9a171a946580c0572eb6fb34c85d5e1b799a12cf22574_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b6179970b9060f74475ccd25cbb8f8a098ed5e71afb444058156e91e8a51d5a9_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:60638663af472a24a79cc4a6ec7d4d78a3d10b0e09eec80f6da6855277ff139b_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8ca3e5903314362c191c6acd1d3865436d85daf50e284760da21e28f473a8ee5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9a8d1b2e4b0497f96cbbdfa90d96239da9da8329917adca696ea6f0e20d2c2c0_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c622550fb4630be48a1a6e1a8f9337718e4f934b5e5cd23bcc4300beb03eeeae_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:76dd5f7b326afb6c72515daed8e65331f98cb7ad514612c06c85f14de6b525e4_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:7cfa21df6e22c2157d2eb65b5e226863a121c8e661a1869b585ca0656fb6013a_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:9b69aadfde5c4cbde98f496c54ce396d1daa5277b8f59577f22855345604442e_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:decf4b7e1917a2c551ea095c9798a65237879369e9f736a44b885e2589e5c05b_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:878b011b86512d01021feb10cdd54608a3ab68d2f3db5a1d53ce8feaa9e56878_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:54003d9396862c6e3b675455ac8c0159662a6640bb889ffb34516d2d091275de_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5f2ba97f71eefadd2a84b031e536619dcf1a0b76ae9225592c05b99ec87ca9dc_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8458e32483b897e156a5688ec6d96af2ff897e8c14dafb396c945f7c76b4c368_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ac042b538a7498bf3020c20234966fdbc9b6817aae343985f3bf8ba9fcfdb6d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:ce217da657cabd3cf9beaff3a3b096309738c33932f2ad33d46b03870598f0c4_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:278facca3eaf0c2091ad8575e85ac03aef6e8a52227511e7ee5f62bc2842dac8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:71a6e23a69d7c4723a2653f630c8b02057545c1be65e5f4401490f0364f0d43c_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:a6e6c1f865e6c3e237c36bbb58b3c0e533171303e21cbe4d829d05b497fcd5c7_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:f4ab11e6a09b983a4af87723877338a79b45c36b3848b0e8032963a330d98467_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61920"
},
{
"category": "external",
"summary": "RHBZ#2403179",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2403179"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61920",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61920"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61920",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61920"
},
{
"category": "external",
"summary": "https://github.com/authlib/authlib/commit/867e3f87b072347a1ae9cf6983cc8bbf88447e5e",
"url": "https://github.com/authlib/authlib/commit/867e3f87b072347a1ae9cf6983cc8bbf88447e5e"
},
{
"category": "external",
"summary": "https://github.com/authlib/authlib/security/advisories/GHSA-pq5p-34cr-23v9",
"url": "https://github.com/authlib/authlib/security/advisories/GHSA-pq5p-34cr-23v9"
}
],
"release_date": "2025-10-10T19:25:07.679000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-27T14:54:51+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:628dd4acfe11aef376cc6d75dc7c337c1e487113c2e78e003a3377472b22f488_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:a6813e5bf29916abf84b2d120a30cda07edf06f735c860ee4d0510ed0c59633b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c7c6fe7ff2592c0fdf51d6e3b0ce657dffcd131c60c00ce680acd89c5c286cee_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f0814d33be7a101b6326fb8a536efc0fe66df764d1efa8ddda021e90e61afda9_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22287"
},
{
"category": "workaround",
"details": "Users unable to upgrade may manually enforce input size limits before handing tokens to Authlib and/or use application-level throttling to reduce amplification risk.",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:02ced94ebfcce3e21bcc71af6aa1c11db50822c91dd05cec4fb41a34e6669112_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:42a67bb2e5ab681eadc253b413f0bf557d63f282f270e6064f5768fecf6886e5_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:880c746eb5822f68e41ca7b60d97799115c30f39bdc7e458f7a4101e2af36c8c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:ad995b723102f4472e4190257b61582de5c6b058b908bcee7cebe683ae77be75_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:49db4fa7375da6397c45b6c09e10e20f5855348e21812d64474c3adec7f1cbdd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:235d66a1ef93f2ae13266709a30698d444d6e481b8edbdb252d49d9aea4b76ce_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:26a27da8aa0da9a6673907fe35de61cc93932386070dc3d7ad348e8c086b19d7_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:97dd28bc0b588ffc8fd9a171a946580c0572eb6fb34c85d5e1b799a12cf22574_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b6179970b9060f74475ccd25cbb8f8a098ed5e71afb444058156e91e8a51d5a9_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:60638663af472a24a79cc4a6ec7d4d78a3d10b0e09eec80f6da6855277ff139b_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8ca3e5903314362c191c6acd1d3865436d85daf50e284760da21e28f473a8ee5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9a8d1b2e4b0497f96cbbdfa90d96239da9da8329917adca696ea6f0e20d2c2c0_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c622550fb4630be48a1a6e1a8f9337718e4f934b5e5cd23bcc4300beb03eeeae_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:76dd5f7b326afb6c72515daed8e65331f98cb7ad514612c06c85f14de6b525e4_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:7cfa21df6e22c2157d2eb65b5e226863a121c8e661a1869b585ca0656fb6013a_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:9b69aadfde5c4cbde98f496c54ce396d1daa5277b8f59577f22855345604442e_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:decf4b7e1917a2c551ea095c9798a65237879369e9f736a44b885e2589e5c05b_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:878b011b86512d01021feb10cdd54608a3ab68d2f3db5a1d53ce8feaa9e56878_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:54003d9396862c6e3b675455ac8c0159662a6640bb889ffb34516d2d091275de_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5f2ba97f71eefadd2a84b031e536619dcf1a0b76ae9225592c05b99ec87ca9dc_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8458e32483b897e156a5688ec6d96af2ff897e8c14dafb396c945f7c76b4c368_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ac042b538a7498bf3020c20234966fdbc9b6817aae343985f3bf8ba9fcfdb6d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:ce217da657cabd3cf9beaff3a3b096309738c33932f2ad33d46b03870598f0c4_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:278facca3eaf0c2091ad8575e85ac03aef6e8a52227511e7ee5f62bc2842dac8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:71a6e23a69d7c4723a2653f630c8b02057545c1be65e5f4401490f0364f0d43c_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:a6e6c1f865e6c3e237c36bbb58b3c0e533171303e21cbe4d829d05b497fcd5c7_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:f4ab11e6a09b983a4af87723877338a79b45c36b3848b0e8032963a330d98467_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:628dd4acfe11aef376cc6d75dc7c337c1e487113c2e78e003a3377472b22f488_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:a6813e5bf29916abf84b2d120a30cda07edf06f735c860ee4d0510ed0c59633b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c7c6fe7ff2592c0fdf51d6e3b0ce657dffcd131c60c00ce680acd89c5c286cee_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f0814d33be7a101b6326fb8a536efc0fe66df764d1efa8ddda021e90e61afda9_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:02ced94ebfcce3e21bcc71af6aa1c11db50822c91dd05cec4fb41a34e6669112_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:42a67bb2e5ab681eadc253b413f0bf557d63f282f270e6064f5768fecf6886e5_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:880c746eb5822f68e41ca7b60d97799115c30f39bdc7e458f7a4101e2af36c8c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:ad995b723102f4472e4190257b61582de5c6b058b908bcee7cebe683ae77be75_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:49db4fa7375da6397c45b6c09e10e20f5855348e21812d64474c3adec7f1cbdd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:235d66a1ef93f2ae13266709a30698d444d6e481b8edbdb252d49d9aea4b76ce_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:26a27da8aa0da9a6673907fe35de61cc93932386070dc3d7ad348e8c086b19d7_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:97dd28bc0b588ffc8fd9a171a946580c0572eb6fb34c85d5e1b799a12cf22574_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:b6179970b9060f74475ccd25cbb8f8a098ed5e71afb444058156e91e8a51d5a9_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:60638663af472a24a79cc4a6ec7d4d78a3d10b0e09eec80f6da6855277ff139b_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:8ca3e5903314362c191c6acd1d3865436d85daf50e284760da21e28f473a8ee5_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:9a8d1b2e4b0497f96cbbdfa90d96239da9da8329917adca696ea6f0e20d2c2c0_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:c622550fb4630be48a1a6e1a8f9337718e4f934b5e5cd23bcc4300beb03eeeae_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:76dd5f7b326afb6c72515daed8e65331f98cb7ad514612c06c85f14de6b525e4_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:7cfa21df6e22c2157d2eb65b5e226863a121c8e661a1869b585ca0656fb6013a_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:9b69aadfde5c4cbde98f496c54ce396d1daa5277b8f59577f22855345604442e_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:decf4b7e1917a2c551ea095c9798a65237879369e9f736a44b885e2589e5c05b_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:878b011b86512d01021feb10cdd54608a3ab68d2f3db5a1d53ce8feaa9e56878_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:54003d9396862c6e3b675455ac8c0159662a6640bb889ffb34516d2d091275de_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:5f2ba97f71eefadd2a84b031e536619dcf1a0b76ae9225592c05b99ec87ca9dc_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8458e32483b897e156a5688ec6d96af2ff897e8c14dafb396c945f7c76b4c368_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:ac042b538a7498bf3020c20234966fdbc9b6817aae343985f3bf8ba9fcfdb6d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:ce217da657cabd3cf9beaff3a3b096309738c33932f2ad33d46b03870598f0c4_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:278facca3eaf0c2091ad8575e85ac03aef6e8a52227511e7ee5f62bc2842dac8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:71a6e23a69d7c4723a2653f630c8b02057545c1be65e5f4401490f0364f0d43c_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:a6e6c1f865e6c3e237c36bbb58b3c0e533171303e21cbe4d829d05b497fcd5c7_arm64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:f4ab11e6a09b983a4af87723877338a79b45c36b3848b0e8032963a330d98467_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:628dd4acfe11aef376cc6d75dc7c337c1e487113c2e78e003a3377472b22f488_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:a6813e5bf29916abf84b2d120a30cda07edf06f735c860ee4d0510ed0c59633b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:c7c6fe7ff2592c0fdf51d6e3b0ce657dffcd131c60c00ce680acd89c5c286cee_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:f0814d33be7a101b6326fb8a536efc0fe66df764d1efa8ddda021e90e61afda9_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "authlib: Authlib Denial of Service"
}
]
}
RHSA-2025:23028
Vulnerability from csaf_redhat - Published: 2025-12-10 10:20 - Updated: 2026-07-01 14:00A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:1b0a31b5f6d1e1493974efb8c7ca5112e6e4d8f0b8e1de8e55b7b8c1184b2293_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:33d0912dbad0b1702fd91abf87e38910d2b983334062044c292a0cb1714187a0_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7814f04947e8e98d3c4870894e320b12c557976495bdf28a89b55bf061bacf79_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b2a263d3cbf303d0dffb2c36ee2a4187c29902ce96ca1ded6f33b2edcc68fda9_arm64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:11091b652f65868606c3d4d3e30a04cea7396f06f119bcd0a4cf664db2aa790e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:212ceac279067567409c47acf7792e0c4d1955395f045e3b717040321dc1b88f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:451da4b858587adcef52b5f1c9b7c92985bd7cc7c90f651b9e38825b81b38fb0_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:c5cb9d3d0f970ad36005f2d376547e967e4a89574cca1cf8806bb92d05199d70_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:0a978bbe91e0e0b8bab6862522f8a0aa8e974b778cc36b83f0781081621c8e23_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8b3684c92affc7acadcd5dc8eb80e5727081c7ecf4cc6eeafe5ecc5ea60970bb_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8d474498354d438fc9deeceb3bc89649f35d4e382e930ee721059bfeaf0f8279_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ad2119941c2e8db1691a9bfee085425c7203ab00c2cdf0a6441b1102109cfd21_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cdf96fe7a1ad4c192b4313e804d40d5c656c3f0ced498bae2427e449f0b2df02_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c7a94928e8ef89aebdd9b30a47aaf0fe4dfb3a716603362b5c7d52255c4e842_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1f769259f2b91d47f4d4fbf92414903a62380a358737e7100a1166ccd8c89b85_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a71b5493009863c4f1e9ae9393ff236dc262d84ee028482ee58840fbfe392c83_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bd796d2de4d02f63adc767aa22b9a388b3adea40c12b0d8f158ebffabed6fee9_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:00eb13b3cccf326292589a680a964160c58f83391d0036c4ebcb34fad32b6189_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ca5a583ca7ff0161ed35deeae94be78adc74100d0343b778f1edf5b77e90925_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:3facbc804376b505181c2f52f0c7a433111bcedcb5699a0fcdffd7e9a2bdfbbe_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7a338bb18181535a2644bf70cae05042e1ef2af5a80e70a6cab6516e8f054896_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:53c387293b92691eb66ea73b1d29781cf275f01b4254c38e21620c0502987272_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:1c915a6f813564b9bf8062ea5c6a83097a8dd78a38fda0171fae9cc8d81299c7_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:37039569fe73c3975468ffb8640c42becdd9b5304fb5e54789bf59dc67c52c9b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:4e2ef7cca978574e1715c24b9874c7a0a1a46a6319884a91fe54df06efe97df1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:b2e2d245c7ba3d1528e73b59bad428f023eeb17a1983d61edcf6a22db58911cf_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f960e1816f8babb590a55ccab9f2db1b567df749e73c70067269d32f6200bca6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:30152d31da209c034ec39b52a32063437097eec9a4fac2eaf4a4110fea97cb70_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:38f094f62eed92d88eae0e7a9be410ef908bd0194b30240d49087ae76250e0ee_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:4d0a86e557e93eb8e7d70d538f181c2d33176b3537fb8d9e3a1e76a16ee2eed5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:a40309477f7286b6c00381012eec8d3ececb557a4b8db38e5b4ea7f321a17c79_amd64 | — |
Workaround
|
A flaw in golang.org/x/crypto/ssh/agent causes the SSH agent client to panic when a peer responds with the generic SSH_AGENT_SUCCESS (0x06) message to requests expecting typed replies (e.g., List, Sign). The unmarshal layer produces an unexpected message type, which the client code does not handle, leading to panic("unreachable") or a nil-pointer dereference. A malicious agent or forwarded connection can exploit this to terminate the client process.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:00eb13b3cccf326292589a680a964160c58f83391d0036c4ebcb34fad32b6189_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ca5a583ca7ff0161ed35deeae94be78adc74100d0343b778f1edf5b77e90925_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:3facbc804376b505181c2f52f0c7a433111bcedcb5699a0fcdffd7e9a2bdfbbe_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7a338bb18181535a2644bf70cae05042e1ef2af5a80e70a6cab6516e8f054896_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:11091b652f65868606c3d4d3e30a04cea7396f06f119bcd0a4cf664db2aa790e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:212ceac279067567409c47acf7792e0c4d1955395f045e3b717040321dc1b88f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:451da4b858587adcef52b5f1c9b7c92985bd7cc7c90f651b9e38825b81b38fb0_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:c5cb9d3d0f970ad36005f2d376547e967e4a89574cca1cf8806bb92d05199d70_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:0a978bbe91e0e0b8bab6862522f8a0aa8e974b778cc36b83f0781081621c8e23_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8b3684c92affc7acadcd5dc8eb80e5727081c7ecf4cc6eeafe5ecc5ea60970bb_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8d474498354d438fc9deeceb3bc89649f35d4e382e930ee721059bfeaf0f8279_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ad2119941c2e8db1691a9bfee085425c7203ab00c2cdf0a6441b1102109cfd21_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cdf96fe7a1ad4c192b4313e804d40d5c656c3f0ced498bae2427e449f0b2df02_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c7a94928e8ef89aebdd9b30a47aaf0fe4dfb3a716603362b5c7d52255c4e842_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1f769259f2b91d47f4d4fbf92414903a62380a358737e7100a1166ccd8c89b85_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a71b5493009863c4f1e9ae9393ff236dc262d84ee028482ee58840fbfe392c83_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bd796d2de4d02f63adc767aa22b9a388b3adea40c12b0d8f158ebffabed6fee9_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:53c387293b92691eb66ea73b1d29781cf275f01b4254c38e21620c0502987272_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:1b0a31b5f6d1e1493974efb8c7ca5112e6e4d8f0b8e1de8e55b7b8c1184b2293_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:33d0912dbad0b1702fd91abf87e38910d2b983334062044c292a0cb1714187a0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7814f04947e8e98d3c4870894e320b12c557976495bdf28a89b55bf061bacf79_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b2a263d3cbf303d0dffb2c36ee2a4187c29902ce96ca1ded6f33b2edcc68fda9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:1c915a6f813564b9bf8062ea5c6a83097a8dd78a38fda0171fae9cc8d81299c7_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:37039569fe73c3975468ffb8640c42becdd9b5304fb5e54789bf59dc67c52c9b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:4e2ef7cca978574e1715c24b9874c7a0a1a46a6319884a91fe54df06efe97df1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:b2e2d245c7ba3d1528e73b59bad428f023eeb17a1983d61edcf6a22db58911cf_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f960e1816f8babb590a55ccab9f2db1b567df749e73c70067269d32f6200bca6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:30152d31da209c034ec39b52a32063437097eec9a4fac2eaf4a4110fea97cb70_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:38f094f62eed92d88eae0e7a9be410ef908bd0194b30240d49087ae76250e0ee_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:4d0a86e557e93eb8e7d70d538f181c2d33176b3537fb8d9e3a1e76a16ee2eed5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:a40309477f7286b6c00381012eec8d3ececb557a4b8db38e5b4ea7f321a17c79_amd64 | — |
Workaround
|
Authlib’s JWS verification accepts tokens that declare unknown critical header parameters (crit), violating RFC 7515 “must‑understand” semantics. An attacker can craft a signed token with a critical header (for example, bork or cnf) that strict verifiers reject but Authlib accepts. In mixed‑language fleets, this enables split‑brain verification and can lead to policy bypass, replay, or privilege escalation.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:30152d31da209c034ec39b52a32063437097eec9a4fac2eaf4a4110fea97cb70_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:38f094f62eed92d88eae0e7a9be410ef908bd0194b30240d49087ae76250e0ee_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:4d0a86e557e93eb8e7d70d538f181c2d33176b3537fb8d9e3a1e76a16ee2eed5_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:a40309477f7286b6c00381012eec8d3ececb557a4b8db38e5b4ea7f321a17c79_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:11091b652f65868606c3d4d3e30a04cea7396f06f119bcd0a4cf664db2aa790e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:212ceac279067567409c47acf7792e0c4d1955395f045e3b717040321dc1b88f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:451da4b858587adcef52b5f1c9b7c92985bd7cc7c90f651b9e38825b81b38fb0_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:c5cb9d3d0f970ad36005f2d376547e967e4a89574cca1cf8806bb92d05199d70_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:0a978bbe91e0e0b8bab6862522f8a0aa8e974b778cc36b83f0781081621c8e23_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8b3684c92affc7acadcd5dc8eb80e5727081c7ecf4cc6eeafe5ecc5ea60970bb_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8d474498354d438fc9deeceb3bc89649f35d4e382e930ee721059bfeaf0f8279_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ad2119941c2e8db1691a9bfee085425c7203ab00c2cdf0a6441b1102109cfd21_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cdf96fe7a1ad4c192b4313e804d40d5c656c3f0ced498bae2427e449f0b2df02_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c7a94928e8ef89aebdd9b30a47aaf0fe4dfb3a716603362b5c7d52255c4e842_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1f769259f2b91d47f4d4fbf92414903a62380a358737e7100a1166ccd8c89b85_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a71b5493009863c4f1e9ae9393ff236dc262d84ee028482ee58840fbfe392c83_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bd796d2de4d02f63adc767aa22b9a388b3adea40c12b0d8f158ebffabed6fee9_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:00eb13b3cccf326292589a680a964160c58f83391d0036c4ebcb34fad32b6189_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ca5a583ca7ff0161ed35deeae94be78adc74100d0343b778f1edf5b77e90925_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:3facbc804376b505181c2f52f0c7a433111bcedcb5699a0fcdffd7e9a2bdfbbe_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7a338bb18181535a2644bf70cae05042e1ef2af5a80e70a6cab6516e8f054896_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:53c387293b92691eb66ea73b1d29781cf275f01b4254c38e21620c0502987272_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:1b0a31b5f6d1e1493974efb8c7ca5112e6e4d8f0b8e1de8e55b7b8c1184b2293_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:33d0912dbad0b1702fd91abf87e38910d2b983334062044c292a0cb1714187a0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7814f04947e8e98d3c4870894e320b12c557976495bdf28a89b55bf061bacf79_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b2a263d3cbf303d0dffb2c36ee2a4187c29902ce96ca1ded6f33b2edcc68fda9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:1c915a6f813564b9bf8062ea5c6a83097a8dd78a38fda0171fae9cc8d81299c7_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:37039569fe73c3975468ffb8640c42becdd9b5304fb5e54789bf59dc67c52c9b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:4e2ef7cca978574e1715c24b9874c7a0a1a46a6319884a91fe54df06efe97df1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:b2e2d245c7ba3d1528e73b59bad428f023eeb17a1983d61edcf6a22db58911cf_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f960e1816f8babb590a55ccab9f2db1b567df749e73c70067269d32f6200bca6_amd64 | — |
Workaround
|
A denial of service flaw has been discovered in the python Authlib package. Authlib’s JOSE implementation accepts unbounded JWS/JWT header and signature segments. A remote attacker can craft a token whose base64url‑encoded header or signature spans hundreds of megabytes. During verification, Authlib decodes and parses the full input before it is rejected, driving CPU and memory consumption to hostile levels and enabling denial of service.
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:30152d31da209c034ec39b52a32063437097eec9a4fac2eaf4a4110fea97cb70_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:38f094f62eed92d88eae0e7a9be410ef908bd0194b30240d49087ae76250e0ee_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:4d0a86e557e93eb8e7d70d538f181c2d33176b3537fb8d9e3a1e76a16ee2eed5_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:a40309477f7286b6c00381012eec8d3ececb557a4b8db38e5b4ea7f321a17c79_amd64 | — |
Vendor Fix
fix
Workaround
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:11091b652f65868606c3d4d3e30a04cea7396f06f119bcd0a4cf664db2aa790e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:212ceac279067567409c47acf7792e0c4d1955395f045e3b717040321dc1b88f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:451da4b858587adcef52b5f1c9b7c92985bd7cc7c90f651b9e38825b81b38fb0_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:c5cb9d3d0f970ad36005f2d376547e967e4a89574cca1cf8806bb92d05199d70_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:0a978bbe91e0e0b8bab6862522f8a0aa8e974b778cc36b83f0781081621c8e23_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8b3684c92affc7acadcd5dc8eb80e5727081c7ecf4cc6eeafe5ecc5ea60970bb_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8d474498354d438fc9deeceb3bc89649f35d4e382e930ee721059bfeaf0f8279_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ad2119941c2e8db1691a9bfee085425c7203ab00c2cdf0a6441b1102109cfd21_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cdf96fe7a1ad4c192b4313e804d40d5c656c3f0ced498bae2427e449f0b2df02_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c7a94928e8ef89aebdd9b30a47aaf0fe4dfb3a716603362b5c7d52255c4e842_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1f769259f2b91d47f4d4fbf92414903a62380a358737e7100a1166ccd8c89b85_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a71b5493009863c4f1e9ae9393ff236dc262d84ee028482ee58840fbfe392c83_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bd796d2de4d02f63adc767aa22b9a388b3adea40c12b0d8f158ebffabed6fee9_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:00eb13b3cccf326292589a680a964160c58f83391d0036c4ebcb34fad32b6189_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ca5a583ca7ff0161ed35deeae94be78adc74100d0343b778f1edf5b77e90925_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:3facbc804376b505181c2f52f0c7a433111bcedcb5699a0fcdffd7e9a2bdfbbe_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7a338bb18181535a2644bf70cae05042e1ef2af5a80e70a6cab6516e8f054896_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:53c387293b92691eb66ea73b1d29781cf275f01b4254c38e21620c0502987272_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:1b0a31b5f6d1e1493974efb8c7ca5112e6e4d8f0b8e1de8e55b7b8c1184b2293_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:33d0912dbad0b1702fd91abf87e38910d2b983334062044c292a0cb1714187a0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7814f04947e8e98d3c4870894e320b12c557976495bdf28a89b55bf061bacf79_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b2a263d3cbf303d0dffb2c36ee2a4187c29902ce96ca1ded6f33b2edcc68fda9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:1c915a6f813564b9bf8062ea5c6a83097a8dd78a38fda0171fae9cc8d81299c7_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:37039569fe73c3975468ffb8640c42becdd9b5304fb5e54789bf59dc67c52c9b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:4e2ef7cca978574e1715c24b9874c7a0a1a46a6319884a91fe54df06efe97df1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:b2e2d245c7ba3d1528e73b59bad428f023eeb17a1983d61edcf6a22db58911cf_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f960e1816f8babb590a55ccab9f2db1b567df749e73c70067269d32f6200bca6_amd64 | — |
Workaround
|
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat Quay 3.12 is now available with bug fixes.",
"title": "Topic"
},
{
"category": "general",
"text": "Quay 3.12",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:23028",
"url": "https://access.redhat.com/errata/RHSA-2025:23028"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-34156",
"url": "https://access.redhat.com/security/cve/CVE-2024-34156"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-47913",
"url": "https://access.redhat.com/security/cve/CVE-2025-47913"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-59420",
"url": "https://access.redhat.com/security/cve/CVE-2025-59420"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61920",
"url": "https://access.redhat.com/security/cve/CVE-2025-61920"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_23028.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Quay 3.12",
"tracking": {
"current_release_date": "2026-07-01T14:00:08+00:00",
"generator": {
"date": "2026-07-01T14:00:08+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2025:23028",
"initial_release_date": "2025-12-10T10:20:44+00:00",
"revision_history": [
{
"date": "2025-12-10T10:20:44+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-12-10T10:20:51+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-07-01T14:00:08+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Quay 3.12",
"product": {
"name": "Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:quay:3.12::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Quay"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:53c387293b92691eb66ea73b1d29781cf275f01b4254c38e21620c0502987272_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:53c387293b92691eb66ea73b1d29781cf275f01b4254c38e21620c0502987272_amd64",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:53c387293b92691eb66ea73b1d29781cf275f01b4254c38e21620c0502987272_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-bundle@sha256%3A53c387293b92691eb66ea73b1d29781cf275f01b4254c38e21620c0502987272?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=3.12.13-1765361593"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7814f04947e8e98d3c4870894e320b12c557976495bdf28a89b55bf061bacf79_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7814f04947e8e98d3c4870894e320b12c557976495bdf28a89b55bf061bacf79_amd64",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7814f04947e8e98d3c4870894e320b12c557976495bdf28a89b55bf061bacf79_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3A7814f04947e8e98d3c4870894e320b12c557976495bdf28a89b55bf061bacf79?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=3.12.13-1765361593"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:0a978bbe91e0e0b8bab6862522f8a0aa8e974b778cc36b83f0781081621c8e23_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:0a978bbe91e0e0b8bab6862522f8a0aa8e974b778cc36b83f0781081621c8e23_amd64",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:0a978bbe91e0e0b8bab6862522f8a0aa8e974b778cc36b83f0781081621c8e23_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-bundle@sha256%3A0a978bbe91e0e0b8bab6862522f8a0aa8e974b778cc36b83f0781081621c8e23?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=3.12.13-1765361593"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ad2119941c2e8db1691a9bfee085425c7203ab00c2cdf0a6441b1102109cfd21_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ad2119941c2e8db1691a9bfee085425c7203ab00c2cdf0a6441b1102109cfd21_amd64",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ad2119941c2e8db1691a9bfee085425c7203ab00c2cdf0a6441b1102109cfd21_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3Aad2119941c2e8db1691a9bfee085425c7203ab00c2cdf0a6441b1102109cfd21?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=3.12.13-1765361593"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1f769259f2b91d47f4d4fbf92414903a62380a358737e7100a1166ccd8c89b85_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1f769259f2b91d47f4d4fbf92414903a62380a358737e7100a1166ccd8c89b85_amd64",
"product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1f769259f2b91d47f4d4fbf92414903a62380a358737e7100a1166ccd8c89b85_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3A1f769259f2b91d47f4d4fbf92414903a62380a358737e7100a1166ccd8c89b85?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=3.14-1765361593"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:7a338bb18181535a2644bf70cae05042e1ef2af5a80e70a6cab6516e8f054896_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:7a338bb18181535a2644bf70cae05042e1ef2af5a80e70a6cab6516e8f054896_amd64",
"product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:7a338bb18181535a2644bf70cae05042e1ef2af5a80e70a6cab6516e8f054896_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel8@sha256%3A7a338bb18181535a2644bf70cae05042e1ef2af5a80e70a6cab6516e8f054896?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=8.10-1765361593"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel8@sha256:c5cb9d3d0f970ad36005f2d376547e967e4a89574cca1cf8806bb92d05199d70_amd64",
"product": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:c5cb9d3d0f970ad36005f2d376547e967e4a89574cca1cf8806bb92d05199d70_amd64",
"product_id": "registry.redhat.io/quay/clair-rhel8@sha256:c5cb9d3d0f970ad36005f2d376547e967e4a89574cca1cf8806bb92d05199d70_amd64",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel8@sha256%3Ac5cb9d3d0f970ad36005f2d376547e967e4a89574cca1cf8806bb92d05199d70?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=v3.12.0-1765361593"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:1c915a6f813564b9bf8062ea5c6a83097a8dd78a38fda0171fae9cc8d81299c7_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:1c915a6f813564b9bf8062ea5c6a83097a8dd78a38fda0171fae9cc8d81299c7_amd64",
"product_id": "registry.redhat.io/quay/quay-operator-bundle@sha256:1c915a6f813564b9bf8062ea5c6a83097a8dd78a38fda0171fae9cc8d81299c7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-bundle@sha256%3A1c915a6f813564b9bf8062ea5c6a83097a8dd78a38fda0171fae9cc8d81299c7?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=3.12.13-1765361593"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:f960e1816f8babb590a55ccab9f2db1b567df749e73c70067269d32f6200bca6_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:f960e1816f8babb590a55ccab9f2db1b567df749e73c70067269d32f6200bca6_amd64",
"product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:f960e1816f8babb590a55ccab9f2db1b567df749e73c70067269d32f6200bca6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel8@sha256%3Af960e1816f8babb590a55ccab9f2db1b567df749e73c70067269d32f6200bca6?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=3.12.13-1765361593"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel8@sha256:a40309477f7286b6c00381012eec8d3ececb557a4b8db38e5b4ea7f321a17c79_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:a40309477f7286b6c00381012eec8d3ececb557a4b8db38e5b4ea7f321a17c79_amd64",
"product_id": "registry.redhat.io/quay/quay-rhel8@sha256:a40309477f7286b6c00381012eec8d3ececb557a4b8db38e5b4ea7f321a17c79_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8@sha256%3Aa40309477f7286b6c00381012eec8d3ececb557a4b8db38e5b4ea7f321a17c79?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=3.12-1765361593"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b2a263d3cbf303d0dffb2c36ee2a4187c29902ce96ca1ded6f33b2edcc68fda9_arm64",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b2a263d3cbf303d0dffb2c36ee2a4187c29902ce96ca1ded6f33b2edcc68fda9_arm64",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b2a263d3cbf303d0dffb2c36ee2a4187c29902ce96ca1ded6f33b2edcc68fda9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3Ab2a263d3cbf303d0dffb2c36ee2a4187c29902ce96ca1ded6f33b2edcc68fda9?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=3.12.13-1765361593"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8b3684c92affc7acadcd5dc8eb80e5727081c7ecf4cc6eeafe5ecc5ea60970bb_arm64",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8b3684c92affc7acadcd5dc8eb80e5727081c7ecf4cc6eeafe5ecc5ea60970bb_arm64",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8b3684c92affc7acadcd5dc8eb80e5727081c7ecf4cc6eeafe5ecc5ea60970bb_arm64",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3A8b3684c92affc7acadcd5dc8eb80e5727081c7ecf4cc6eeafe5ecc5ea60970bb?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=3.12.13-1765361593"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c7a94928e8ef89aebdd9b30a47aaf0fe4dfb3a716603362b5c7d52255c4e842_arm64",
"product": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c7a94928e8ef89aebdd9b30a47aaf0fe4dfb3a716603362b5c7d52255c4e842_arm64",
"product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c7a94928e8ef89aebdd9b30a47aaf0fe4dfb3a716603362b5c7d52255c4e842_arm64",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3A0c7a94928e8ef89aebdd9b30a47aaf0fe4dfb3a716603362b5c7d52255c4e842?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=3.14-1765361593"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:00eb13b3cccf326292589a680a964160c58f83391d0036c4ebcb34fad32b6189_arm64",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:00eb13b3cccf326292589a680a964160c58f83391d0036c4ebcb34fad32b6189_arm64",
"product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:00eb13b3cccf326292589a680a964160c58f83391d0036c4ebcb34fad32b6189_arm64",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel8@sha256%3A00eb13b3cccf326292589a680a964160c58f83391d0036c4ebcb34fad32b6189?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=8.10-1765361593"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel8@sha256:11091b652f65868606c3d4d3e30a04cea7396f06f119bcd0a4cf664db2aa790e_arm64",
"product": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:11091b652f65868606c3d4d3e30a04cea7396f06f119bcd0a4cf664db2aa790e_arm64",
"product_id": "registry.redhat.io/quay/clair-rhel8@sha256:11091b652f65868606c3d4d3e30a04cea7396f06f119bcd0a4cf664db2aa790e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel8@sha256%3A11091b652f65868606c3d4d3e30a04cea7396f06f119bcd0a4cf664db2aa790e?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=v3.12.0-1765361593"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:b2e2d245c7ba3d1528e73b59bad428f023eeb17a1983d61edcf6a22db58911cf_arm64",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:b2e2d245c7ba3d1528e73b59bad428f023eeb17a1983d61edcf6a22db58911cf_arm64",
"product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:b2e2d245c7ba3d1528e73b59bad428f023eeb17a1983d61edcf6a22db58911cf_arm64",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel8@sha256%3Ab2e2d245c7ba3d1528e73b59bad428f023eeb17a1983d61edcf6a22db58911cf?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=3.12.13-1765361593"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel8@sha256:30152d31da209c034ec39b52a32063437097eec9a4fac2eaf4a4110fea97cb70_arm64",
"product": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:30152d31da209c034ec39b52a32063437097eec9a4fac2eaf4a4110fea97cb70_arm64",
"product_id": "registry.redhat.io/quay/quay-rhel8@sha256:30152d31da209c034ec39b52a32063437097eec9a4fac2eaf4a4110fea97cb70_arm64",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8@sha256%3A30152d31da209c034ec39b52a32063437097eec9a4fac2eaf4a4110fea97cb70?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=3.12-1765361593"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:33d0912dbad0b1702fd91abf87e38910d2b983334062044c292a0cb1714187a0_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:33d0912dbad0b1702fd91abf87e38910d2b983334062044c292a0cb1714187a0_ppc64le",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:33d0912dbad0b1702fd91abf87e38910d2b983334062044c292a0cb1714187a0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3A33d0912dbad0b1702fd91abf87e38910d2b983334062044c292a0cb1714187a0?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=3.12.13-1765361593"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8d474498354d438fc9deeceb3bc89649f35d4e382e930ee721059bfeaf0f8279_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8d474498354d438fc9deeceb3bc89649f35d4e382e930ee721059bfeaf0f8279_ppc64le",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8d474498354d438fc9deeceb3bc89649f35d4e382e930ee721059bfeaf0f8279_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3A8d474498354d438fc9deeceb3bc89649f35d4e382e930ee721059bfeaf0f8279?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=3.12.13-1765361593"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bd796d2de4d02f63adc767aa22b9a388b3adea40c12b0d8f158ebffabed6fee9_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bd796d2de4d02f63adc767aa22b9a388b3adea40c12b0d8f158ebffabed6fee9_ppc64le",
"product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bd796d2de4d02f63adc767aa22b9a388b3adea40c12b0d8f158ebffabed6fee9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3Abd796d2de4d02f63adc767aa22b9a388b3adea40c12b0d8f158ebffabed6fee9?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=3.14-1765361593"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:3facbc804376b505181c2f52f0c7a433111bcedcb5699a0fcdffd7e9a2bdfbbe_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:3facbc804376b505181c2f52f0c7a433111bcedcb5699a0fcdffd7e9a2bdfbbe_ppc64le",
"product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:3facbc804376b505181c2f52f0c7a433111bcedcb5699a0fcdffd7e9a2bdfbbe_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel8@sha256%3A3facbc804376b505181c2f52f0c7a433111bcedcb5699a0fcdffd7e9a2bdfbbe?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=8.10-1765361593"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel8@sha256:212ceac279067567409c47acf7792e0c4d1955395f045e3b717040321dc1b88f_ppc64le",
"product": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:212ceac279067567409c47acf7792e0c4d1955395f045e3b717040321dc1b88f_ppc64le",
"product_id": "registry.redhat.io/quay/clair-rhel8@sha256:212ceac279067567409c47acf7792e0c4d1955395f045e3b717040321dc1b88f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel8@sha256%3A212ceac279067567409c47acf7792e0c4d1955395f045e3b717040321dc1b88f?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=v3.12.0-1765361593"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:37039569fe73c3975468ffb8640c42becdd9b5304fb5e54789bf59dc67c52c9b_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:37039569fe73c3975468ffb8640c42becdd9b5304fb5e54789bf59dc67c52c9b_ppc64le",
"product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:37039569fe73c3975468ffb8640c42becdd9b5304fb5e54789bf59dc67c52c9b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel8@sha256%3A37039569fe73c3975468ffb8640c42becdd9b5304fb5e54789bf59dc67c52c9b?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=3.12.13-1765361593"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel8@sha256:38f094f62eed92d88eae0e7a9be410ef908bd0194b30240d49087ae76250e0ee_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:38f094f62eed92d88eae0e7a9be410ef908bd0194b30240d49087ae76250e0ee_ppc64le",
"product_id": "registry.redhat.io/quay/quay-rhel8@sha256:38f094f62eed92d88eae0e7a9be410ef908bd0194b30240d49087ae76250e0ee_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8@sha256%3A38f094f62eed92d88eae0e7a9be410ef908bd0194b30240d49087ae76250e0ee?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=3.12-1765361593"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:1b0a31b5f6d1e1493974efb8c7ca5112e6e4d8f0b8e1de8e55b7b8c1184b2293_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:1b0a31b5f6d1e1493974efb8c7ca5112e6e4d8f0b8e1de8e55b7b8c1184b2293_s390x",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:1b0a31b5f6d1e1493974efb8c7ca5112e6e4d8f0b8e1de8e55b7b8c1184b2293_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3A1b0a31b5f6d1e1493974efb8c7ca5112e6e4d8f0b8e1de8e55b7b8c1184b2293?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=3.12.13-1765361593"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cdf96fe7a1ad4c192b4313e804d40d5c656c3f0ced498bae2427e449f0b2df02_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cdf96fe7a1ad4c192b4313e804d40d5c656c3f0ced498bae2427e449f0b2df02_s390x",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cdf96fe7a1ad4c192b4313e804d40d5c656c3f0ced498bae2427e449f0b2df02_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3Acdf96fe7a1ad4c192b4313e804d40d5c656c3f0ced498bae2427e449f0b2df02?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=3.12.13-1765361593"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a71b5493009863c4f1e9ae9393ff236dc262d84ee028482ee58840fbfe392c83_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a71b5493009863c4f1e9ae9393ff236dc262d84ee028482ee58840fbfe392c83_s390x",
"product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a71b5493009863c4f1e9ae9393ff236dc262d84ee028482ee58840fbfe392c83_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3Aa71b5493009863c4f1e9ae9393ff236dc262d84ee028482ee58840fbfe392c83?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=3.14-1765361593"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:0ca5a583ca7ff0161ed35deeae94be78adc74100d0343b778f1edf5b77e90925_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:0ca5a583ca7ff0161ed35deeae94be78adc74100d0343b778f1edf5b77e90925_s390x",
"product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:0ca5a583ca7ff0161ed35deeae94be78adc74100d0343b778f1edf5b77e90925_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel8@sha256%3A0ca5a583ca7ff0161ed35deeae94be78adc74100d0343b778f1edf5b77e90925?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=8.10-1765361593"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel8@sha256:451da4b858587adcef52b5f1c9b7c92985bd7cc7c90f651b9e38825b81b38fb0_s390x",
"product": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:451da4b858587adcef52b5f1c9b7c92985bd7cc7c90f651b9e38825b81b38fb0_s390x",
"product_id": "registry.redhat.io/quay/clair-rhel8@sha256:451da4b858587adcef52b5f1c9b7c92985bd7cc7c90f651b9e38825b81b38fb0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel8@sha256%3A451da4b858587adcef52b5f1c9b7c92985bd7cc7c90f651b9e38825b81b38fb0?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=v3.12.0-1765361593"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:4e2ef7cca978574e1715c24b9874c7a0a1a46a6319884a91fe54df06efe97df1_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:4e2ef7cca978574e1715c24b9874c7a0a1a46a6319884a91fe54df06efe97df1_s390x",
"product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:4e2ef7cca978574e1715c24b9874c7a0a1a46a6319884a91fe54df06efe97df1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel8@sha256%3A4e2ef7cca978574e1715c24b9874c7a0a1a46a6319884a91fe54df06efe97df1?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=3.12.13-1765361593"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel8@sha256:4d0a86e557e93eb8e7d70d538f181c2d33176b3537fb8d9e3a1e76a16ee2eed5_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:4d0a86e557e93eb8e7d70d538f181c2d33176b3537fb8d9e3a1e76a16ee2eed5_s390x",
"product_id": "registry.redhat.io/quay/quay-rhel8@sha256:4d0a86e557e93eb8e7d70d538f181c2d33176b3537fb8d9e3a1e76a16ee2eed5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8@sha256%3A4d0a86e557e93eb8e7d70d538f181c2d33176b3537fb8d9e3a1e76a16ee2eed5?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=3.12-1765361593"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:11091b652f65868606c3d4d3e30a04cea7396f06f119bcd0a4cf664db2aa790e_arm64 as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:11091b652f65868606c3d4d3e30a04cea7396f06f119bcd0a4cf664db2aa790e_arm64"
},
"product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:11091b652f65868606c3d4d3e30a04cea7396f06f119bcd0a4cf664db2aa790e_arm64",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:212ceac279067567409c47acf7792e0c4d1955395f045e3b717040321dc1b88f_ppc64le as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:212ceac279067567409c47acf7792e0c4d1955395f045e3b717040321dc1b88f_ppc64le"
},
"product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:212ceac279067567409c47acf7792e0c4d1955395f045e3b717040321dc1b88f_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:451da4b858587adcef52b5f1c9b7c92985bd7cc7c90f651b9e38825b81b38fb0_s390x as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:451da4b858587adcef52b5f1c9b7c92985bd7cc7c90f651b9e38825b81b38fb0_s390x"
},
"product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:451da4b858587adcef52b5f1c9b7c92985bd7cc7c90f651b9e38825b81b38fb0_s390x",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:c5cb9d3d0f970ad36005f2d376547e967e4a89574cca1cf8806bb92d05199d70_amd64 as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:c5cb9d3d0f970ad36005f2d376547e967e4a89574cca1cf8806bb92d05199d70_amd64"
},
"product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:c5cb9d3d0f970ad36005f2d376547e967e4a89574cca1cf8806bb92d05199d70_amd64",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:0a978bbe91e0e0b8bab6862522f8a0aa8e974b778cc36b83f0781081621c8e23_amd64 as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:0a978bbe91e0e0b8bab6862522f8a0aa8e974b778cc36b83f0781081621c8e23_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:0a978bbe91e0e0b8bab6862522f8a0aa8e974b778cc36b83f0781081621c8e23_amd64",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8b3684c92affc7acadcd5dc8eb80e5727081c7ecf4cc6eeafe5ecc5ea60970bb_arm64 as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8b3684c92affc7acadcd5dc8eb80e5727081c7ecf4cc6eeafe5ecc5ea60970bb_arm64"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8b3684c92affc7acadcd5dc8eb80e5727081c7ecf4cc6eeafe5ecc5ea60970bb_arm64",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8d474498354d438fc9deeceb3bc89649f35d4e382e930ee721059bfeaf0f8279_ppc64le as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8d474498354d438fc9deeceb3bc89649f35d4e382e930ee721059bfeaf0f8279_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8d474498354d438fc9deeceb3bc89649f35d4e382e930ee721059bfeaf0f8279_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ad2119941c2e8db1691a9bfee085425c7203ab00c2cdf0a6441b1102109cfd21_amd64 as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ad2119941c2e8db1691a9bfee085425c7203ab00c2cdf0a6441b1102109cfd21_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ad2119941c2e8db1691a9bfee085425c7203ab00c2cdf0a6441b1102109cfd21_amd64",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cdf96fe7a1ad4c192b4313e804d40d5c656c3f0ced498bae2427e449f0b2df02_s390x as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cdf96fe7a1ad4c192b4313e804d40d5c656c3f0ced498bae2427e449f0b2df02_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cdf96fe7a1ad4c192b4313e804d40d5c656c3f0ced498bae2427e449f0b2df02_s390x",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c7a94928e8ef89aebdd9b30a47aaf0fe4dfb3a716603362b5c7d52255c4e842_arm64 as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c7a94928e8ef89aebdd9b30a47aaf0fe4dfb3a716603362b5c7d52255c4e842_arm64"
},
"product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c7a94928e8ef89aebdd9b30a47aaf0fe4dfb3a716603362b5c7d52255c4e842_arm64",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1f769259f2b91d47f4d4fbf92414903a62380a358737e7100a1166ccd8c89b85_amd64 as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1f769259f2b91d47f4d4fbf92414903a62380a358737e7100a1166ccd8c89b85_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1f769259f2b91d47f4d4fbf92414903a62380a358737e7100a1166ccd8c89b85_amd64",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a71b5493009863c4f1e9ae9393ff236dc262d84ee028482ee58840fbfe392c83_s390x as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a71b5493009863c4f1e9ae9393ff236dc262d84ee028482ee58840fbfe392c83_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a71b5493009863c4f1e9ae9393ff236dc262d84ee028482ee58840fbfe392c83_s390x",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bd796d2de4d02f63adc767aa22b9a388b3adea40c12b0d8f158ebffabed6fee9_ppc64le as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bd796d2de4d02f63adc767aa22b9a388b3adea40c12b0d8f158ebffabed6fee9_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bd796d2de4d02f63adc767aa22b9a388b3adea40c12b0d8f158ebffabed6fee9_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:00eb13b3cccf326292589a680a964160c58f83391d0036c4ebcb34fad32b6189_arm64 as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:00eb13b3cccf326292589a680a964160c58f83391d0036c4ebcb34fad32b6189_arm64"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:00eb13b3cccf326292589a680a964160c58f83391d0036c4ebcb34fad32b6189_arm64",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:0ca5a583ca7ff0161ed35deeae94be78adc74100d0343b778f1edf5b77e90925_s390x as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ca5a583ca7ff0161ed35deeae94be78adc74100d0343b778f1edf5b77e90925_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:0ca5a583ca7ff0161ed35deeae94be78adc74100d0343b778f1edf5b77e90925_s390x",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:3facbc804376b505181c2f52f0c7a433111bcedcb5699a0fcdffd7e9a2bdfbbe_ppc64le as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:3facbc804376b505181c2f52f0c7a433111bcedcb5699a0fcdffd7e9a2bdfbbe_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:3facbc804376b505181c2f52f0c7a433111bcedcb5699a0fcdffd7e9a2bdfbbe_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:7a338bb18181535a2644bf70cae05042e1ef2af5a80e70a6cab6516e8f054896_amd64 as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7a338bb18181535a2644bf70cae05042e1ef2af5a80e70a6cab6516e8f054896_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:7a338bb18181535a2644bf70cae05042e1ef2af5a80e70a6cab6516e8f054896_amd64",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:53c387293b92691eb66ea73b1d29781cf275f01b4254c38e21620c0502987272_amd64 as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:53c387293b92691eb66ea73b1d29781cf275f01b4254c38e21620c0502987272_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:53c387293b92691eb66ea73b1d29781cf275f01b4254c38e21620c0502987272_amd64",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:1b0a31b5f6d1e1493974efb8c7ca5112e6e4d8f0b8e1de8e55b7b8c1184b2293_s390x as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:1b0a31b5f6d1e1493974efb8c7ca5112e6e4d8f0b8e1de8e55b7b8c1184b2293_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:1b0a31b5f6d1e1493974efb8c7ca5112e6e4d8f0b8e1de8e55b7b8c1184b2293_s390x",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:33d0912dbad0b1702fd91abf87e38910d2b983334062044c292a0cb1714187a0_ppc64le as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:33d0912dbad0b1702fd91abf87e38910d2b983334062044c292a0cb1714187a0_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:33d0912dbad0b1702fd91abf87e38910d2b983334062044c292a0cb1714187a0_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7814f04947e8e98d3c4870894e320b12c557976495bdf28a89b55bf061bacf79_amd64 as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7814f04947e8e98d3c4870894e320b12c557976495bdf28a89b55bf061bacf79_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7814f04947e8e98d3c4870894e320b12c557976495bdf28a89b55bf061bacf79_amd64",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b2a263d3cbf303d0dffb2c36ee2a4187c29902ce96ca1ded6f33b2edcc68fda9_arm64 as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b2a263d3cbf303d0dffb2c36ee2a4187c29902ce96ca1ded6f33b2edcc68fda9_arm64"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b2a263d3cbf303d0dffb2c36ee2a4187c29902ce96ca1ded6f33b2edcc68fda9_arm64",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:1c915a6f813564b9bf8062ea5c6a83097a8dd78a38fda0171fae9cc8d81299c7_amd64 as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:1c915a6f813564b9bf8062ea5c6a83097a8dd78a38fda0171fae9cc8d81299c7_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-operator-bundle@sha256:1c915a6f813564b9bf8062ea5c6a83097a8dd78a38fda0171fae9cc8d81299c7_amd64",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:37039569fe73c3975468ffb8640c42becdd9b5304fb5e54789bf59dc67c52c9b_ppc64le as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:37039569fe73c3975468ffb8640c42becdd9b5304fb5e54789bf59dc67c52c9b_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:37039569fe73c3975468ffb8640c42becdd9b5304fb5e54789bf59dc67c52c9b_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:4e2ef7cca978574e1715c24b9874c7a0a1a46a6319884a91fe54df06efe97df1_s390x as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:4e2ef7cca978574e1715c24b9874c7a0a1a46a6319884a91fe54df06efe97df1_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:4e2ef7cca978574e1715c24b9874c7a0a1a46a6319884a91fe54df06efe97df1_s390x",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:b2e2d245c7ba3d1528e73b59bad428f023eeb17a1983d61edcf6a22db58911cf_arm64 as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:b2e2d245c7ba3d1528e73b59bad428f023eeb17a1983d61edcf6a22db58911cf_arm64"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:b2e2d245c7ba3d1528e73b59bad428f023eeb17a1983d61edcf6a22db58911cf_arm64",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:f960e1816f8babb590a55ccab9f2db1b567df749e73c70067269d32f6200bca6_amd64 as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f960e1816f8babb590a55ccab9f2db1b567df749e73c70067269d32f6200bca6_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:f960e1816f8babb590a55ccab9f2db1b567df749e73c70067269d32f6200bca6_amd64",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:30152d31da209c034ec39b52a32063437097eec9a4fac2eaf4a4110fea97cb70_arm64 as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:30152d31da209c034ec39b52a32063437097eec9a4fac2eaf4a4110fea97cb70_arm64"
},
"product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:30152d31da209c034ec39b52a32063437097eec9a4fac2eaf4a4110fea97cb70_arm64",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:38f094f62eed92d88eae0e7a9be410ef908bd0194b30240d49087ae76250e0ee_ppc64le as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:38f094f62eed92d88eae0e7a9be410ef908bd0194b30240d49087ae76250e0ee_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:38f094f62eed92d88eae0e7a9be410ef908bd0194b30240d49087ae76250e0ee_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:4d0a86e557e93eb8e7d70d538f181c2d33176b3537fb8d9e3a1e76a16ee2eed5_s390x as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:4d0a86e557e93eb8e7d70d538f181c2d33176b3537fb8d9e3a1e76a16ee2eed5_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:4d0a86e557e93eb8e7d70d538f181c2d33176b3537fb8d9e3a1e76a16ee2eed5_s390x",
"relates_to_product_reference": "Red Hat Quay 3.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:a40309477f7286b6c00381012eec8d3ececb557a4b8db38e5b4ea7f321a17c79_amd64 as a component of Red Hat Quay 3.12",
"product_id": "Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:a40309477f7286b6c00381012eec8d3ececb557a4b8db38e5b4ea7f321a17c79_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:a40309477f7286b6c00381012eec8d3ececb557a4b8db38e5b4ea7f321a17c79_amd64",
"relates_to_product_reference": "Red Hat Quay 3.12"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-34156",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2024-09-06T21:20:09.377905+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:11091b652f65868606c3d4d3e30a04cea7396f06f119bcd0a4cf664db2aa790e_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:212ceac279067567409c47acf7792e0c4d1955395f045e3b717040321dc1b88f_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:451da4b858587adcef52b5f1c9b7c92985bd7cc7c90f651b9e38825b81b38fb0_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:c5cb9d3d0f970ad36005f2d376547e967e4a89574cca1cf8806bb92d05199d70_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:0a978bbe91e0e0b8bab6862522f8a0aa8e974b778cc36b83f0781081621c8e23_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8b3684c92affc7acadcd5dc8eb80e5727081c7ecf4cc6eeafe5ecc5ea60970bb_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8d474498354d438fc9deeceb3bc89649f35d4e382e930ee721059bfeaf0f8279_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ad2119941c2e8db1691a9bfee085425c7203ab00c2cdf0a6441b1102109cfd21_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cdf96fe7a1ad4c192b4313e804d40d5c656c3f0ced498bae2427e449f0b2df02_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c7a94928e8ef89aebdd9b30a47aaf0fe4dfb3a716603362b5c7d52255c4e842_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1f769259f2b91d47f4d4fbf92414903a62380a358737e7100a1166ccd8c89b85_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a71b5493009863c4f1e9ae9393ff236dc262d84ee028482ee58840fbfe392c83_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bd796d2de4d02f63adc767aa22b9a388b3adea40c12b0d8f158ebffabed6fee9_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:00eb13b3cccf326292589a680a964160c58f83391d0036c4ebcb34fad32b6189_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ca5a583ca7ff0161ed35deeae94be78adc74100d0343b778f1edf5b77e90925_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:3facbc804376b505181c2f52f0c7a433111bcedcb5699a0fcdffd7e9a2bdfbbe_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7a338bb18181535a2644bf70cae05042e1ef2af5a80e70a6cab6516e8f054896_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:53c387293b92691eb66ea73b1d29781cf275f01b4254c38e21620c0502987272_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:1c915a6f813564b9bf8062ea5c6a83097a8dd78a38fda0171fae9cc8d81299c7_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:37039569fe73c3975468ffb8640c42becdd9b5304fb5e54789bf59dc67c52c9b_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:4e2ef7cca978574e1715c24b9874c7a0a1a46a6319884a91fe54df06efe97df1_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:b2e2d245c7ba3d1528e73b59bad428f023eeb17a1983d61edcf6a22db58911cf_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f960e1816f8babb590a55ccab9f2db1b567df749e73c70067269d32f6200bca6_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:30152d31da209c034ec39b52a32063437097eec9a4fac2eaf4a4110fea97cb70_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:38f094f62eed92d88eae0e7a9be410ef908bd0194b30240d49087ae76250e0ee_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:4d0a86e557e93eb8e7d70d538f181c2d33176b3537fb8d9e3a1e76a16ee2eed5_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:a40309477f7286b6c00381012eec8d3ececb557a4b8db38e5b4ea7f321a17c79_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310528"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in Go\u0027s `encoding/gob` package is of high severity because it exposes applications to potential Denial of Service (DoS) attacks through stack exhaustion. Since `gob` relies on recursive function calls to decode nested structures, an attacker could exploit this by sending crafted messages with excessively deep nesting, causing the application to panic due to stack overflow. This risk is particularly important in scenarios where untrusted or external input is processed, as it can lead to system unavailability or crashes, undermining the reliability and availability of services.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:1b0a31b5f6d1e1493974efb8c7ca5112e6e4d8f0b8e1de8e55b7b8c1184b2293_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:33d0912dbad0b1702fd91abf87e38910d2b983334062044c292a0cb1714187a0_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7814f04947e8e98d3c4870894e320b12c557976495bdf28a89b55bf061bacf79_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b2a263d3cbf303d0dffb2c36ee2a4187c29902ce96ca1ded6f33b2edcc68fda9_arm64"
],
"known_not_affected": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:11091b652f65868606c3d4d3e30a04cea7396f06f119bcd0a4cf664db2aa790e_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:212ceac279067567409c47acf7792e0c4d1955395f045e3b717040321dc1b88f_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:451da4b858587adcef52b5f1c9b7c92985bd7cc7c90f651b9e38825b81b38fb0_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:c5cb9d3d0f970ad36005f2d376547e967e4a89574cca1cf8806bb92d05199d70_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:0a978bbe91e0e0b8bab6862522f8a0aa8e974b778cc36b83f0781081621c8e23_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8b3684c92affc7acadcd5dc8eb80e5727081c7ecf4cc6eeafe5ecc5ea60970bb_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8d474498354d438fc9deeceb3bc89649f35d4e382e930ee721059bfeaf0f8279_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ad2119941c2e8db1691a9bfee085425c7203ab00c2cdf0a6441b1102109cfd21_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cdf96fe7a1ad4c192b4313e804d40d5c656c3f0ced498bae2427e449f0b2df02_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c7a94928e8ef89aebdd9b30a47aaf0fe4dfb3a716603362b5c7d52255c4e842_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1f769259f2b91d47f4d4fbf92414903a62380a358737e7100a1166ccd8c89b85_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a71b5493009863c4f1e9ae9393ff236dc262d84ee028482ee58840fbfe392c83_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bd796d2de4d02f63adc767aa22b9a388b3adea40c12b0d8f158ebffabed6fee9_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:00eb13b3cccf326292589a680a964160c58f83391d0036c4ebcb34fad32b6189_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ca5a583ca7ff0161ed35deeae94be78adc74100d0343b778f1edf5b77e90925_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:3facbc804376b505181c2f52f0c7a433111bcedcb5699a0fcdffd7e9a2bdfbbe_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7a338bb18181535a2644bf70cae05042e1ef2af5a80e70a6cab6516e8f054896_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:53c387293b92691eb66ea73b1d29781cf275f01b4254c38e21620c0502987272_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:1c915a6f813564b9bf8062ea5c6a83097a8dd78a38fda0171fae9cc8d81299c7_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:37039569fe73c3975468ffb8640c42becdd9b5304fb5e54789bf59dc67c52c9b_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:4e2ef7cca978574e1715c24b9874c7a0a1a46a6319884a91fe54df06efe97df1_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:b2e2d245c7ba3d1528e73b59bad428f023eeb17a1983d61edcf6a22db58911cf_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f960e1816f8babb590a55ccab9f2db1b567df749e73c70067269d32f6200bca6_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:30152d31da209c034ec39b52a32063437097eec9a4fac2eaf4a4110fea97cb70_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:38f094f62eed92d88eae0e7a9be410ef908bd0194b30240d49087ae76250e0ee_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:4d0a86e557e93eb8e7d70d538f181c2d33176b3537fb8d9e3a1e76a16ee2eed5_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:a40309477f7286b6c00381012eec8d3ececb557a4b8db38e5b4ea7f321a17c79_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-34156"
},
{
"category": "external",
"summary": "RHBZ#2310528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310528"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-34156",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34156"
},
{
"category": "external",
"summary": "https://go.dev/cl/611239",
"url": "https://go.dev/cl/611239"
},
{
"category": "external",
"summary": "https://go.dev/issue/69139",
"url": "https://go.dev/issue/69139"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk",
"url": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3106",
"url": "https://pkg.go.dev/vuln/GO-2024-3106"
}
],
"release_date": "2024-09-06T21:15:12.020000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-10T10:20:44+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:1b0a31b5f6d1e1493974efb8c7ca5112e6e4d8f0b8e1de8e55b7b8c1184b2293_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:33d0912dbad0b1702fd91abf87e38910d2b983334062044c292a0cb1714187a0_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7814f04947e8e98d3c4870894e320b12c557976495bdf28a89b55bf061bacf79_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b2a263d3cbf303d0dffb2c36ee2a4187c29902ce96ca1ded6f33b2edcc68fda9_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23028"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:11091b652f65868606c3d4d3e30a04cea7396f06f119bcd0a4cf664db2aa790e_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:212ceac279067567409c47acf7792e0c4d1955395f045e3b717040321dc1b88f_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:451da4b858587adcef52b5f1c9b7c92985bd7cc7c90f651b9e38825b81b38fb0_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:c5cb9d3d0f970ad36005f2d376547e967e4a89574cca1cf8806bb92d05199d70_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:0a978bbe91e0e0b8bab6862522f8a0aa8e974b778cc36b83f0781081621c8e23_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8b3684c92affc7acadcd5dc8eb80e5727081c7ecf4cc6eeafe5ecc5ea60970bb_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8d474498354d438fc9deeceb3bc89649f35d4e382e930ee721059bfeaf0f8279_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ad2119941c2e8db1691a9bfee085425c7203ab00c2cdf0a6441b1102109cfd21_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cdf96fe7a1ad4c192b4313e804d40d5c656c3f0ced498bae2427e449f0b2df02_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c7a94928e8ef89aebdd9b30a47aaf0fe4dfb3a716603362b5c7d52255c4e842_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1f769259f2b91d47f4d4fbf92414903a62380a358737e7100a1166ccd8c89b85_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a71b5493009863c4f1e9ae9393ff236dc262d84ee028482ee58840fbfe392c83_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bd796d2de4d02f63adc767aa22b9a388b3adea40c12b0d8f158ebffabed6fee9_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:00eb13b3cccf326292589a680a964160c58f83391d0036c4ebcb34fad32b6189_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ca5a583ca7ff0161ed35deeae94be78adc74100d0343b778f1edf5b77e90925_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:3facbc804376b505181c2f52f0c7a433111bcedcb5699a0fcdffd7e9a2bdfbbe_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7a338bb18181535a2644bf70cae05042e1ef2af5a80e70a6cab6516e8f054896_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:53c387293b92691eb66ea73b1d29781cf275f01b4254c38e21620c0502987272_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:1b0a31b5f6d1e1493974efb8c7ca5112e6e4d8f0b8e1de8e55b7b8c1184b2293_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:33d0912dbad0b1702fd91abf87e38910d2b983334062044c292a0cb1714187a0_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7814f04947e8e98d3c4870894e320b12c557976495bdf28a89b55bf061bacf79_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b2a263d3cbf303d0dffb2c36ee2a4187c29902ce96ca1ded6f33b2edcc68fda9_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:1c915a6f813564b9bf8062ea5c6a83097a8dd78a38fda0171fae9cc8d81299c7_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:37039569fe73c3975468ffb8640c42becdd9b5304fb5e54789bf59dc67c52c9b_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:4e2ef7cca978574e1715c24b9874c7a0a1a46a6319884a91fe54df06efe97df1_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:b2e2d245c7ba3d1528e73b59bad428f023eeb17a1983d61edcf6a22db58911cf_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f960e1816f8babb590a55ccab9f2db1b567df749e73c70067269d32f6200bca6_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:30152d31da209c034ec39b52a32063437097eec9a4fac2eaf4a4110fea97cb70_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:38f094f62eed92d88eae0e7a9be410ef908bd0194b30240d49087ae76250e0ee_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:4d0a86e557e93eb8e7d70d538f181c2d33176b3537fb8d9e3a1e76a16ee2eed5_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:a40309477f7286b6c00381012eec8d3ececb557a4b8db38e5b4ea7f321a17c79_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:11091b652f65868606c3d4d3e30a04cea7396f06f119bcd0a4cf664db2aa790e_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:212ceac279067567409c47acf7792e0c4d1955395f045e3b717040321dc1b88f_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:451da4b858587adcef52b5f1c9b7c92985bd7cc7c90f651b9e38825b81b38fb0_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:c5cb9d3d0f970ad36005f2d376547e967e4a89574cca1cf8806bb92d05199d70_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:0a978bbe91e0e0b8bab6862522f8a0aa8e974b778cc36b83f0781081621c8e23_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8b3684c92affc7acadcd5dc8eb80e5727081c7ecf4cc6eeafe5ecc5ea60970bb_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8d474498354d438fc9deeceb3bc89649f35d4e382e930ee721059bfeaf0f8279_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ad2119941c2e8db1691a9bfee085425c7203ab00c2cdf0a6441b1102109cfd21_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cdf96fe7a1ad4c192b4313e804d40d5c656c3f0ced498bae2427e449f0b2df02_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c7a94928e8ef89aebdd9b30a47aaf0fe4dfb3a716603362b5c7d52255c4e842_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1f769259f2b91d47f4d4fbf92414903a62380a358737e7100a1166ccd8c89b85_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a71b5493009863c4f1e9ae9393ff236dc262d84ee028482ee58840fbfe392c83_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bd796d2de4d02f63adc767aa22b9a388b3adea40c12b0d8f158ebffabed6fee9_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:00eb13b3cccf326292589a680a964160c58f83391d0036c4ebcb34fad32b6189_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ca5a583ca7ff0161ed35deeae94be78adc74100d0343b778f1edf5b77e90925_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:3facbc804376b505181c2f52f0c7a433111bcedcb5699a0fcdffd7e9a2bdfbbe_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7a338bb18181535a2644bf70cae05042e1ef2af5a80e70a6cab6516e8f054896_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:53c387293b92691eb66ea73b1d29781cf275f01b4254c38e21620c0502987272_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:1b0a31b5f6d1e1493974efb8c7ca5112e6e4d8f0b8e1de8e55b7b8c1184b2293_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:33d0912dbad0b1702fd91abf87e38910d2b983334062044c292a0cb1714187a0_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7814f04947e8e98d3c4870894e320b12c557976495bdf28a89b55bf061bacf79_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b2a263d3cbf303d0dffb2c36ee2a4187c29902ce96ca1ded6f33b2edcc68fda9_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:1c915a6f813564b9bf8062ea5c6a83097a8dd78a38fda0171fae9cc8d81299c7_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:37039569fe73c3975468ffb8640c42becdd9b5304fb5e54789bf59dc67c52c9b_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:4e2ef7cca978574e1715c24b9874c7a0a1a46a6319884a91fe54df06efe97df1_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:b2e2d245c7ba3d1528e73b59bad428f023eeb17a1983d61edcf6a22db58911cf_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f960e1816f8babb590a55ccab9f2db1b567df749e73c70067269d32f6200bca6_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:30152d31da209c034ec39b52a32063437097eec9a4fac2eaf4a4110fea97cb70_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:38f094f62eed92d88eae0e7a9be410ef908bd0194b30240d49087ae76250e0ee_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:4d0a86e557e93eb8e7d70d538f181c2d33176b3537fb8d9e3a1e76a16ee2eed5_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:a40309477f7286b6c00381012eec8d3ececb557a4b8db38e5b4ea7f321a17c79_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion"
},
{
"cve": "CVE-2025-47913",
"discovery_date": "2025-11-13T22:01:26.092452+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:11091b652f65868606c3d4d3e30a04cea7396f06f119bcd0a4cf664db2aa790e_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:212ceac279067567409c47acf7792e0c4d1955395f045e3b717040321dc1b88f_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:451da4b858587adcef52b5f1c9b7c92985bd7cc7c90f651b9e38825b81b38fb0_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:c5cb9d3d0f970ad36005f2d376547e967e4a89574cca1cf8806bb92d05199d70_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:0a978bbe91e0e0b8bab6862522f8a0aa8e974b778cc36b83f0781081621c8e23_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8b3684c92affc7acadcd5dc8eb80e5727081c7ecf4cc6eeafe5ecc5ea60970bb_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8d474498354d438fc9deeceb3bc89649f35d4e382e930ee721059bfeaf0f8279_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ad2119941c2e8db1691a9bfee085425c7203ab00c2cdf0a6441b1102109cfd21_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cdf96fe7a1ad4c192b4313e804d40d5c656c3f0ced498bae2427e449f0b2df02_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c7a94928e8ef89aebdd9b30a47aaf0fe4dfb3a716603362b5c7d52255c4e842_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1f769259f2b91d47f4d4fbf92414903a62380a358737e7100a1166ccd8c89b85_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a71b5493009863c4f1e9ae9393ff236dc262d84ee028482ee58840fbfe392c83_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bd796d2de4d02f63adc767aa22b9a388b3adea40c12b0d8f158ebffabed6fee9_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:53c387293b92691eb66ea73b1d29781cf275f01b4254c38e21620c0502987272_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:1b0a31b5f6d1e1493974efb8c7ca5112e6e4d8f0b8e1de8e55b7b8c1184b2293_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:33d0912dbad0b1702fd91abf87e38910d2b983334062044c292a0cb1714187a0_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7814f04947e8e98d3c4870894e320b12c557976495bdf28a89b55bf061bacf79_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b2a263d3cbf303d0dffb2c36ee2a4187c29902ce96ca1ded6f33b2edcc68fda9_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:1c915a6f813564b9bf8062ea5c6a83097a8dd78a38fda0171fae9cc8d81299c7_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:37039569fe73c3975468ffb8640c42becdd9b5304fb5e54789bf59dc67c52c9b_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:4e2ef7cca978574e1715c24b9874c7a0a1a46a6319884a91fe54df06efe97df1_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:b2e2d245c7ba3d1528e73b59bad428f023eeb17a1983d61edcf6a22db58911cf_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f960e1816f8babb590a55ccab9f2db1b567df749e73c70067269d32f6200bca6_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:30152d31da209c034ec39b52a32063437097eec9a4fac2eaf4a4110fea97cb70_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:38f094f62eed92d88eae0e7a9be410ef908bd0194b30240d49087ae76250e0ee_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:4d0a86e557e93eb8e7d70d538f181c2d33176b3537fb8d9e3a1e76a16ee2eed5_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:a40309477f7286b6c00381012eec8d3ececb557a4b8db38e5b4ea7f321a17c79_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2414943"
}
],
"notes": [
{
"category": "description",
"text": "A flaw in golang.org/x/crypto/ssh/agent causes the SSH agent client to panic when a peer responds with the generic SSH_AGENT_SUCCESS (0x06) message to requests expecting typed replies (e.g., List, Sign). The unmarshal layer produces an unexpected message type, which the client code does not handle, leading to panic(\"unreachable\") or a nil-pointer dereference. A malicious agent or forwarded connection can exploit this to terminate the client process.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability was marked as Important because it allows any malicious or misbehaving SSH agent to force a crash in the client process using a single valid protocol byte. The panic occurs before the client has a chance to validate message structure or recover, which means an attacker controlling\u2014or intercepting\u2014SSH agent traffic can reliably terminate processes that rely on agent interactions. In environments where SSH agents operate over forwarded sockets, shared workspaces, or CI/CD runners, this turns into a reliable, unauthenticated remote denial of service against critical automation or developer tooling. The flaw also stems from unsafe assumptions in the unmarshalling logic, where unexpected but protocol-legal message types drop into \u201cunreachable\u201d code paths instead of being handled gracefully\u2014making it a design-level reliability break rather than a simple error-handling bug. For this reason, it is rated as an important availability-impacting vulnerability rather than a moderate issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:00eb13b3cccf326292589a680a964160c58f83391d0036c4ebcb34fad32b6189_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ca5a583ca7ff0161ed35deeae94be78adc74100d0343b778f1edf5b77e90925_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:3facbc804376b505181c2f52f0c7a433111bcedcb5699a0fcdffd7e9a2bdfbbe_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7a338bb18181535a2644bf70cae05042e1ef2af5a80e70a6cab6516e8f054896_amd64"
],
"known_not_affected": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:11091b652f65868606c3d4d3e30a04cea7396f06f119bcd0a4cf664db2aa790e_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:212ceac279067567409c47acf7792e0c4d1955395f045e3b717040321dc1b88f_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:451da4b858587adcef52b5f1c9b7c92985bd7cc7c90f651b9e38825b81b38fb0_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:c5cb9d3d0f970ad36005f2d376547e967e4a89574cca1cf8806bb92d05199d70_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:0a978bbe91e0e0b8bab6862522f8a0aa8e974b778cc36b83f0781081621c8e23_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8b3684c92affc7acadcd5dc8eb80e5727081c7ecf4cc6eeafe5ecc5ea60970bb_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8d474498354d438fc9deeceb3bc89649f35d4e382e930ee721059bfeaf0f8279_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ad2119941c2e8db1691a9bfee085425c7203ab00c2cdf0a6441b1102109cfd21_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cdf96fe7a1ad4c192b4313e804d40d5c656c3f0ced498bae2427e449f0b2df02_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c7a94928e8ef89aebdd9b30a47aaf0fe4dfb3a716603362b5c7d52255c4e842_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1f769259f2b91d47f4d4fbf92414903a62380a358737e7100a1166ccd8c89b85_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a71b5493009863c4f1e9ae9393ff236dc262d84ee028482ee58840fbfe392c83_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bd796d2de4d02f63adc767aa22b9a388b3adea40c12b0d8f158ebffabed6fee9_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:53c387293b92691eb66ea73b1d29781cf275f01b4254c38e21620c0502987272_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:1b0a31b5f6d1e1493974efb8c7ca5112e6e4d8f0b8e1de8e55b7b8c1184b2293_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:33d0912dbad0b1702fd91abf87e38910d2b983334062044c292a0cb1714187a0_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7814f04947e8e98d3c4870894e320b12c557976495bdf28a89b55bf061bacf79_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b2a263d3cbf303d0dffb2c36ee2a4187c29902ce96ca1ded6f33b2edcc68fda9_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:1c915a6f813564b9bf8062ea5c6a83097a8dd78a38fda0171fae9cc8d81299c7_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:37039569fe73c3975468ffb8640c42becdd9b5304fb5e54789bf59dc67c52c9b_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:4e2ef7cca978574e1715c24b9874c7a0a1a46a6319884a91fe54df06efe97df1_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:b2e2d245c7ba3d1528e73b59bad428f023eeb17a1983d61edcf6a22db58911cf_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f960e1816f8babb590a55ccab9f2db1b567df749e73c70067269d32f6200bca6_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:30152d31da209c034ec39b52a32063437097eec9a4fac2eaf4a4110fea97cb70_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:38f094f62eed92d88eae0e7a9be410ef908bd0194b30240d49087ae76250e0ee_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:4d0a86e557e93eb8e7d70d538f181c2d33176b3537fb8d9e3a1e76a16ee2eed5_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:a40309477f7286b6c00381012eec8d3ececb557a4b8db38e5b4ea7f321a17c79_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-47913"
},
{
"category": "external",
"summary": "RHBZ#2414943",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414943"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-47913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47913"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-hcg3-q754-cr77",
"url": "https://github.com/advisories/GHSA-hcg3-q754-cr77"
},
{
"category": "external",
"summary": "https://go.dev/cl/700295",
"url": "https://go.dev/cl/700295"
},
{
"category": "external",
"summary": "https://go.dev/issue/75178",
"url": "https://go.dev/issue/75178"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4116",
"url": "https://pkg.go.dev/vuln/GO-2025-4116"
}
],
"release_date": "2025-11-13T21:29:39.907000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-10T10:20:44+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:00eb13b3cccf326292589a680a964160c58f83391d0036c4ebcb34fad32b6189_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ca5a583ca7ff0161ed35deeae94be78adc74100d0343b778f1edf5b77e90925_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:3facbc804376b505181c2f52f0c7a433111bcedcb5699a0fcdffd7e9a2bdfbbe_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7a338bb18181535a2644bf70cae05042e1ef2af5a80e70a6cab6516e8f054896_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23028"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:11091b652f65868606c3d4d3e30a04cea7396f06f119bcd0a4cf664db2aa790e_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:212ceac279067567409c47acf7792e0c4d1955395f045e3b717040321dc1b88f_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:451da4b858587adcef52b5f1c9b7c92985bd7cc7c90f651b9e38825b81b38fb0_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:c5cb9d3d0f970ad36005f2d376547e967e4a89574cca1cf8806bb92d05199d70_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:0a978bbe91e0e0b8bab6862522f8a0aa8e974b778cc36b83f0781081621c8e23_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8b3684c92affc7acadcd5dc8eb80e5727081c7ecf4cc6eeafe5ecc5ea60970bb_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8d474498354d438fc9deeceb3bc89649f35d4e382e930ee721059bfeaf0f8279_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ad2119941c2e8db1691a9bfee085425c7203ab00c2cdf0a6441b1102109cfd21_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cdf96fe7a1ad4c192b4313e804d40d5c656c3f0ced498bae2427e449f0b2df02_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c7a94928e8ef89aebdd9b30a47aaf0fe4dfb3a716603362b5c7d52255c4e842_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1f769259f2b91d47f4d4fbf92414903a62380a358737e7100a1166ccd8c89b85_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a71b5493009863c4f1e9ae9393ff236dc262d84ee028482ee58840fbfe392c83_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bd796d2de4d02f63adc767aa22b9a388b3adea40c12b0d8f158ebffabed6fee9_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:00eb13b3cccf326292589a680a964160c58f83391d0036c4ebcb34fad32b6189_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ca5a583ca7ff0161ed35deeae94be78adc74100d0343b778f1edf5b77e90925_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:3facbc804376b505181c2f52f0c7a433111bcedcb5699a0fcdffd7e9a2bdfbbe_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7a338bb18181535a2644bf70cae05042e1ef2af5a80e70a6cab6516e8f054896_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:53c387293b92691eb66ea73b1d29781cf275f01b4254c38e21620c0502987272_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:1b0a31b5f6d1e1493974efb8c7ca5112e6e4d8f0b8e1de8e55b7b8c1184b2293_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:33d0912dbad0b1702fd91abf87e38910d2b983334062044c292a0cb1714187a0_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7814f04947e8e98d3c4870894e320b12c557976495bdf28a89b55bf061bacf79_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b2a263d3cbf303d0dffb2c36ee2a4187c29902ce96ca1ded6f33b2edcc68fda9_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:1c915a6f813564b9bf8062ea5c6a83097a8dd78a38fda0171fae9cc8d81299c7_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:37039569fe73c3975468ffb8640c42becdd9b5304fb5e54789bf59dc67c52c9b_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:4e2ef7cca978574e1715c24b9874c7a0a1a46a6319884a91fe54df06efe97df1_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:b2e2d245c7ba3d1528e73b59bad428f023eeb17a1983d61edcf6a22db58911cf_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f960e1816f8babb590a55ccab9f2db1b567df749e73c70067269d32f6200bca6_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:30152d31da209c034ec39b52a32063437097eec9a4fac2eaf4a4110fea97cb70_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:38f094f62eed92d88eae0e7a9be410ef908bd0194b30240d49087ae76250e0ee_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:4d0a86e557e93eb8e7d70d538f181c2d33176b3537fb8d9e3a1e76a16ee2eed5_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:a40309477f7286b6c00381012eec8d3ececb557a4b8db38e5b4ea7f321a17c79_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:11091b652f65868606c3d4d3e30a04cea7396f06f119bcd0a4cf664db2aa790e_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:212ceac279067567409c47acf7792e0c4d1955395f045e3b717040321dc1b88f_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:451da4b858587adcef52b5f1c9b7c92985bd7cc7c90f651b9e38825b81b38fb0_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:c5cb9d3d0f970ad36005f2d376547e967e4a89574cca1cf8806bb92d05199d70_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:0a978bbe91e0e0b8bab6862522f8a0aa8e974b778cc36b83f0781081621c8e23_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8b3684c92affc7acadcd5dc8eb80e5727081c7ecf4cc6eeafe5ecc5ea60970bb_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8d474498354d438fc9deeceb3bc89649f35d4e382e930ee721059bfeaf0f8279_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ad2119941c2e8db1691a9bfee085425c7203ab00c2cdf0a6441b1102109cfd21_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cdf96fe7a1ad4c192b4313e804d40d5c656c3f0ced498bae2427e449f0b2df02_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c7a94928e8ef89aebdd9b30a47aaf0fe4dfb3a716603362b5c7d52255c4e842_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1f769259f2b91d47f4d4fbf92414903a62380a358737e7100a1166ccd8c89b85_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a71b5493009863c4f1e9ae9393ff236dc262d84ee028482ee58840fbfe392c83_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bd796d2de4d02f63adc767aa22b9a388b3adea40c12b0d8f158ebffabed6fee9_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:00eb13b3cccf326292589a680a964160c58f83391d0036c4ebcb34fad32b6189_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ca5a583ca7ff0161ed35deeae94be78adc74100d0343b778f1edf5b77e90925_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:3facbc804376b505181c2f52f0c7a433111bcedcb5699a0fcdffd7e9a2bdfbbe_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7a338bb18181535a2644bf70cae05042e1ef2af5a80e70a6cab6516e8f054896_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:53c387293b92691eb66ea73b1d29781cf275f01b4254c38e21620c0502987272_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:1b0a31b5f6d1e1493974efb8c7ca5112e6e4d8f0b8e1de8e55b7b8c1184b2293_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:33d0912dbad0b1702fd91abf87e38910d2b983334062044c292a0cb1714187a0_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7814f04947e8e98d3c4870894e320b12c557976495bdf28a89b55bf061bacf79_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b2a263d3cbf303d0dffb2c36ee2a4187c29902ce96ca1ded6f33b2edcc68fda9_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:1c915a6f813564b9bf8062ea5c6a83097a8dd78a38fda0171fae9cc8d81299c7_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:37039569fe73c3975468ffb8640c42becdd9b5304fb5e54789bf59dc67c52c9b_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:4e2ef7cca978574e1715c24b9874c7a0a1a46a6319884a91fe54df06efe97df1_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:b2e2d245c7ba3d1528e73b59bad428f023eeb17a1983d61edcf6a22db58911cf_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f960e1816f8babb590a55ccab9f2db1b567df749e73c70067269d32f6200bca6_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:30152d31da209c034ec39b52a32063437097eec9a4fac2eaf4a4110fea97cb70_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:38f094f62eed92d88eae0e7a9be410ef908bd0194b30240d49087ae76250e0ee_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:4d0a86e557e93eb8e7d70d538f181c2d33176b3537fb8d9e3a1e76a16ee2eed5_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:a40309477f7286b6c00381012eec8d3ececb557a4b8db38e5b4ea7f321a17c79_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS"
},
{
"cve": "CVE-2025-59420",
"cwe": {
"id": "CWE-440",
"name": "Expected Behavior Violation"
},
"discovery_date": "2025-09-22T18:01:35.379361+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:11091b652f65868606c3d4d3e30a04cea7396f06f119bcd0a4cf664db2aa790e_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:212ceac279067567409c47acf7792e0c4d1955395f045e3b717040321dc1b88f_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:451da4b858587adcef52b5f1c9b7c92985bd7cc7c90f651b9e38825b81b38fb0_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:c5cb9d3d0f970ad36005f2d376547e967e4a89574cca1cf8806bb92d05199d70_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:0a978bbe91e0e0b8bab6862522f8a0aa8e974b778cc36b83f0781081621c8e23_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8b3684c92affc7acadcd5dc8eb80e5727081c7ecf4cc6eeafe5ecc5ea60970bb_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8d474498354d438fc9deeceb3bc89649f35d4e382e930ee721059bfeaf0f8279_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ad2119941c2e8db1691a9bfee085425c7203ab00c2cdf0a6441b1102109cfd21_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cdf96fe7a1ad4c192b4313e804d40d5c656c3f0ced498bae2427e449f0b2df02_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c7a94928e8ef89aebdd9b30a47aaf0fe4dfb3a716603362b5c7d52255c4e842_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1f769259f2b91d47f4d4fbf92414903a62380a358737e7100a1166ccd8c89b85_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a71b5493009863c4f1e9ae9393ff236dc262d84ee028482ee58840fbfe392c83_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bd796d2de4d02f63adc767aa22b9a388b3adea40c12b0d8f158ebffabed6fee9_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:00eb13b3cccf326292589a680a964160c58f83391d0036c4ebcb34fad32b6189_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ca5a583ca7ff0161ed35deeae94be78adc74100d0343b778f1edf5b77e90925_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:3facbc804376b505181c2f52f0c7a433111bcedcb5699a0fcdffd7e9a2bdfbbe_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7a338bb18181535a2644bf70cae05042e1ef2af5a80e70a6cab6516e8f054896_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:53c387293b92691eb66ea73b1d29781cf275f01b4254c38e21620c0502987272_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:1b0a31b5f6d1e1493974efb8c7ca5112e6e4d8f0b8e1de8e55b7b8c1184b2293_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:33d0912dbad0b1702fd91abf87e38910d2b983334062044c292a0cb1714187a0_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7814f04947e8e98d3c4870894e320b12c557976495bdf28a89b55bf061bacf79_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b2a263d3cbf303d0dffb2c36ee2a4187c29902ce96ca1ded6f33b2edcc68fda9_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:1c915a6f813564b9bf8062ea5c6a83097a8dd78a38fda0171fae9cc8d81299c7_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:37039569fe73c3975468ffb8640c42becdd9b5304fb5e54789bf59dc67c52c9b_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:4e2ef7cca978574e1715c24b9874c7a0a1a46a6319884a91fe54df06efe97df1_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:b2e2d245c7ba3d1528e73b59bad428f023eeb17a1983d61edcf6a22db58911cf_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f960e1816f8babb590a55ccab9f2db1b567df749e73c70067269d32f6200bca6_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2397460"
}
],
"notes": [
{
"category": "description",
"text": "Authlib\u2019s JWS verification accepts tokens that declare unknown critical header parameters (crit), violating RFC 7515 \u201cmust\u2011understand\u201d semantics. An attacker can craft a signed token with a critical header (for example, bork or cnf) that strict verifiers reject but Authlib accepts. In mixed\u2011language fleets, this enables split\u2011brain verification and can lead to policy bypass, replay, or privilege escalation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "authlib: Authlib RFC violation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:30152d31da209c034ec39b52a32063437097eec9a4fac2eaf4a4110fea97cb70_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:38f094f62eed92d88eae0e7a9be410ef908bd0194b30240d49087ae76250e0ee_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:4d0a86e557e93eb8e7d70d538f181c2d33176b3537fb8d9e3a1e76a16ee2eed5_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:a40309477f7286b6c00381012eec8d3ececb557a4b8db38e5b4ea7f321a17c79_amd64"
],
"known_not_affected": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:11091b652f65868606c3d4d3e30a04cea7396f06f119bcd0a4cf664db2aa790e_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:212ceac279067567409c47acf7792e0c4d1955395f045e3b717040321dc1b88f_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:451da4b858587adcef52b5f1c9b7c92985bd7cc7c90f651b9e38825b81b38fb0_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:c5cb9d3d0f970ad36005f2d376547e967e4a89574cca1cf8806bb92d05199d70_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:0a978bbe91e0e0b8bab6862522f8a0aa8e974b778cc36b83f0781081621c8e23_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8b3684c92affc7acadcd5dc8eb80e5727081c7ecf4cc6eeafe5ecc5ea60970bb_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8d474498354d438fc9deeceb3bc89649f35d4e382e930ee721059bfeaf0f8279_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ad2119941c2e8db1691a9bfee085425c7203ab00c2cdf0a6441b1102109cfd21_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cdf96fe7a1ad4c192b4313e804d40d5c656c3f0ced498bae2427e449f0b2df02_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c7a94928e8ef89aebdd9b30a47aaf0fe4dfb3a716603362b5c7d52255c4e842_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1f769259f2b91d47f4d4fbf92414903a62380a358737e7100a1166ccd8c89b85_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a71b5493009863c4f1e9ae9393ff236dc262d84ee028482ee58840fbfe392c83_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bd796d2de4d02f63adc767aa22b9a388b3adea40c12b0d8f158ebffabed6fee9_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:00eb13b3cccf326292589a680a964160c58f83391d0036c4ebcb34fad32b6189_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ca5a583ca7ff0161ed35deeae94be78adc74100d0343b778f1edf5b77e90925_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:3facbc804376b505181c2f52f0c7a433111bcedcb5699a0fcdffd7e9a2bdfbbe_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7a338bb18181535a2644bf70cae05042e1ef2af5a80e70a6cab6516e8f054896_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:53c387293b92691eb66ea73b1d29781cf275f01b4254c38e21620c0502987272_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:1b0a31b5f6d1e1493974efb8c7ca5112e6e4d8f0b8e1de8e55b7b8c1184b2293_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:33d0912dbad0b1702fd91abf87e38910d2b983334062044c292a0cb1714187a0_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7814f04947e8e98d3c4870894e320b12c557976495bdf28a89b55bf061bacf79_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b2a263d3cbf303d0dffb2c36ee2a4187c29902ce96ca1ded6f33b2edcc68fda9_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:1c915a6f813564b9bf8062ea5c6a83097a8dd78a38fda0171fae9cc8d81299c7_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:37039569fe73c3975468ffb8640c42becdd9b5304fb5e54789bf59dc67c52c9b_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:4e2ef7cca978574e1715c24b9874c7a0a1a46a6319884a91fe54df06efe97df1_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:b2e2d245c7ba3d1528e73b59bad428f023eeb17a1983d61edcf6a22db58911cf_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f960e1816f8babb590a55ccab9f2db1b567df749e73c70067269d32f6200bca6_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59420"
},
{
"category": "external",
"summary": "RHBZ#2397460",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2397460"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59420",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59420"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59420",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59420"
},
{
"category": "external",
"summary": "https://github.com/authlib/authlib/commit/6b1813e4392eb7c168c276099ff7783b176479df",
"url": "https://github.com/authlib/authlib/commit/6b1813e4392eb7c168c276099ff7783b176479df"
},
{
"category": "external",
"summary": "https://github.com/authlib/authlib/security/advisories/GHSA-9ggr-2464-2j32",
"url": "https://github.com/authlib/authlib/security/advisories/GHSA-9ggr-2464-2j32"
}
],
"release_date": "2025-09-22T17:28:53.869000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-10T10:20:44+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:30152d31da209c034ec39b52a32063437097eec9a4fac2eaf4a4110fea97cb70_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:38f094f62eed92d88eae0e7a9be410ef908bd0194b30240d49087ae76250e0ee_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:4d0a86e557e93eb8e7d70d538f181c2d33176b3537fb8d9e3a1e76a16ee2eed5_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:a40309477f7286b6c00381012eec8d3ececb557a4b8db38e5b4ea7f321a17c79_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23028"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:11091b652f65868606c3d4d3e30a04cea7396f06f119bcd0a4cf664db2aa790e_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:212ceac279067567409c47acf7792e0c4d1955395f045e3b717040321dc1b88f_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:451da4b858587adcef52b5f1c9b7c92985bd7cc7c90f651b9e38825b81b38fb0_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:c5cb9d3d0f970ad36005f2d376547e967e4a89574cca1cf8806bb92d05199d70_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:0a978bbe91e0e0b8bab6862522f8a0aa8e974b778cc36b83f0781081621c8e23_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8b3684c92affc7acadcd5dc8eb80e5727081c7ecf4cc6eeafe5ecc5ea60970bb_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8d474498354d438fc9deeceb3bc89649f35d4e382e930ee721059bfeaf0f8279_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ad2119941c2e8db1691a9bfee085425c7203ab00c2cdf0a6441b1102109cfd21_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cdf96fe7a1ad4c192b4313e804d40d5c656c3f0ced498bae2427e449f0b2df02_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c7a94928e8ef89aebdd9b30a47aaf0fe4dfb3a716603362b5c7d52255c4e842_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1f769259f2b91d47f4d4fbf92414903a62380a358737e7100a1166ccd8c89b85_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a71b5493009863c4f1e9ae9393ff236dc262d84ee028482ee58840fbfe392c83_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bd796d2de4d02f63adc767aa22b9a388b3adea40c12b0d8f158ebffabed6fee9_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:00eb13b3cccf326292589a680a964160c58f83391d0036c4ebcb34fad32b6189_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ca5a583ca7ff0161ed35deeae94be78adc74100d0343b778f1edf5b77e90925_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:3facbc804376b505181c2f52f0c7a433111bcedcb5699a0fcdffd7e9a2bdfbbe_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7a338bb18181535a2644bf70cae05042e1ef2af5a80e70a6cab6516e8f054896_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:53c387293b92691eb66ea73b1d29781cf275f01b4254c38e21620c0502987272_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:1b0a31b5f6d1e1493974efb8c7ca5112e6e4d8f0b8e1de8e55b7b8c1184b2293_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:33d0912dbad0b1702fd91abf87e38910d2b983334062044c292a0cb1714187a0_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7814f04947e8e98d3c4870894e320b12c557976495bdf28a89b55bf061bacf79_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b2a263d3cbf303d0dffb2c36ee2a4187c29902ce96ca1ded6f33b2edcc68fda9_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:1c915a6f813564b9bf8062ea5c6a83097a8dd78a38fda0171fae9cc8d81299c7_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:37039569fe73c3975468ffb8640c42becdd9b5304fb5e54789bf59dc67c52c9b_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:4e2ef7cca978574e1715c24b9874c7a0a1a46a6319884a91fe54df06efe97df1_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:b2e2d245c7ba3d1528e73b59bad428f023eeb17a1983d61edcf6a22db58911cf_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f960e1816f8babb590a55ccab9f2db1b567df749e73c70067269d32f6200bca6_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:30152d31da209c034ec39b52a32063437097eec9a4fac2eaf4a4110fea97cb70_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:38f094f62eed92d88eae0e7a9be410ef908bd0194b30240d49087ae76250e0ee_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:4d0a86e557e93eb8e7d70d538f181c2d33176b3537fb8d9e3a1e76a16ee2eed5_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:a40309477f7286b6c00381012eec8d3ececb557a4b8db38e5b4ea7f321a17c79_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:11091b652f65868606c3d4d3e30a04cea7396f06f119bcd0a4cf664db2aa790e_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:212ceac279067567409c47acf7792e0c4d1955395f045e3b717040321dc1b88f_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:451da4b858587adcef52b5f1c9b7c92985bd7cc7c90f651b9e38825b81b38fb0_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:c5cb9d3d0f970ad36005f2d376547e967e4a89574cca1cf8806bb92d05199d70_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:0a978bbe91e0e0b8bab6862522f8a0aa8e974b778cc36b83f0781081621c8e23_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8b3684c92affc7acadcd5dc8eb80e5727081c7ecf4cc6eeafe5ecc5ea60970bb_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8d474498354d438fc9deeceb3bc89649f35d4e382e930ee721059bfeaf0f8279_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ad2119941c2e8db1691a9bfee085425c7203ab00c2cdf0a6441b1102109cfd21_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cdf96fe7a1ad4c192b4313e804d40d5c656c3f0ced498bae2427e449f0b2df02_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c7a94928e8ef89aebdd9b30a47aaf0fe4dfb3a716603362b5c7d52255c4e842_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1f769259f2b91d47f4d4fbf92414903a62380a358737e7100a1166ccd8c89b85_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a71b5493009863c4f1e9ae9393ff236dc262d84ee028482ee58840fbfe392c83_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bd796d2de4d02f63adc767aa22b9a388b3adea40c12b0d8f158ebffabed6fee9_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:00eb13b3cccf326292589a680a964160c58f83391d0036c4ebcb34fad32b6189_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ca5a583ca7ff0161ed35deeae94be78adc74100d0343b778f1edf5b77e90925_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:3facbc804376b505181c2f52f0c7a433111bcedcb5699a0fcdffd7e9a2bdfbbe_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7a338bb18181535a2644bf70cae05042e1ef2af5a80e70a6cab6516e8f054896_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:53c387293b92691eb66ea73b1d29781cf275f01b4254c38e21620c0502987272_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:1b0a31b5f6d1e1493974efb8c7ca5112e6e4d8f0b8e1de8e55b7b8c1184b2293_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:33d0912dbad0b1702fd91abf87e38910d2b983334062044c292a0cb1714187a0_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7814f04947e8e98d3c4870894e320b12c557976495bdf28a89b55bf061bacf79_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b2a263d3cbf303d0dffb2c36ee2a4187c29902ce96ca1ded6f33b2edcc68fda9_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:1c915a6f813564b9bf8062ea5c6a83097a8dd78a38fda0171fae9cc8d81299c7_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:37039569fe73c3975468ffb8640c42becdd9b5304fb5e54789bf59dc67c52c9b_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:4e2ef7cca978574e1715c24b9874c7a0a1a46a6319884a91fe54df06efe97df1_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:b2e2d245c7ba3d1528e73b59bad428f023eeb17a1983d61edcf6a22db58911cf_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f960e1816f8babb590a55ccab9f2db1b567df749e73c70067269d32f6200bca6_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:30152d31da209c034ec39b52a32063437097eec9a4fac2eaf4a4110fea97cb70_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:38f094f62eed92d88eae0e7a9be410ef908bd0194b30240d49087ae76250e0ee_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:4d0a86e557e93eb8e7d70d538f181c2d33176b3537fb8d9e3a1e76a16ee2eed5_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:a40309477f7286b6c00381012eec8d3ececb557a4b8db38e5b4ea7f321a17c79_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "authlib: Authlib RFC violation"
},
{
"cve": "CVE-2025-61920",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-10-10T20:01:12.833962+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:11091b652f65868606c3d4d3e30a04cea7396f06f119bcd0a4cf664db2aa790e_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:212ceac279067567409c47acf7792e0c4d1955395f045e3b717040321dc1b88f_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:451da4b858587adcef52b5f1c9b7c92985bd7cc7c90f651b9e38825b81b38fb0_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:c5cb9d3d0f970ad36005f2d376547e967e4a89574cca1cf8806bb92d05199d70_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:0a978bbe91e0e0b8bab6862522f8a0aa8e974b778cc36b83f0781081621c8e23_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8b3684c92affc7acadcd5dc8eb80e5727081c7ecf4cc6eeafe5ecc5ea60970bb_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8d474498354d438fc9deeceb3bc89649f35d4e382e930ee721059bfeaf0f8279_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ad2119941c2e8db1691a9bfee085425c7203ab00c2cdf0a6441b1102109cfd21_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cdf96fe7a1ad4c192b4313e804d40d5c656c3f0ced498bae2427e449f0b2df02_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c7a94928e8ef89aebdd9b30a47aaf0fe4dfb3a716603362b5c7d52255c4e842_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1f769259f2b91d47f4d4fbf92414903a62380a358737e7100a1166ccd8c89b85_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a71b5493009863c4f1e9ae9393ff236dc262d84ee028482ee58840fbfe392c83_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bd796d2de4d02f63adc767aa22b9a388b3adea40c12b0d8f158ebffabed6fee9_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:00eb13b3cccf326292589a680a964160c58f83391d0036c4ebcb34fad32b6189_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ca5a583ca7ff0161ed35deeae94be78adc74100d0343b778f1edf5b77e90925_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:3facbc804376b505181c2f52f0c7a433111bcedcb5699a0fcdffd7e9a2bdfbbe_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7a338bb18181535a2644bf70cae05042e1ef2af5a80e70a6cab6516e8f054896_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:53c387293b92691eb66ea73b1d29781cf275f01b4254c38e21620c0502987272_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:1b0a31b5f6d1e1493974efb8c7ca5112e6e4d8f0b8e1de8e55b7b8c1184b2293_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:33d0912dbad0b1702fd91abf87e38910d2b983334062044c292a0cb1714187a0_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7814f04947e8e98d3c4870894e320b12c557976495bdf28a89b55bf061bacf79_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b2a263d3cbf303d0dffb2c36ee2a4187c29902ce96ca1ded6f33b2edcc68fda9_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:1c915a6f813564b9bf8062ea5c6a83097a8dd78a38fda0171fae9cc8d81299c7_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:37039569fe73c3975468ffb8640c42becdd9b5304fb5e54789bf59dc67c52c9b_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:4e2ef7cca978574e1715c24b9874c7a0a1a46a6319884a91fe54df06efe97df1_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:b2e2d245c7ba3d1528e73b59bad428f023eeb17a1983d61edcf6a22db58911cf_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f960e1816f8babb590a55ccab9f2db1b567df749e73c70067269d32f6200bca6_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2403179"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service flaw has been discovered in the python Authlib package. Authlib\u2019s JOSE implementation accepts unbounded JWS/JWT header and signature segments. A remote attacker can craft a token whose base64url\u2011encoded header or signature spans hundreds of megabytes. During verification, Authlib decodes and parses the full input before it is rejected, driving CPU and memory consumption to hostile levels and enabling denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "authlib: Authlib Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:30152d31da209c034ec39b52a32063437097eec9a4fac2eaf4a4110fea97cb70_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:38f094f62eed92d88eae0e7a9be410ef908bd0194b30240d49087ae76250e0ee_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:4d0a86e557e93eb8e7d70d538f181c2d33176b3537fb8d9e3a1e76a16ee2eed5_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:a40309477f7286b6c00381012eec8d3ececb557a4b8db38e5b4ea7f321a17c79_amd64"
],
"known_not_affected": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:11091b652f65868606c3d4d3e30a04cea7396f06f119bcd0a4cf664db2aa790e_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:212ceac279067567409c47acf7792e0c4d1955395f045e3b717040321dc1b88f_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:451da4b858587adcef52b5f1c9b7c92985bd7cc7c90f651b9e38825b81b38fb0_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:c5cb9d3d0f970ad36005f2d376547e967e4a89574cca1cf8806bb92d05199d70_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:0a978bbe91e0e0b8bab6862522f8a0aa8e974b778cc36b83f0781081621c8e23_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8b3684c92affc7acadcd5dc8eb80e5727081c7ecf4cc6eeafe5ecc5ea60970bb_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8d474498354d438fc9deeceb3bc89649f35d4e382e930ee721059bfeaf0f8279_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ad2119941c2e8db1691a9bfee085425c7203ab00c2cdf0a6441b1102109cfd21_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cdf96fe7a1ad4c192b4313e804d40d5c656c3f0ced498bae2427e449f0b2df02_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c7a94928e8ef89aebdd9b30a47aaf0fe4dfb3a716603362b5c7d52255c4e842_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1f769259f2b91d47f4d4fbf92414903a62380a358737e7100a1166ccd8c89b85_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a71b5493009863c4f1e9ae9393ff236dc262d84ee028482ee58840fbfe392c83_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bd796d2de4d02f63adc767aa22b9a388b3adea40c12b0d8f158ebffabed6fee9_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:00eb13b3cccf326292589a680a964160c58f83391d0036c4ebcb34fad32b6189_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ca5a583ca7ff0161ed35deeae94be78adc74100d0343b778f1edf5b77e90925_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:3facbc804376b505181c2f52f0c7a433111bcedcb5699a0fcdffd7e9a2bdfbbe_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7a338bb18181535a2644bf70cae05042e1ef2af5a80e70a6cab6516e8f054896_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:53c387293b92691eb66ea73b1d29781cf275f01b4254c38e21620c0502987272_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:1b0a31b5f6d1e1493974efb8c7ca5112e6e4d8f0b8e1de8e55b7b8c1184b2293_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:33d0912dbad0b1702fd91abf87e38910d2b983334062044c292a0cb1714187a0_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7814f04947e8e98d3c4870894e320b12c557976495bdf28a89b55bf061bacf79_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b2a263d3cbf303d0dffb2c36ee2a4187c29902ce96ca1ded6f33b2edcc68fda9_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:1c915a6f813564b9bf8062ea5c6a83097a8dd78a38fda0171fae9cc8d81299c7_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:37039569fe73c3975468ffb8640c42becdd9b5304fb5e54789bf59dc67c52c9b_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:4e2ef7cca978574e1715c24b9874c7a0a1a46a6319884a91fe54df06efe97df1_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:b2e2d245c7ba3d1528e73b59bad428f023eeb17a1983d61edcf6a22db58911cf_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f960e1816f8babb590a55ccab9f2db1b567df749e73c70067269d32f6200bca6_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61920"
},
{
"category": "external",
"summary": "RHBZ#2403179",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2403179"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61920",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61920"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61920",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61920"
},
{
"category": "external",
"summary": "https://github.com/authlib/authlib/commit/867e3f87b072347a1ae9cf6983cc8bbf88447e5e",
"url": "https://github.com/authlib/authlib/commit/867e3f87b072347a1ae9cf6983cc8bbf88447e5e"
},
{
"category": "external",
"summary": "https://github.com/authlib/authlib/security/advisories/GHSA-pq5p-34cr-23v9",
"url": "https://github.com/authlib/authlib/security/advisories/GHSA-pq5p-34cr-23v9"
}
],
"release_date": "2025-10-10T19:25:07.679000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-10T10:20:44+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:30152d31da209c034ec39b52a32063437097eec9a4fac2eaf4a4110fea97cb70_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:38f094f62eed92d88eae0e7a9be410ef908bd0194b30240d49087ae76250e0ee_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:4d0a86e557e93eb8e7d70d538f181c2d33176b3537fb8d9e3a1e76a16ee2eed5_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:a40309477f7286b6c00381012eec8d3ececb557a4b8db38e5b4ea7f321a17c79_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23028"
},
{
"category": "workaround",
"details": "Users unable to upgrade may manually enforce input size limits before handing tokens to Authlib and/or use application-level throttling to reduce amplification risk.",
"product_ids": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:11091b652f65868606c3d4d3e30a04cea7396f06f119bcd0a4cf664db2aa790e_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:212ceac279067567409c47acf7792e0c4d1955395f045e3b717040321dc1b88f_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:451da4b858587adcef52b5f1c9b7c92985bd7cc7c90f651b9e38825b81b38fb0_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:c5cb9d3d0f970ad36005f2d376547e967e4a89574cca1cf8806bb92d05199d70_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:0a978bbe91e0e0b8bab6862522f8a0aa8e974b778cc36b83f0781081621c8e23_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8b3684c92affc7acadcd5dc8eb80e5727081c7ecf4cc6eeafe5ecc5ea60970bb_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8d474498354d438fc9deeceb3bc89649f35d4e382e930ee721059bfeaf0f8279_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ad2119941c2e8db1691a9bfee085425c7203ab00c2cdf0a6441b1102109cfd21_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cdf96fe7a1ad4c192b4313e804d40d5c656c3f0ced498bae2427e449f0b2df02_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c7a94928e8ef89aebdd9b30a47aaf0fe4dfb3a716603362b5c7d52255c4e842_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1f769259f2b91d47f4d4fbf92414903a62380a358737e7100a1166ccd8c89b85_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a71b5493009863c4f1e9ae9393ff236dc262d84ee028482ee58840fbfe392c83_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bd796d2de4d02f63adc767aa22b9a388b3adea40c12b0d8f158ebffabed6fee9_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:00eb13b3cccf326292589a680a964160c58f83391d0036c4ebcb34fad32b6189_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ca5a583ca7ff0161ed35deeae94be78adc74100d0343b778f1edf5b77e90925_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:3facbc804376b505181c2f52f0c7a433111bcedcb5699a0fcdffd7e9a2bdfbbe_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7a338bb18181535a2644bf70cae05042e1ef2af5a80e70a6cab6516e8f054896_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:53c387293b92691eb66ea73b1d29781cf275f01b4254c38e21620c0502987272_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:1b0a31b5f6d1e1493974efb8c7ca5112e6e4d8f0b8e1de8e55b7b8c1184b2293_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:33d0912dbad0b1702fd91abf87e38910d2b983334062044c292a0cb1714187a0_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7814f04947e8e98d3c4870894e320b12c557976495bdf28a89b55bf061bacf79_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b2a263d3cbf303d0dffb2c36ee2a4187c29902ce96ca1ded6f33b2edcc68fda9_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:1c915a6f813564b9bf8062ea5c6a83097a8dd78a38fda0171fae9cc8d81299c7_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:37039569fe73c3975468ffb8640c42becdd9b5304fb5e54789bf59dc67c52c9b_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:4e2ef7cca978574e1715c24b9874c7a0a1a46a6319884a91fe54df06efe97df1_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:b2e2d245c7ba3d1528e73b59bad428f023eeb17a1983d61edcf6a22db58911cf_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f960e1816f8babb590a55ccab9f2db1b567df749e73c70067269d32f6200bca6_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:30152d31da209c034ec39b52a32063437097eec9a4fac2eaf4a4110fea97cb70_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:38f094f62eed92d88eae0e7a9be410ef908bd0194b30240d49087ae76250e0ee_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:4d0a86e557e93eb8e7d70d538f181c2d33176b3537fb8d9e3a1e76a16ee2eed5_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:a40309477f7286b6c00381012eec8d3ececb557a4b8db38e5b4ea7f321a17c79_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:11091b652f65868606c3d4d3e30a04cea7396f06f119bcd0a4cf664db2aa790e_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:212ceac279067567409c47acf7792e0c4d1955395f045e3b717040321dc1b88f_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:451da4b858587adcef52b5f1c9b7c92985bd7cc7c90f651b9e38825b81b38fb0_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/clair-rhel8@sha256:c5cb9d3d0f970ad36005f2d376547e967e4a89574cca1cf8806bb92d05199d70_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:0a978bbe91e0e0b8bab6862522f8a0aa8e974b778cc36b83f0781081621c8e23_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8b3684c92affc7acadcd5dc8eb80e5727081c7ecf4cc6eeafe5ecc5ea60970bb_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:8d474498354d438fc9deeceb3bc89649f35d4e382e930ee721059bfeaf0f8279_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:ad2119941c2e8db1691a9bfee085425c7203ab00c2cdf0a6441b1102109cfd21_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:cdf96fe7a1ad4c192b4313e804d40d5c656c3f0ced498bae2427e449f0b2df02_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:0c7a94928e8ef89aebdd9b30a47aaf0fe4dfb3a716603362b5c7d52255c4e842_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:1f769259f2b91d47f4d4fbf92414903a62380a358737e7100a1166ccd8c89b85_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:a71b5493009863c4f1e9ae9393ff236dc262d84ee028482ee58840fbfe392c83_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:bd796d2de4d02f63adc767aa22b9a388b3adea40c12b0d8f158ebffabed6fee9_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:00eb13b3cccf326292589a680a964160c58f83391d0036c4ebcb34fad32b6189_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:0ca5a583ca7ff0161ed35deeae94be78adc74100d0343b778f1edf5b77e90925_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:3facbc804376b505181c2f52f0c7a433111bcedcb5699a0fcdffd7e9a2bdfbbe_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-builder-rhel8@sha256:7a338bb18181535a2644bf70cae05042e1ef2af5a80e70a6cab6516e8f054896_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:53c387293b92691eb66ea73b1d29781cf275f01b4254c38e21620c0502987272_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:1b0a31b5f6d1e1493974efb8c7ca5112e6e4d8f0b8e1de8e55b7b8c1184b2293_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:33d0912dbad0b1702fd91abf87e38910d2b983334062044c292a0cb1714187a0_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:7814f04947e8e98d3c4870894e320b12c557976495bdf28a89b55bf061bacf79_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:b2a263d3cbf303d0dffb2c36ee2a4187c29902ce96ca1ded6f33b2edcc68fda9_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-bundle@sha256:1c915a6f813564b9bf8062ea5c6a83097a8dd78a38fda0171fae9cc8d81299c7_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:37039569fe73c3975468ffb8640c42becdd9b5304fb5e54789bf59dc67c52c9b_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:4e2ef7cca978574e1715c24b9874c7a0a1a46a6319884a91fe54df06efe97df1_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:b2e2d245c7ba3d1528e73b59bad428f023eeb17a1983d61edcf6a22db58911cf_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-operator-rhel8@sha256:f960e1816f8babb590a55ccab9f2db1b567df749e73c70067269d32f6200bca6_amd64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:30152d31da209c034ec39b52a32063437097eec9a4fac2eaf4a4110fea97cb70_arm64",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:38f094f62eed92d88eae0e7a9be410ef908bd0194b30240d49087ae76250e0ee_ppc64le",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:4d0a86e557e93eb8e7d70d538f181c2d33176b3537fb8d9e3a1e76a16ee2eed5_s390x",
"Red Hat Quay 3.12:registry.redhat.io/quay/quay-rhel8@sha256:a40309477f7286b6c00381012eec8d3ececb557a4b8db38e5b4ea7f321a17c79_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "authlib: Authlib Denial of Service"
}
]
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.