Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2024-39338 (GCVE-0-2024-39338)
Vulnerability from cvelistv5 – Published: 2024-08-09 00:00 – Updated: 2024-08-15 19:26
VLAI
EPSS
Summary
axios 1.7.2 allows SSRF via unexpected behavior where requests for path relative URLs get processed as protocol relative URLs.
Severity
4 (Medium)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- n/a
- CWE-918 - Server-Side Request Forgery (SSRF)
Assigner
References
2 references
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:axios:axios:*:*:*:*:*:node.js:*:*"
],
"defaultStatus": "unknown",
"product": "axios",
"vendor": "axios",
"versions": [
{
"status": "affected",
"version": "1.7.2"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-39338",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-15T19:24:57.844261Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-918",
"description": "CWE-918 Server-Side Request Forgery (SSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-15T19:26:34.904Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "axios 1.7.2 allows SSRF via unexpected behavior where requests for path relative URLs get processed as protocol relative URLs."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-09T15:00:16.583Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/axios/axios/releases"
},
{
"url": "https://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-39338",
"datePublished": "2024-08-09T00:00:00.000Z",
"dateReserved": "2024-06-23T00:00:00.000Z",
"dateUpdated": "2024-08-15T19:26:34.904Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2024-39338",
"date": "2026-06-03",
"epss": "0.02199",
"percentile": "0.84718"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:axios:axios:*:*:*:*:*:node.js:*:*\", \"versionStartIncluding\": \"1.3.2\", \"versionEndExcluding\": \"1.7.4\", \"matchCriteriaId\": \"0E33FE39-26A6-43B8-ACBC-A4F78BAC7A1B\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"axios 1.7.2 allows SSRF via unexpected behavior where requests for path relative URLs get processed as protocol relative URLs.\"}, {\"lang\": \"es\", \"value\": \"axios 1.7.2 permite SSRF a trav\\u00e9s de un comportamiento inesperado donde las solicitudes de URL relativas a la ruta se procesan como URL relativas al protocolo.\"}]",
"id": "CVE-2024-39338",
"lastModified": "2024-08-23T18:35:36.313",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}, {\"source\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N\", \"baseScore\": 4.0, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.2, \"impactScore\": 1.4}]}",
"published": "2024-08-12T13:38:24.487",
"references": "[{\"url\": \"https://github.com/axios/axios/releases\", \"source\": \"cve@mitre.org\", \"tags\": [\"Release Notes\"]}, {\"url\": \"https://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}]",
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Analyzed",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-918\"}]}, {\"source\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-918\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-39338\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2024-08-12T13:38:24.487\",\"lastModified\":\"2024-08-23T18:35:36.313\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"axios 1.7.2 allows SSRF via unexpected behavior where requests for path relative URLs get processed as protocol relative URLs.\"},{\"lang\":\"es\",\"value\":\"axios 1.7.2 permite SSRF a trav\u00e9s de un comportamiento inesperado donde las solicitudes de URL relativas a la ruta se procesan como URL relativas al protocolo.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N\",\"baseScore\":4.0,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.2,\"impactScore\":1.4}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-918\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-918\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:axios:axios:*:*:*:*:*:node.js:*:*\",\"versionStartIncluding\":\"1.3.2\",\"versionEndExcluding\":\"1.7.4\",\"matchCriteriaId\":\"0E33FE39-26A6-43B8-ACBC-A4F78BAC7A1B\"}]}]}],\"references\":[{\"url\":\"https://github.com/axios/axios/releases\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 4, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"LOW\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-39338\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-08-15T19:24:57.844261Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:axios:axios:*:*:*:*:*:node.js:*:*\"], \"vendor\": \"axios\", \"product\": \"axios\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.7.2\"}], \"defaultStatus\": \"unknown\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-918\", \"description\": \"CWE-918 Server-Side Request Forgery (SSRF)\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-08-12T20:17:16.043Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"references\": [{\"url\": \"https://github.com/axios/axios/releases\"}, {\"url\": \"https://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.html\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"axios 1.7.2 allows SSRF via unexpected behavior where requests for path relative URLs get processed as protocol relative URLs.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2024-08-09T15:00:16.583997\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-39338\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-08-15T19:26:34.904Z\", \"dateReserved\": \"2024-06-23T00:00:00\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2024-08-09T00:00:00\", \"assignerShortName\": \"mitre\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
NCSC-2025-0123
Vulnerability from csaf_ncscnl - Published: 2025-04-16 08:37 - Updated: 2025-04-16 08:37Summary
Kwetsbaarheden verholpen in Oracle Database Producten
Notes
The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:
NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.
NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.
This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings.
Feiten: Oracle heeft kwetsbaarheden verholpen in diverse Oracle Database Producten en subsystemen, zoals Oracle Server, NoSQL, TimesTen, Secure Backup en Essbase.
Interpretaties: De kwetsbaarheden stellen ongeauthenticeerde kwaadwillenden in staat om een Denial-of-Service te veroorzaken of om ongeautoriseerde toegang te verkrijgen tot gevoelige gegevens en gegevens te manipuleren. Subcomponenten als de RDBMS Listener, Java VM, en andere componenten zijn specifiek kwetsbaar, met CVSS-scores variërend van 5.3 tot 7.5, wat duidt op een gematigd tot hoog risico.
Oplossingen: Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.
Kans: medium
Schade: high
CWE-385: Covert Timing Channel
CWE-347: Improper Verification of Cryptographic Signature
CWE-1286: Improper Validation of Syntactic Correctness of Input
CWE-125: Out-of-bounds Read
CWE-404: Improper Resource Shutdown or Release
CWE-400: Uncontrolled Resource Consumption
CWE-502: Deserialization of Untrusted Data
CWE-918: Server-Side Request Forgery (SSRF)
CWE-787: Out-of-bounds Write
CWE-20: Improper Input Validation
CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CWE-44: Path Equivalence: 'file.name' (Internal Dot)
CWE-226: Sensitive Information in Resource Not Removed Before Reuse
CWE-706: Use of Incorrectly-Resolved Name or Reference
CWE-669: Incorrect Resource Transfer Between Spheres
CWE-755: Improper Handling of Exceptional Conditions
CWE-178: Improper Handling of Case Sensitivity
CWE-193: Off-by-one Error
CWE-601: URL Redirection to Untrusted Site ('Open Redirect')
CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
CWE-523: Unprotected Transport of Credentials
CWE-190: Integer Overflow or Wraparound
CWE-614: Sensitive Cookie in HTTPS Session Without 'Secure' Attribute
CWE-285: Improper Authorization
CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE-284: Improper Access Control
CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
CWE-476: NULL Pointer Dereference
CWE-459: Incomplete Cleanup
CWE-94: Improper Control of Generation of Code ('Code Injection')
CWE-770: Allocation of Resources Without Limits or Throttling
CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CWE-674: Uncontrolled Recursion
CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CWE-122: Heap-based Buffer Overflow
CWE-121: Stack-based Buffer Overflow
CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE-269: Improper Privilege Management
CWE-287: Improper Authentication
7.5 (High)
Affected products
Known affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/22.1
Oracle / Oracle / Database Server
|
vers:unknown/22.1 | ||
|
vers:unknown/13.5.0.0
Oracle / Oracle / Enterprise Manager for Oracle Database
|
vers:unknown/13.5.0.0 | ||
|
vers:oracle/>=19.3|<=19.22
Oracle / Oracle Database Server
|
vers:oracle/>=19.3|<=19.22 | ||
|
vers:oracle/>=19.3|<=19.26
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:*:*:*:*:*:*:*
|
vers:oracle/>=19.3|<=19.26 | |
|
vers:oracle/>=21.3|<=21.13
Oracle / Oracle Database Server
|
vers:oracle/>=21.3|<=21.13 | ||
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=21.4|<=21.16
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:*:*:*:*:*:*:*
|
vers:oracle/>=21.4|<=21.16 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/13.5.0.0
Oracle / Oracle Enterprise Manager for Oracle Database
|
vers:oracle/13.5.0.0 | ||
|
vers:oracle/1.5.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*
|
vers:oracle/1.5.0 | |
|
vers:oracle/1.6.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.0:*:*:*:*:*:*:*
|
vers:oracle/1.6.0 | |
|
vers:oracle/1.6.1
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.1:*:*:*:*:*:*:*
|
vers:oracle/1.6.1 | |
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0
Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database
|
cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:*:*:*:*:*:*:*
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0 | |
|
vers:semver/19.3|<=19.26
Oracle Corporation / Oracle Database Server
|
vers:semver/19.3|<=19.26 | ||
|
vers:semver/21.3|<=21.17
Oracle Corporation / Oracle Database Server
|
vers:semver/21.3|<=21.17 | ||
|
vers:semver/23.4|<=23.7
Oracle Corporation / Oracle Database Server
|
vers:semver/23.4|<=23.7 | ||
|
vers:oracle/25.1.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:*:*:*:*:*:*:*
|
vers:oracle/25.1.0 | |
|
vers:oracle/25.2.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:*:*:*:*:*:*:*
|
vers:oracle/25.2.0 | |
|
vers:oracle/>=23.8.0|<=23.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=23.8.0|<=23.11.0 | |
|
vers:oracle/>=24.1.0|<=24.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=24.1.0|<=24.11.0 | |
|
vers:oracle/21.7.1.0.0
Oracle / Oracle Essbase / Oracle Essbase
|
cpe:2.3:a:oracle:essbase:21.7.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.7.1.0.0 | |
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle / GoldenGate
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219 | ||
|
vers:unknown/>=21.3|<=21.17
Oracle / Oracle / GoldenGate
|
vers:unknown/>=21.3|<=21.17 | ||
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10
Oracle / Oracle GoldenGate / GoldenGate Stream Analytics
|
cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10 | |
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219 | |
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18 | |
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0 | |
|
vers:oracle/>=23.4|<=23.6
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.6 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7
Oracle / Oracle GoldenGate Stream Analytics
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7 | ||
|
vers:oracle/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:oracle/23.1 | ||
|
vers:oracle/<23.1
Oracle / Big Data Spatial and Graph
|
vers:oracle/<23.1 | ||
|
vers:unknown/2.0
Oracle / Big Data Spatial and Graph
|
cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:*:*:*:*:*:*:*
|
vers:unknown/2.0 | |
|
vers:unknown/2.0
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/2.0 | ||
|
vers:unknown/20.2
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/20.2 | ||
|
vers:unknown/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/23.1
Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/none
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/none | ||
|
vers:oracle/23.4.3
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.3:*:*:*:*:*:*:*
|
vers:oracle/23.4.3 | |
|
vers:oracle/24.3.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.3.0:*:*:*:*:*:*:*
|
vers:oracle/24.3.0 | |
|
vers:oracle/23.4.4
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.4:*:*:*:*:*:*:*
|
vers:oracle/23.4.4 | |
|
vers:oracle/24.4.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.4.0:*:*:*:*:*:*:*
|
vers:oracle/24.4.0 | |
|
vers:oracle/<=22.4.7
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=22.4.7 | |
|
vers:oracle/<=23.4.2
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=23.4.2 | |
|
vers:oracle/<=24.1.0
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=24.1.0 | |
|
vers:oracle/3.0.6
Oracle / Oracle Big Data Spatial and Graph
|
cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:*:*:*:*:*:*:*
|
vers:oracle/3.0.6 | |
|
vers:oracle/12.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.1 | |
|
vers:oracle/12.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.2 | |
|
vers:oracle/12.1.0.3
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.3:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.3 | |
|
vers:oracle/18.1.0.0
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.0 | |
|
vers:oracle/18.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.1 | |
|
vers:oracle/18.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.2 | |
|
vers:semver/12.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.1 | ||
|
vers:semver/12.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.2 | ||
|
vers:semver/12.1.0.3
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.3 | ||
|
vers:semver/18.1.0.0
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.0 | ||
|
vers:semver/18.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.1 | ||
|
vers:semver/18.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.2 |
9.8 (Critical)
Affected products
Known affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/22.1
Oracle / Oracle / Database Server
|
vers:unknown/22.1 | ||
|
vers:unknown/13.5.0.0
Oracle / Oracle / Enterprise Manager for Oracle Database
|
vers:unknown/13.5.0.0 | ||
|
vers:oracle/>=19.3|<=19.22
Oracle / Oracle Database Server
|
vers:oracle/>=19.3|<=19.22 | ||
|
vers:oracle/>=19.3|<=19.26
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:*:*:*:*:*:*:*
|
vers:oracle/>=19.3|<=19.26 | |
|
vers:oracle/>=21.3|<=21.13
Oracle / Oracle Database Server
|
vers:oracle/>=21.3|<=21.13 | ||
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=21.4|<=21.16
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:*:*:*:*:*:*:*
|
vers:oracle/>=21.4|<=21.16 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/13.5.0.0
Oracle / Oracle Enterprise Manager for Oracle Database
|
vers:oracle/13.5.0.0 | ||
|
vers:oracle/1.5.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*
|
vers:oracle/1.5.0 | |
|
vers:oracle/1.6.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.0:*:*:*:*:*:*:*
|
vers:oracle/1.6.0 | |
|
vers:oracle/1.6.1
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.1:*:*:*:*:*:*:*
|
vers:oracle/1.6.1 | |
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0
Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database
|
cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:*:*:*:*:*:*:*
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0 | |
|
vers:semver/19.3|<=19.26
Oracle Corporation / Oracle Database Server
|
vers:semver/19.3|<=19.26 | ||
|
vers:semver/21.3|<=21.17
Oracle Corporation / Oracle Database Server
|
vers:semver/21.3|<=21.17 | ||
|
vers:semver/23.4|<=23.7
Oracle Corporation / Oracle Database Server
|
vers:semver/23.4|<=23.7 | ||
|
vers:oracle/25.1.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:*:*:*:*:*:*:*
|
vers:oracle/25.1.0 | |
|
vers:oracle/25.2.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:*:*:*:*:*:*:*
|
vers:oracle/25.2.0 | |
|
vers:oracle/>=23.8.0|<=23.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=23.8.0|<=23.11.0 | |
|
vers:oracle/>=24.1.0|<=24.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=24.1.0|<=24.11.0 | |
|
vers:oracle/21.7.1.0.0
Oracle / Oracle Essbase / Oracle Essbase
|
cpe:2.3:a:oracle:essbase:21.7.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.7.1.0.0 | |
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle / GoldenGate
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219 | ||
|
vers:unknown/>=21.3|<=21.17
Oracle / Oracle / GoldenGate
|
vers:unknown/>=21.3|<=21.17 | ||
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10
Oracle / Oracle GoldenGate / GoldenGate Stream Analytics
|
cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10 | |
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219 | |
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18 | |
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0 | |
|
vers:oracle/>=23.4|<=23.6
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.6 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7
Oracle / Oracle GoldenGate Stream Analytics
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7 | ||
|
vers:oracle/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:oracle/23.1 | ||
|
vers:oracle/<23.1
Oracle / Big Data Spatial and Graph
|
vers:oracle/<23.1 | ||
|
vers:unknown/2.0
Oracle / Big Data Spatial and Graph
|
cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:*:*:*:*:*:*:*
|
vers:unknown/2.0 | |
|
vers:unknown/2.0
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/2.0 | ||
|
vers:unknown/20.2
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/20.2 | ||
|
vers:unknown/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/23.1
Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/none
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/none | ||
|
vers:oracle/23.4.3
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.3:*:*:*:*:*:*:*
|
vers:oracle/23.4.3 | |
|
vers:oracle/24.3.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.3.0:*:*:*:*:*:*:*
|
vers:oracle/24.3.0 | |
|
vers:oracle/23.4.4
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.4:*:*:*:*:*:*:*
|
vers:oracle/23.4.4 | |
|
vers:oracle/24.4.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.4.0:*:*:*:*:*:*:*
|
vers:oracle/24.4.0 | |
|
vers:oracle/<=22.4.7
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=22.4.7 | |
|
vers:oracle/<=23.4.2
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=23.4.2 | |
|
vers:oracle/<=24.1.0
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=24.1.0 | |
|
vers:oracle/3.0.6
Oracle / Oracle Big Data Spatial and Graph
|
cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:*:*:*:*:*:*:*
|
vers:oracle/3.0.6 | |
|
vers:oracle/12.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.1 | |
|
vers:oracle/12.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.2 | |
|
vers:oracle/12.1.0.3
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.3:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.3 | |
|
vers:oracle/18.1.0.0
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.0 | |
|
vers:oracle/18.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.1 | |
|
vers:oracle/18.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.2 | |
|
vers:semver/12.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.1 | ||
|
vers:semver/12.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.2 | ||
|
vers:semver/12.1.0.3
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.3 | ||
|
vers:semver/18.1.0.0
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.0 | ||
|
vers:semver/18.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.1 | ||
|
vers:semver/18.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.2 |
7.5 (High)
Affected products
Known affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/22.1
Oracle / Oracle / Database Server
|
vers:unknown/22.1 | ||
|
vers:unknown/13.5.0.0
Oracle / Oracle / Enterprise Manager for Oracle Database
|
vers:unknown/13.5.0.0 | ||
|
vers:oracle/>=19.3|<=19.22
Oracle / Oracle Database Server
|
vers:oracle/>=19.3|<=19.22 | ||
|
vers:oracle/>=19.3|<=19.26
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:*:*:*:*:*:*:*
|
vers:oracle/>=19.3|<=19.26 | |
|
vers:oracle/>=21.3|<=21.13
Oracle / Oracle Database Server
|
vers:oracle/>=21.3|<=21.13 | ||
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=21.4|<=21.16
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:*:*:*:*:*:*:*
|
vers:oracle/>=21.4|<=21.16 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/13.5.0.0
Oracle / Oracle Enterprise Manager for Oracle Database
|
vers:oracle/13.5.0.0 | ||
|
vers:oracle/1.5.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*
|
vers:oracle/1.5.0 | |
|
vers:oracle/1.6.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.0:*:*:*:*:*:*:*
|
vers:oracle/1.6.0 | |
|
vers:oracle/1.6.1
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.1:*:*:*:*:*:*:*
|
vers:oracle/1.6.1 | |
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0
Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database
|
cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:*:*:*:*:*:*:*
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0 | |
|
vers:semver/19.3|<=19.26
Oracle Corporation / Oracle Database Server
|
vers:semver/19.3|<=19.26 | ||
|
vers:semver/21.3|<=21.17
Oracle Corporation / Oracle Database Server
|
vers:semver/21.3|<=21.17 | ||
|
vers:semver/23.4|<=23.7
Oracle Corporation / Oracle Database Server
|
vers:semver/23.4|<=23.7 | ||
|
vers:oracle/25.1.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:*:*:*:*:*:*:*
|
vers:oracle/25.1.0 | |
|
vers:oracle/25.2.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:*:*:*:*:*:*:*
|
vers:oracle/25.2.0 | |
|
vers:oracle/>=23.8.0|<=23.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=23.8.0|<=23.11.0 | |
|
vers:oracle/>=24.1.0|<=24.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=24.1.0|<=24.11.0 | |
|
vers:oracle/21.7.1.0.0
Oracle / Oracle Essbase / Oracle Essbase
|
cpe:2.3:a:oracle:essbase:21.7.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.7.1.0.0 | |
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle / GoldenGate
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219 | ||
|
vers:unknown/>=21.3|<=21.17
Oracle / Oracle / GoldenGate
|
vers:unknown/>=21.3|<=21.17 | ||
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10
Oracle / Oracle GoldenGate / GoldenGate Stream Analytics
|
cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10 | |
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219 | |
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18 | |
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0 | |
|
vers:oracle/>=23.4|<=23.6
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.6 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7
Oracle / Oracle GoldenGate Stream Analytics
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7 | ||
|
vers:oracle/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:oracle/23.1 | ||
|
vers:oracle/<23.1
Oracle / Big Data Spatial and Graph
|
vers:oracle/<23.1 | ||
|
vers:unknown/2.0
Oracle / Big Data Spatial and Graph
|
cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:*:*:*:*:*:*:*
|
vers:unknown/2.0 | |
|
vers:unknown/2.0
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/2.0 | ||
|
vers:unknown/20.2
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/20.2 | ||
|
vers:unknown/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/23.1
Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/none
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/none | ||
|
vers:oracle/23.4.3
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.3:*:*:*:*:*:*:*
|
vers:oracle/23.4.3 | |
|
vers:oracle/24.3.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.3.0:*:*:*:*:*:*:*
|
vers:oracle/24.3.0 | |
|
vers:oracle/23.4.4
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.4:*:*:*:*:*:*:*
|
vers:oracle/23.4.4 | |
|
vers:oracle/24.4.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.4.0:*:*:*:*:*:*:*
|
vers:oracle/24.4.0 | |
|
vers:oracle/<=22.4.7
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=22.4.7 | |
|
vers:oracle/<=23.4.2
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=23.4.2 | |
|
vers:oracle/<=24.1.0
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=24.1.0 | |
|
vers:oracle/3.0.6
Oracle / Oracle Big Data Spatial and Graph
|
cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:*:*:*:*:*:*:*
|
vers:oracle/3.0.6 | |
|
vers:oracle/12.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.1 | |
|
vers:oracle/12.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.2 | |
|
vers:oracle/12.1.0.3
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.3:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.3 | |
|
vers:oracle/18.1.0.0
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.0 | |
|
vers:oracle/18.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.1 | |
|
vers:oracle/18.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.2 | |
|
vers:semver/12.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.1 | ||
|
vers:semver/12.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.2 | ||
|
vers:semver/12.1.0.3
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.3 | ||
|
vers:semver/18.1.0.0
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.0 | ||
|
vers:semver/18.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.1 | ||
|
vers:semver/18.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.2 |
CWE-400
- Uncontrolled Resource Consumption
Affected products
Known affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/22.1
Oracle / Oracle / Database Server
|
vers:unknown/22.1 | ||
|
vers:unknown/13.5.0.0
Oracle / Oracle / Enterprise Manager for Oracle Database
|
vers:unknown/13.5.0.0 | ||
|
vers:oracle/>=19.3|<=19.22
Oracle / Oracle Database Server
|
vers:oracle/>=19.3|<=19.22 | ||
|
vers:oracle/>=19.3|<=19.26
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:*:*:*:*:*:*:*
|
vers:oracle/>=19.3|<=19.26 | |
|
vers:oracle/>=21.3|<=21.13
Oracle / Oracle Database Server
|
vers:oracle/>=21.3|<=21.13 | ||
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=21.4|<=21.16
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:*:*:*:*:*:*:*
|
vers:oracle/>=21.4|<=21.16 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/13.5.0.0
Oracle / Oracle Enterprise Manager for Oracle Database
|
vers:oracle/13.5.0.0 | ||
|
vers:oracle/1.5.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*
|
vers:oracle/1.5.0 | |
|
vers:oracle/1.6.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.0:*:*:*:*:*:*:*
|
vers:oracle/1.6.0 | |
|
vers:oracle/1.6.1
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.1:*:*:*:*:*:*:*
|
vers:oracle/1.6.1 | |
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0
Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database
|
cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:*:*:*:*:*:*:*
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0 | |
|
vers:semver/19.3|<=19.26
Oracle Corporation / Oracle Database Server
|
vers:semver/19.3|<=19.26 | ||
|
vers:semver/21.3|<=21.17
Oracle Corporation / Oracle Database Server
|
vers:semver/21.3|<=21.17 | ||
|
vers:semver/23.4|<=23.7
Oracle Corporation / Oracle Database Server
|
vers:semver/23.4|<=23.7 | ||
|
vers:oracle/25.1.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:*:*:*:*:*:*:*
|
vers:oracle/25.1.0 | |
|
vers:oracle/25.2.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:*:*:*:*:*:*:*
|
vers:oracle/25.2.0 | |
|
vers:oracle/>=23.8.0|<=23.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=23.8.0|<=23.11.0 | |
|
vers:oracle/>=24.1.0|<=24.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=24.1.0|<=24.11.0 | |
|
vers:oracle/21.7.1.0.0
Oracle / Oracle Essbase / Oracle Essbase
|
cpe:2.3:a:oracle:essbase:21.7.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.7.1.0.0 | |
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle / GoldenGate
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219 | ||
|
vers:unknown/>=21.3|<=21.17
Oracle / Oracle / GoldenGate
|
vers:unknown/>=21.3|<=21.17 | ||
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10
Oracle / Oracle GoldenGate / GoldenGate Stream Analytics
|
cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10 | |
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219 | |
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18 | |
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0 | |
|
vers:oracle/>=23.4|<=23.6
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.6 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7
Oracle / Oracle GoldenGate Stream Analytics
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7 | ||
|
vers:oracle/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:oracle/23.1 | ||
|
vers:oracle/<23.1
Oracle / Big Data Spatial and Graph
|
vers:oracle/<23.1 | ||
|
vers:unknown/2.0
Oracle / Big Data Spatial and Graph
|
cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:*:*:*:*:*:*:*
|
vers:unknown/2.0 | |
|
vers:unknown/2.0
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/2.0 | ||
|
vers:unknown/20.2
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/20.2 | ||
|
vers:unknown/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/23.1
Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/none
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/none | ||
|
vers:oracle/23.4.3
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.3:*:*:*:*:*:*:*
|
vers:oracle/23.4.3 | |
|
vers:oracle/24.3.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.3.0:*:*:*:*:*:*:*
|
vers:oracle/24.3.0 | |
|
vers:oracle/23.4.4
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.4:*:*:*:*:*:*:*
|
vers:oracle/23.4.4 | |
|
vers:oracle/24.4.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.4.0:*:*:*:*:*:*:*
|
vers:oracle/24.4.0 | |
|
vers:oracle/<=22.4.7
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=22.4.7 | |
|
vers:oracle/<=23.4.2
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=23.4.2 | |
|
vers:oracle/<=24.1.0
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=24.1.0 | |
|
vers:oracle/3.0.6
Oracle / Oracle Big Data Spatial and Graph
|
cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:*:*:*:*:*:*:*
|
vers:oracle/3.0.6 | |
|
vers:oracle/12.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.1 | |
|
vers:oracle/12.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.2 | |
|
vers:oracle/12.1.0.3
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.3:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.3 | |
|
vers:oracle/18.1.0.0
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.0 | |
|
vers:oracle/18.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.1 | |
|
vers:oracle/18.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.2 | |
|
vers:semver/12.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.1 | ||
|
vers:semver/12.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.2 | ||
|
vers:semver/12.1.0.3
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.3 | ||
|
vers:semver/18.1.0.0
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.0 | ||
|
vers:semver/18.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.1 | ||
|
vers:semver/18.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.2 |
CWE-400
- Uncontrolled Resource Consumption
Affected products
Known affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/22.1
Oracle / Oracle / Database Server
|
vers:unknown/22.1 | ||
|
vers:unknown/13.5.0.0
Oracle / Oracle / Enterprise Manager for Oracle Database
|
vers:unknown/13.5.0.0 | ||
|
vers:oracle/>=19.3|<=19.22
Oracle / Oracle Database Server
|
vers:oracle/>=19.3|<=19.22 | ||
|
vers:oracle/>=19.3|<=19.26
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:*:*:*:*:*:*:*
|
vers:oracle/>=19.3|<=19.26 | |
|
vers:oracle/>=21.3|<=21.13
Oracle / Oracle Database Server
|
vers:oracle/>=21.3|<=21.13 | ||
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=21.4|<=21.16
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:*:*:*:*:*:*:*
|
vers:oracle/>=21.4|<=21.16 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/13.5.0.0
Oracle / Oracle Enterprise Manager for Oracle Database
|
vers:oracle/13.5.0.0 | ||
|
vers:oracle/1.5.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*
|
vers:oracle/1.5.0 | |
|
vers:oracle/1.6.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.0:*:*:*:*:*:*:*
|
vers:oracle/1.6.0 | |
|
vers:oracle/1.6.1
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.1:*:*:*:*:*:*:*
|
vers:oracle/1.6.1 | |
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0
Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database
|
cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:*:*:*:*:*:*:*
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0 | |
|
vers:semver/19.3|<=19.26
Oracle Corporation / Oracle Database Server
|
vers:semver/19.3|<=19.26 | ||
|
vers:semver/21.3|<=21.17
Oracle Corporation / Oracle Database Server
|
vers:semver/21.3|<=21.17 | ||
|
vers:semver/23.4|<=23.7
Oracle Corporation / Oracle Database Server
|
vers:semver/23.4|<=23.7 | ||
|
vers:oracle/25.1.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:*:*:*:*:*:*:*
|
vers:oracle/25.1.0 | |
|
vers:oracle/25.2.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:*:*:*:*:*:*:*
|
vers:oracle/25.2.0 | |
|
vers:oracle/>=23.8.0|<=23.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=23.8.0|<=23.11.0 | |
|
vers:oracle/>=24.1.0|<=24.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=24.1.0|<=24.11.0 | |
|
vers:oracle/21.7.1.0.0
Oracle / Oracle Essbase / Oracle Essbase
|
cpe:2.3:a:oracle:essbase:21.7.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.7.1.0.0 | |
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle / GoldenGate
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219 | ||
|
vers:unknown/>=21.3|<=21.17
Oracle / Oracle / GoldenGate
|
vers:unknown/>=21.3|<=21.17 | ||
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10
Oracle / Oracle GoldenGate / GoldenGate Stream Analytics
|
cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10 | |
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219 | |
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18 | |
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0 | |
|
vers:oracle/>=23.4|<=23.6
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.6 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7
Oracle / Oracle GoldenGate Stream Analytics
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7 | ||
|
vers:oracle/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:oracle/23.1 | ||
|
vers:oracle/<23.1
Oracle / Big Data Spatial and Graph
|
vers:oracle/<23.1 | ||
|
vers:unknown/2.0
Oracle / Big Data Spatial and Graph
|
cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:*:*:*:*:*:*:*
|
vers:unknown/2.0 | |
|
vers:unknown/2.0
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/2.0 | ||
|
vers:unknown/20.2
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/20.2 | ||
|
vers:unknown/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/23.1
Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/none
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/none | ||
|
vers:oracle/23.4.3
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.3:*:*:*:*:*:*:*
|
vers:oracle/23.4.3 | |
|
vers:oracle/24.3.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.3.0:*:*:*:*:*:*:*
|
vers:oracle/24.3.0 | |
|
vers:oracle/23.4.4
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.4:*:*:*:*:*:*:*
|
vers:oracle/23.4.4 | |
|
vers:oracle/24.4.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.4.0:*:*:*:*:*:*:*
|
vers:oracle/24.4.0 | |
|
vers:oracle/<=22.4.7
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=22.4.7 | |
|
vers:oracle/<=23.4.2
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=23.4.2 | |
|
vers:oracle/<=24.1.0
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=24.1.0 | |
|
vers:oracle/3.0.6
Oracle / Oracle Big Data Spatial and Graph
|
cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:*:*:*:*:*:*:*
|
vers:oracle/3.0.6 | |
|
vers:oracle/12.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.1 | |
|
vers:oracle/12.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.2 | |
|
vers:oracle/12.1.0.3
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.3:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.3 | |
|
vers:oracle/18.1.0.0
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.0 | |
|
vers:oracle/18.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.1 | |
|
vers:oracle/18.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.2 | |
|
vers:semver/12.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.1 | ||
|
vers:semver/12.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.2 | ||
|
vers:semver/12.1.0.3
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.3 | ||
|
vers:semver/18.1.0.0
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.0 | ||
|
vers:semver/18.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.1 | ||
|
vers:semver/18.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.2 |
7.5 (High)
Affected products
Known affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/22.1
Oracle / Oracle / Database Server
|
vers:unknown/22.1 | ||
|
vers:unknown/13.5.0.0
Oracle / Oracle / Enterprise Manager for Oracle Database
|
vers:unknown/13.5.0.0 | ||
|
vers:oracle/>=19.3|<=19.22
Oracle / Oracle Database Server
|
vers:oracle/>=19.3|<=19.22 | ||
|
vers:oracle/>=19.3|<=19.26
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:*:*:*:*:*:*:*
|
vers:oracle/>=19.3|<=19.26 | |
|
vers:oracle/>=21.3|<=21.13
Oracle / Oracle Database Server
|
vers:oracle/>=21.3|<=21.13 | ||
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=21.4|<=21.16
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:*:*:*:*:*:*:*
|
vers:oracle/>=21.4|<=21.16 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/13.5.0.0
Oracle / Oracle Enterprise Manager for Oracle Database
|
vers:oracle/13.5.0.0 | ||
|
vers:oracle/1.5.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*
|
vers:oracle/1.5.0 | |
|
vers:oracle/1.6.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.0:*:*:*:*:*:*:*
|
vers:oracle/1.6.0 | |
|
vers:oracle/1.6.1
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.1:*:*:*:*:*:*:*
|
vers:oracle/1.6.1 | |
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0
Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database
|
cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:*:*:*:*:*:*:*
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0 | |
|
vers:semver/19.3|<=19.26
Oracle Corporation / Oracle Database Server
|
vers:semver/19.3|<=19.26 | ||
|
vers:semver/21.3|<=21.17
Oracle Corporation / Oracle Database Server
|
vers:semver/21.3|<=21.17 | ||
|
vers:semver/23.4|<=23.7
Oracle Corporation / Oracle Database Server
|
vers:semver/23.4|<=23.7 | ||
|
vers:oracle/25.1.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:*:*:*:*:*:*:*
|
vers:oracle/25.1.0 | |
|
vers:oracle/25.2.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:*:*:*:*:*:*:*
|
vers:oracle/25.2.0 | |
|
vers:oracle/>=23.8.0|<=23.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=23.8.0|<=23.11.0 | |
|
vers:oracle/>=24.1.0|<=24.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=24.1.0|<=24.11.0 | |
|
vers:oracle/21.7.1.0.0
Oracle / Oracle Essbase / Oracle Essbase
|
cpe:2.3:a:oracle:essbase:21.7.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.7.1.0.0 | |
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle / GoldenGate
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219 | ||
|
vers:unknown/>=21.3|<=21.17
Oracle / Oracle / GoldenGate
|
vers:unknown/>=21.3|<=21.17 | ||
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10
Oracle / Oracle GoldenGate / GoldenGate Stream Analytics
|
cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10 | |
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219 | |
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18 | |
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0 | |
|
vers:oracle/>=23.4|<=23.6
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.6 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7
Oracle / Oracle GoldenGate Stream Analytics
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7 | ||
|
vers:oracle/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:oracle/23.1 | ||
|
vers:oracle/<23.1
Oracle / Big Data Spatial and Graph
|
vers:oracle/<23.1 | ||
|
vers:unknown/2.0
Oracle / Big Data Spatial and Graph
|
cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:*:*:*:*:*:*:*
|
vers:unknown/2.0 | |
|
vers:unknown/2.0
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/2.0 | ||
|
vers:unknown/20.2
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/20.2 | ||
|
vers:unknown/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/23.1
Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/none
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/none | ||
|
vers:oracle/23.4.3
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.3:*:*:*:*:*:*:*
|
vers:oracle/23.4.3 | |
|
vers:oracle/24.3.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.3.0:*:*:*:*:*:*:*
|
vers:oracle/24.3.0 | |
|
vers:oracle/23.4.4
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.4:*:*:*:*:*:*:*
|
vers:oracle/23.4.4 | |
|
vers:oracle/24.4.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.4.0:*:*:*:*:*:*:*
|
vers:oracle/24.4.0 | |
|
vers:oracle/<=22.4.7
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=22.4.7 | |
|
vers:oracle/<=23.4.2
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=23.4.2 | |
|
vers:oracle/<=24.1.0
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=24.1.0 | |
|
vers:oracle/3.0.6
Oracle / Oracle Big Data Spatial and Graph
|
cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:*:*:*:*:*:*:*
|
vers:oracle/3.0.6 | |
|
vers:oracle/12.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.1 | |
|
vers:oracle/12.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.2 | |
|
vers:oracle/12.1.0.3
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.3:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.3 | |
|
vers:oracle/18.1.0.0
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.0 | |
|
vers:oracle/18.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.1 | |
|
vers:oracle/18.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.2 | |
|
vers:semver/12.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.1 | ||
|
vers:semver/12.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.2 | ||
|
vers:semver/12.1.0.3
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.3 | ||
|
vers:semver/18.1.0.0
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.0 | ||
|
vers:semver/18.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.1 | ||
|
vers:semver/18.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.2 |
4.3 (Medium)
Affected products
Known affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/22.1
Oracle / Oracle / Database Server
|
vers:unknown/22.1 | ||
|
vers:unknown/13.5.0.0
Oracle / Oracle / Enterprise Manager for Oracle Database
|
vers:unknown/13.5.0.0 | ||
|
vers:oracle/>=19.3|<=19.22
Oracle / Oracle Database Server
|
vers:oracle/>=19.3|<=19.22 | ||
|
vers:oracle/>=19.3|<=19.26
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:*:*:*:*:*:*:*
|
vers:oracle/>=19.3|<=19.26 | |
|
vers:oracle/>=21.3|<=21.13
Oracle / Oracle Database Server
|
vers:oracle/>=21.3|<=21.13 | ||
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=21.4|<=21.16
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:*:*:*:*:*:*:*
|
vers:oracle/>=21.4|<=21.16 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/13.5.0.0
Oracle / Oracle Enterprise Manager for Oracle Database
|
vers:oracle/13.5.0.0 | ||
|
vers:oracle/1.5.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*
|
vers:oracle/1.5.0 | |
|
vers:oracle/1.6.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.0:*:*:*:*:*:*:*
|
vers:oracle/1.6.0 | |
|
vers:oracle/1.6.1
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.1:*:*:*:*:*:*:*
|
vers:oracle/1.6.1 | |
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0
Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database
|
cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:*:*:*:*:*:*:*
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0 | |
|
vers:semver/19.3|<=19.26
Oracle Corporation / Oracle Database Server
|
vers:semver/19.3|<=19.26 | ||
|
vers:semver/21.3|<=21.17
Oracle Corporation / Oracle Database Server
|
vers:semver/21.3|<=21.17 | ||
|
vers:semver/23.4|<=23.7
Oracle Corporation / Oracle Database Server
|
vers:semver/23.4|<=23.7 | ||
|
vers:oracle/25.1.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:*:*:*:*:*:*:*
|
vers:oracle/25.1.0 | |
|
vers:oracle/25.2.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:*:*:*:*:*:*:*
|
vers:oracle/25.2.0 | |
|
vers:oracle/>=23.8.0|<=23.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=23.8.0|<=23.11.0 | |
|
vers:oracle/>=24.1.0|<=24.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=24.1.0|<=24.11.0 | |
|
vers:oracle/21.7.1.0.0
Oracle / Oracle Essbase / Oracle Essbase
|
cpe:2.3:a:oracle:essbase:21.7.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.7.1.0.0 | |
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle / GoldenGate
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219 | ||
|
vers:unknown/>=21.3|<=21.17
Oracle / Oracle / GoldenGate
|
vers:unknown/>=21.3|<=21.17 | ||
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10
Oracle / Oracle GoldenGate / GoldenGate Stream Analytics
|
cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10 | |
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219 | |
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18 | |
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0 | |
|
vers:oracle/>=23.4|<=23.6
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.6 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7
Oracle / Oracle GoldenGate Stream Analytics
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7 | ||
|
vers:oracle/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:oracle/23.1 | ||
|
vers:oracle/<23.1
Oracle / Big Data Spatial and Graph
|
vers:oracle/<23.1 | ||
|
vers:unknown/2.0
Oracle / Big Data Spatial and Graph
|
cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:*:*:*:*:*:*:*
|
vers:unknown/2.0 | |
|
vers:unknown/2.0
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/2.0 | ||
|
vers:unknown/20.2
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/20.2 | ||
|
vers:unknown/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/23.1
Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/none
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/none | ||
|
vers:oracle/23.4.3
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.3:*:*:*:*:*:*:*
|
vers:oracle/23.4.3 | |
|
vers:oracle/24.3.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.3.0:*:*:*:*:*:*:*
|
vers:oracle/24.3.0 | |
|
vers:oracle/23.4.4
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.4:*:*:*:*:*:*:*
|
vers:oracle/23.4.4 | |
|
vers:oracle/24.4.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.4.0:*:*:*:*:*:*:*
|
vers:oracle/24.4.0 | |
|
vers:oracle/<=22.4.7
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=22.4.7 | |
|
vers:oracle/<=23.4.2
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=23.4.2 | |
|
vers:oracle/<=24.1.0
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=24.1.0 | |
|
vers:oracle/3.0.6
Oracle / Oracle Big Data Spatial and Graph
|
cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:*:*:*:*:*:*:*
|
vers:oracle/3.0.6 | |
|
vers:oracle/12.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.1 | |
|
vers:oracle/12.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.2 | |
|
vers:oracle/12.1.0.3
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.3:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.3 | |
|
vers:oracle/18.1.0.0
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.0 | |
|
vers:oracle/18.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.1 | |
|
vers:oracle/18.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.2 | |
|
vers:semver/12.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.1 | ||
|
vers:semver/12.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.2 | ||
|
vers:semver/12.1.0.3
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.3 | ||
|
vers:semver/18.1.0.0
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.0 | ||
|
vers:semver/18.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.1 | ||
|
vers:semver/18.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.2 |
7.5 (High)
Affected products
Known affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/22.1
Oracle / Oracle / Database Server
|
vers:unknown/22.1 | ||
|
vers:unknown/13.5.0.0
Oracle / Oracle / Enterprise Manager for Oracle Database
|
vers:unknown/13.5.0.0 | ||
|
vers:oracle/>=19.3|<=19.22
Oracle / Oracle Database Server
|
vers:oracle/>=19.3|<=19.22 | ||
|
vers:oracle/>=19.3|<=19.26
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:*:*:*:*:*:*:*
|
vers:oracle/>=19.3|<=19.26 | |
|
vers:oracle/>=21.3|<=21.13
Oracle / Oracle Database Server
|
vers:oracle/>=21.3|<=21.13 | ||
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=21.4|<=21.16
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:*:*:*:*:*:*:*
|
vers:oracle/>=21.4|<=21.16 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/13.5.0.0
Oracle / Oracle Enterprise Manager for Oracle Database
|
vers:oracle/13.5.0.0 | ||
|
vers:oracle/1.5.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*
|
vers:oracle/1.5.0 | |
|
vers:oracle/1.6.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.0:*:*:*:*:*:*:*
|
vers:oracle/1.6.0 | |
|
vers:oracle/1.6.1
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.1:*:*:*:*:*:*:*
|
vers:oracle/1.6.1 | |
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0
Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database
|
cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:*:*:*:*:*:*:*
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0 | |
|
vers:semver/19.3|<=19.26
Oracle Corporation / Oracle Database Server
|
vers:semver/19.3|<=19.26 | ||
|
vers:semver/21.3|<=21.17
Oracle Corporation / Oracle Database Server
|
vers:semver/21.3|<=21.17 | ||
|
vers:semver/23.4|<=23.7
Oracle Corporation / Oracle Database Server
|
vers:semver/23.4|<=23.7 | ||
|
vers:oracle/25.1.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:*:*:*:*:*:*:*
|
vers:oracle/25.1.0 | |
|
vers:oracle/25.2.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:*:*:*:*:*:*:*
|
vers:oracle/25.2.0 | |
|
vers:oracle/>=23.8.0|<=23.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=23.8.0|<=23.11.0 | |
|
vers:oracle/>=24.1.0|<=24.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=24.1.0|<=24.11.0 | |
|
vers:oracle/21.7.1.0.0
Oracle / Oracle Essbase / Oracle Essbase
|
cpe:2.3:a:oracle:essbase:21.7.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.7.1.0.0 | |
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle / GoldenGate
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219 | ||
|
vers:unknown/>=21.3|<=21.17
Oracle / Oracle / GoldenGate
|
vers:unknown/>=21.3|<=21.17 | ||
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10
Oracle / Oracle GoldenGate / GoldenGate Stream Analytics
|
cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10 | |
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219 | |
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18 | |
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0 | |
|
vers:oracle/>=23.4|<=23.6
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.6 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7
Oracle / Oracle GoldenGate Stream Analytics
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7 | ||
|
vers:oracle/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:oracle/23.1 | ||
|
vers:oracle/<23.1
Oracle / Big Data Spatial and Graph
|
vers:oracle/<23.1 | ||
|
vers:unknown/2.0
Oracle / Big Data Spatial and Graph
|
cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:*:*:*:*:*:*:*
|
vers:unknown/2.0 | |
|
vers:unknown/2.0
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/2.0 | ||
|
vers:unknown/20.2
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/20.2 | ||
|
vers:unknown/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/23.1
Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/none
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/none | ||
|
vers:oracle/23.4.3
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.3:*:*:*:*:*:*:*
|
vers:oracle/23.4.3 | |
|
vers:oracle/24.3.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.3.0:*:*:*:*:*:*:*
|
vers:oracle/24.3.0 | |
|
vers:oracle/23.4.4
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.4:*:*:*:*:*:*:*
|
vers:oracle/23.4.4 | |
|
vers:oracle/24.4.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.4.0:*:*:*:*:*:*:*
|
vers:oracle/24.4.0 | |
|
vers:oracle/<=22.4.7
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=22.4.7 | |
|
vers:oracle/<=23.4.2
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=23.4.2 | |
|
vers:oracle/<=24.1.0
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=24.1.0 | |
|
vers:oracle/3.0.6
Oracle / Oracle Big Data Spatial and Graph
|
cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:*:*:*:*:*:*:*
|
vers:oracle/3.0.6 | |
|
vers:oracle/12.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.1 | |
|
vers:oracle/12.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.2 | |
|
vers:oracle/12.1.0.3
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.3:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.3 | |
|
vers:oracle/18.1.0.0
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.0 | |
|
vers:oracle/18.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.1 | |
|
vers:oracle/18.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.2 | |
|
vers:semver/12.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.1 | ||
|
vers:semver/12.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.2 | ||
|
vers:semver/12.1.0.3
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.3 | ||
|
vers:semver/18.1.0.0
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.0 | ||
|
vers:semver/18.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.1 | ||
|
vers:semver/18.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.2 |
7.5 (High)
Affected products
Known affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/22.1
Oracle / Oracle / Database Server
|
vers:unknown/22.1 | ||
|
vers:unknown/13.5.0.0
Oracle / Oracle / Enterprise Manager for Oracle Database
|
vers:unknown/13.5.0.0 | ||
|
vers:oracle/>=19.3|<=19.22
Oracle / Oracle Database Server
|
vers:oracle/>=19.3|<=19.22 | ||
|
vers:oracle/>=19.3|<=19.26
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:*:*:*:*:*:*:*
|
vers:oracle/>=19.3|<=19.26 | |
|
vers:oracle/>=21.3|<=21.13
Oracle / Oracle Database Server
|
vers:oracle/>=21.3|<=21.13 | ||
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=21.4|<=21.16
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:*:*:*:*:*:*:*
|
vers:oracle/>=21.4|<=21.16 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/13.5.0.0
Oracle / Oracle Enterprise Manager for Oracle Database
|
vers:oracle/13.5.0.0 | ||
|
vers:oracle/1.5.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*
|
vers:oracle/1.5.0 | |
|
vers:oracle/1.6.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.0:*:*:*:*:*:*:*
|
vers:oracle/1.6.0 | |
|
vers:oracle/1.6.1
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.1:*:*:*:*:*:*:*
|
vers:oracle/1.6.1 | |
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0
Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database
|
cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:*:*:*:*:*:*:*
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0 | |
|
vers:semver/19.3|<=19.26
Oracle Corporation / Oracle Database Server
|
vers:semver/19.3|<=19.26 | ||
|
vers:semver/21.3|<=21.17
Oracle Corporation / Oracle Database Server
|
vers:semver/21.3|<=21.17 | ||
|
vers:semver/23.4|<=23.7
Oracle Corporation / Oracle Database Server
|
vers:semver/23.4|<=23.7 | ||
|
vers:oracle/25.1.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:*:*:*:*:*:*:*
|
vers:oracle/25.1.0 | |
|
vers:oracle/25.2.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:*:*:*:*:*:*:*
|
vers:oracle/25.2.0 | |
|
vers:oracle/>=23.8.0|<=23.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=23.8.0|<=23.11.0 | |
|
vers:oracle/>=24.1.0|<=24.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=24.1.0|<=24.11.0 | |
|
vers:oracle/21.7.1.0.0
Oracle / Oracle Essbase / Oracle Essbase
|
cpe:2.3:a:oracle:essbase:21.7.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.7.1.0.0 | |
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle / GoldenGate
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219 | ||
|
vers:unknown/>=21.3|<=21.17
Oracle / Oracle / GoldenGate
|
vers:unknown/>=21.3|<=21.17 | ||
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10
Oracle / Oracle GoldenGate / GoldenGate Stream Analytics
|
cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10 | |
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219 | |
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18 | |
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0 | |
|
vers:oracle/>=23.4|<=23.6
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.6 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7
Oracle / Oracle GoldenGate Stream Analytics
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7 | ||
|
vers:oracle/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:oracle/23.1 | ||
|
vers:oracle/<23.1
Oracle / Big Data Spatial and Graph
|
vers:oracle/<23.1 | ||
|
vers:unknown/2.0
Oracle / Big Data Spatial and Graph
|
cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:*:*:*:*:*:*:*
|
vers:unknown/2.0 | |
|
vers:unknown/2.0
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/2.0 | ||
|
vers:unknown/20.2
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/20.2 | ||
|
vers:unknown/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/23.1
Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/none
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/none | ||
|
vers:oracle/23.4.3
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.3:*:*:*:*:*:*:*
|
vers:oracle/23.4.3 | |
|
vers:oracle/24.3.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.3.0:*:*:*:*:*:*:*
|
vers:oracle/24.3.0 | |
|
vers:oracle/23.4.4
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.4:*:*:*:*:*:*:*
|
vers:oracle/23.4.4 | |
|
vers:oracle/24.4.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.4.0:*:*:*:*:*:*:*
|
vers:oracle/24.4.0 | |
|
vers:oracle/<=22.4.7
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=22.4.7 | |
|
vers:oracle/<=23.4.2
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=23.4.2 | |
|
vers:oracle/<=24.1.0
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=24.1.0 | |
|
vers:oracle/3.0.6
Oracle / Oracle Big Data Spatial and Graph
|
cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:*:*:*:*:*:*:*
|
vers:oracle/3.0.6 | |
|
vers:oracle/12.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.1 | |
|
vers:oracle/12.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.2 | |
|
vers:oracle/12.1.0.3
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.3:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.3 | |
|
vers:oracle/18.1.0.0
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.0 | |
|
vers:oracle/18.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.1 | |
|
vers:oracle/18.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.2 | |
|
vers:semver/12.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.1 | ||
|
vers:semver/12.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.2 | ||
|
vers:semver/12.1.0.3
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.3 | ||
|
vers:semver/18.1.0.0
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.0 | ||
|
vers:semver/18.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.1 | ||
|
vers:semver/18.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.2 |
7.5 (High)
Affected products
Known affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/22.1
Oracle / Oracle / Database Server
|
vers:unknown/22.1 | ||
|
vers:unknown/13.5.0.0
Oracle / Oracle / Enterprise Manager for Oracle Database
|
vers:unknown/13.5.0.0 | ||
|
vers:oracle/>=19.3|<=19.22
Oracle / Oracle Database Server
|
vers:oracle/>=19.3|<=19.22 | ||
|
vers:oracle/>=19.3|<=19.26
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:*:*:*:*:*:*:*
|
vers:oracle/>=19.3|<=19.26 | |
|
vers:oracle/>=21.3|<=21.13
Oracle / Oracle Database Server
|
vers:oracle/>=21.3|<=21.13 | ||
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=21.4|<=21.16
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:*:*:*:*:*:*:*
|
vers:oracle/>=21.4|<=21.16 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/13.5.0.0
Oracle / Oracle Enterprise Manager for Oracle Database
|
vers:oracle/13.5.0.0 | ||
|
vers:oracle/1.5.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*
|
vers:oracle/1.5.0 | |
|
vers:oracle/1.6.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.0:*:*:*:*:*:*:*
|
vers:oracle/1.6.0 | |
|
vers:oracle/1.6.1
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.1:*:*:*:*:*:*:*
|
vers:oracle/1.6.1 | |
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0
Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database
|
cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:*:*:*:*:*:*:*
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0 | |
|
vers:semver/19.3|<=19.26
Oracle Corporation / Oracle Database Server
|
vers:semver/19.3|<=19.26 | ||
|
vers:semver/21.3|<=21.17
Oracle Corporation / Oracle Database Server
|
vers:semver/21.3|<=21.17 | ||
|
vers:semver/23.4|<=23.7
Oracle Corporation / Oracle Database Server
|
vers:semver/23.4|<=23.7 | ||
|
vers:oracle/25.1.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:*:*:*:*:*:*:*
|
vers:oracle/25.1.0 | |
|
vers:oracle/25.2.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:*:*:*:*:*:*:*
|
vers:oracle/25.2.0 | |
|
vers:oracle/>=23.8.0|<=23.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=23.8.0|<=23.11.0 | |
|
vers:oracle/>=24.1.0|<=24.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=24.1.0|<=24.11.0 | |
|
vers:oracle/21.7.1.0.0
Oracle / Oracle Essbase / Oracle Essbase
|
cpe:2.3:a:oracle:essbase:21.7.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.7.1.0.0 | |
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle / GoldenGate
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219 | ||
|
vers:unknown/>=21.3|<=21.17
Oracle / Oracle / GoldenGate
|
vers:unknown/>=21.3|<=21.17 | ||
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10
Oracle / Oracle GoldenGate / GoldenGate Stream Analytics
|
cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10 | |
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219 | |
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18 | |
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0 | |
|
vers:oracle/>=23.4|<=23.6
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.6 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7
Oracle / Oracle GoldenGate Stream Analytics
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7 | ||
|
vers:oracle/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:oracle/23.1 | ||
|
vers:oracle/<23.1
Oracle / Big Data Spatial and Graph
|
vers:oracle/<23.1 | ||
|
vers:unknown/2.0
Oracle / Big Data Spatial and Graph
|
cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:*:*:*:*:*:*:*
|
vers:unknown/2.0 | |
|
vers:unknown/2.0
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/2.0 | ||
|
vers:unknown/20.2
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/20.2 | ||
|
vers:unknown/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/23.1
Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/none
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/none | ||
|
vers:oracle/23.4.3
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.3:*:*:*:*:*:*:*
|
vers:oracle/23.4.3 | |
|
vers:oracle/24.3.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.3.0:*:*:*:*:*:*:*
|
vers:oracle/24.3.0 | |
|
vers:oracle/23.4.4
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.4:*:*:*:*:*:*:*
|
vers:oracle/23.4.4 | |
|
vers:oracle/24.4.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.4.0:*:*:*:*:*:*:*
|
vers:oracle/24.4.0 | |
|
vers:oracle/<=22.4.7
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=22.4.7 | |
|
vers:oracle/<=23.4.2
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=23.4.2 | |
|
vers:oracle/<=24.1.0
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=24.1.0 | |
|
vers:oracle/3.0.6
Oracle / Oracle Big Data Spatial and Graph
|
cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:*:*:*:*:*:*:*
|
vers:oracle/3.0.6 | |
|
vers:oracle/12.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.1 | |
|
vers:oracle/12.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.2 | |
|
vers:oracle/12.1.0.3
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.3:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.3 | |
|
vers:oracle/18.1.0.0
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.0 | |
|
vers:oracle/18.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.1 | |
|
vers:oracle/18.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.2 | |
|
vers:semver/12.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.1 | ||
|
vers:semver/12.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.2 | ||
|
vers:semver/12.1.0.3
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.3 | ||
|
vers:semver/18.1.0.0
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.0 | ||
|
vers:semver/18.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.1 | ||
|
vers:semver/18.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.2 |
7.5 (High)
Affected products
Known affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/22.1
Oracle / Oracle / Database Server
|
vers:unknown/22.1 | ||
|
vers:unknown/13.5.0.0
Oracle / Oracle / Enterprise Manager for Oracle Database
|
vers:unknown/13.5.0.0 | ||
|
vers:oracle/>=19.3|<=19.22
Oracle / Oracle Database Server
|
vers:oracle/>=19.3|<=19.22 | ||
|
vers:oracle/>=19.3|<=19.26
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:*:*:*:*:*:*:*
|
vers:oracle/>=19.3|<=19.26 | |
|
vers:oracle/>=21.3|<=21.13
Oracle / Oracle Database Server
|
vers:oracle/>=21.3|<=21.13 | ||
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=21.4|<=21.16
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:*:*:*:*:*:*:*
|
vers:oracle/>=21.4|<=21.16 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/13.5.0.0
Oracle / Oracle Enterprise Manager for Oracle Database
|
vers:oracle/13.5.0.0 | ||
|
vers:oracle/1.5.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*
|
vers:oracle/1.5.0 | |
|
vers:oracle/1.6.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.0:*:*:*:*:*:*:*
|
vers:oracle/1.6.0 | |
|
vers:oracle/1.6.1
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.1:*:*:*:*:*:*:*
|
vers:oracle/1.6.1 | |
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0
Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database
|
cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:*:*:*:*:*:*:*
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0 | |
|
vers:semver/19.3|<=19.26
Oracle Corporation / Oracle Database Server
|
vers:semver/19.3|<=19.26 | ||
|
vers:semver/21.3|<=21.17
Oracle Corporation / Oracle Database Server
|
vers:semver/21.3|<=21.17 | ||
|
vers:semver/23.4|<=23.7
Oracle Corporation / Oracle Database Server
|
vers:semver/23.4|<=23.7 | ||
|
vers:oracle/25.1.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:*:*:*:*:*:*:*
|
vers:oracle/25.1.0 | |
|
vers:oracle/25.2.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:*:*:*:*:*:*:*
|
vers:oracle/25.2.0 | |
|
vers:oracle/>=23.8.0|<=23.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=23.8.0|<=23.11.0 | |
|
vers:oracle/>=24.1.0|<=24.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=24.1.0|<=24.11.0 | |
|
vers:oracle/21.7.1.0.0
Oracle / Oracle Essbase / Oracle Essbase
|
cpe:2.3:a:oracle:essbase:21.7.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.7.1.0.0 | |
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle / GoldenGate
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219 | ||
|
vers:unknown/>=21.3|<=21.17
Oracle / Oracle / GoldenGate
|
vers:unknown/>=21.3|<=21.17 | ||
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10
Oracle / Oracle GoldenGate / GoldenGate Stream Analytics
|
cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10 | |
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219 | |
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18 | |
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0 | |
|
vers:oracle/>=23.4|<=23.6
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.6 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7
Oracle / Oracle GoldenGate Stream Analytics
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7 | ||
|
vers:oracle/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:oracle/23.1 | ||
|
vers:oracle/<23.1
Oracle / Big Data Spatial and Graph
|
vers:oracle/<23.1 | ||
|
vers:unknown/2.0
Oracle / Big Data Spatial and Graph
|
cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:*:*:*:*:*:*:*
|
vers:unknown/2.0 | |
|
vers:unknown/2.0
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/2.0 | ||
|
vers:unknown/20.2
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/20.2 | ||
|
vers:unknown/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/23.1
Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/none
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/none | ||
|
vers:oracle/23.4.3
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.3:*:*:*:*:*:*:*
|
vers:oracle/23.4.3 | |
|
vers:oracle/24.3.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.3.0:*:*:*:*:*:*:*
|
vers:oracle/24.3.0 | |
|
vers:oracle/23.4.4
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.4:*:*:*:*:*:*:*
|
vers:oracle/23.4.4 | |
|
vers:oracle/24.4.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.4.0:*:*:*:*:*:*:*
|
vers:oracle/24.4.0 | |
|
vers:oracle/<=22.4.7
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=22.4.7 | |
|
vers:oracle/<=23.4.2
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=23.4.2 | |
|
vers:oracle/<=24.1.0
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=24.1.0 | |
|
vers:oracle/3.0.6
Oracle / Oracle Big Data Spatial and Graph
|
cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:*:*:*:*:*:*:*
|
vers:oracle/3.0.6 | |
|
vers:oracle/12.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.1 | |
|
vers:oracle/12.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.2 | |
|
vers:oracle/12.1.0.3
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.3:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.3 | |
|
vers:oracle/18.1.0.0
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.0 | |
|
vers:oracle/18.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.1 | |
|
vers:oracle/18.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.2 | |
|
vers:semver/12.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.1 | ||
|
vers:semver/12.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.2 | ||
|
vers:semver/12.1.0.3
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.3 | ||
|
vers:semver/18.1.0.0
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.0 | ||
|
vers:semver/18.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.1 | ||
|
vers:semver/18.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.2 |
7.5 (High)
Affected products
Known affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/22.1
Oracle / Oracle / Database Server
|
vers:unknown/22.1 | ||
|
vers:unknown/13.5.0.0
Oracle / Oracle / Enterprise Manager for Oracle Database
|
vers:unknown/13.5.0.0 | ||
|
vers:oracle/>=19.3|<=19.22
Oracle / Oracle Database Server
|
vers:oracle/>=19.3|<=19.22 | ||
|
vers:oracle/>=19.3|<=19.26
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:*:*:*:*:*:*:*
|
vers:oracle/>=19.3|<=19.26 | |
|
vers:oracle/>=21.3|<=21.13
Oracle / Oracle Database Server
|
vers:oracle/>=21.3|<=21.13 | ||
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=21.4|<=21.16
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:*:*:*:*:*:*:*
|
vers:oracle/>=21.4|<=21.16 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/13.5.0.0
Oracle / Oracle Enterprise Manager for Oracle Database
|
vers:oracle/13.5.0.0 | ||
|
vers:oracle/1.5.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*
|
vers:oracle/1.5.0 | |
|
vers:oracle/1.6.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.0:*:*:*:*:*:*:*
|
vers:oracle/1.6.0 | |
|
vers:oracle/1.6.1
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.1:*:*:*:*:*:*:*
|
vers:oracle/1.6.1 | |
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0
Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database
|
cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:*:*:*:*:*:*:*
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0 | |
|
vers:semver/19.3|<=19.26
Oracle Corporation / Oracle Database Server
|
vers:semver/19.3|<=19.26 | ||
|
vers:semver/21.3|<=21.17
Oracle Corporation / Oracle Database Server
|
vers:semver/21.3|<=21.17 | ||
|
vers:semver/23.4|<=23.7
Oracle Corporation / Oracle Database Server
|
vers:semver/23.4|<=23.7 | ||
|
vers:oracle/25.1.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:*:*:*:*:*:*:*
|
vers:oracle/25.1.0 | |
|
vers:oracle/25.2.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:*:*:*:*:*:*:*
|
vers:oracle/25.2.0 | |
|
vers:oracle/>=23.8.0|<=23.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=23.8.0|<=23.11.0 | |
|
vers:oracle/>=24.1.0|<=24.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=24.1.0|<=24.11.0 | |
|
vers:oracle/21.7.1.0.0
Oracle / Oracle Essbase / Oracle Essbase
|
cpe:2.3:a:oracle:essbase:21.7.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.7.1.0.0 | |
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle / GoldenGate
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219 | ||
|
vers:unknown/>=21.3|<=21.17
Oracle / Oracle / GoldenGate
|
vers:unknown/>=21.3|<=21.17 | ||
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10
Oracle / Oracle GoldenGate / GoldenGate Stream Analytics
|
cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10 | |
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219 | |
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18 | |
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0 | |
|
vers:oracle/>=23.4|<=23.6
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.6 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7
Oracle / Oracle GoldenGate Stream Analytics
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7 | ||
|
vers:oracle/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:oracle/23.1 | ||
|
vers:oracle/<23.1
Oracle / Big Data Spatial and Graph
|
vers:oracle/<23.1 | ||
|
vers:unknown/2.0
Oracle / Big Data Spatial and Graph
|
cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:*:*:*:*:*:*:*
|
vers:unknown/2.0 | |
|
vers:unknown/2.0
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/2.0 | ||
|
vers:unknown/20.2
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/20.2 | ||
|
vers:unknown/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/23.1
Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/none
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/none | ||
|
vers:oracle/23.4.3
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.3:*:*:*:*:*:*:*
|
vers:oracle/23.4.3 | |
|
vers:oracle/24.3.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.3.0:*:*:*:*:*:*:*
|
vers:oracle/24.3.0 | |
|
vers:oracle/23.4.4
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.4:*:*:*:*:*:*:*
|
vers:oracle/23.4.4 | |
|
vers:oracle/24.4.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.4.0:*:*:*:*:*:*:*
|
vers:oracle/24.4.0 | |
|
vers:oracle/<=22.4.7
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=22.4.7 | |
|
vers:oracle/<=23.4.2
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=23.4.2 | |
|
vers:oracle/<=24.1.0
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=24.1.0 | |
|
vers:oracle/3.0.6
Oracle / Oracle Big Data Spatial and Graph
|
cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:*:*:*:*:*:*:*
|
vers:oracle/3.0.6 | |
|
vers:oracle/12.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.1 | |
|
vers:oracle/12.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.2 | |
|
vers:oracle/12.1.0.3
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.3:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.3 | |
|
vers:oracle/18.1.0.0
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.0 | |
|
vers:oracle/18.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.1 | |
|
vers:oracle/18.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.2 | |
|
vers:semver/12.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.1 | ||
|
vers:semver/12.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.2 | ||
|
vers:semver/12.1.0.3
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.3 | ||
|
vers:semver/18.1.0.0
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.0 | ||
|
vers:semver/18.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.1 | ||
|
vers:semver/18.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.2 |
7.5 (High)
Affected products
Known affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/22.1
Oracle / Oracle / Database Server
|
vers:unknown/22.1 | ||
|
vers:unknown/13.5.0.0
Oracle / Oracle / Enterprise Manager for Oracle Database
|
vers:unknown/13.5.0.0 | ||
|
vers:oracle/>=19.3|<=19.22
Oracle / Oracle Database Server
|
vers:oracle/>=19.3|<=19.22 | ||
|
vers:oracle/>=19.3|<=19.26
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:*:*:*:*:*:*:*
|
vers:oracle/>=19.3|<=19.26 | |
|
vers:oracle/>=21.3|<=21.13
Oracle / Oracle Database Server
|
vers:oracle/>=21.3|<=21.13 | ||
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=21.4|<=21.16
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:*:*:*:*:*:*:*
|
vers:oracle/>=21.4|<=21.16 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/13.5.0.0
Oracle / Oracle Enterprise Manager for Oracle Database
|
vers:oracle/13.5.0.0 | ||
|
vers:oracle/1.5.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*
|
vers:oracle/1.5.0 | |
|
vers:oracle/1.6.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.0:*:*:*:*:*:*:*
|
vers:oracle/1.6.0 | |
|
vers:oracle/1.6.1
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.1:*:*:*:*:*:*:*
|
vers:oracle/1.6.1 | |
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0
Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database
|
cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:*:*:*:*:*:*:*
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0 | |
|
vers:semver/19.3|<=19.26
Oracle Corporation / Oracle Database Server
|
vers:semver/19.3|<=19.26 | ||
|
vers:semver/21.3|<=21.17
Oracle Corporation / Oracle Database Server
|
vers:semver/21.3|<=21.17 | ||
|
vers:semver/23.4|<=23.7
Oracle Corporation / Oracle Database Server
|
vers:semver/23.4|<=23.7 | ||
|
vers:oracle/25.1.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:*:*:*:*:*:*:*
|
vers:oracle/25.1.0 | |
|
vers:oracle/25.2.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:*:*:*:*:*:*:*
|
vers:oracle/25.2.0 | |
|
vers:oracle/>=23.8.0|<=23.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=23.8.0|<=23.11.0 | |
|
vers:oracle/>=24.1.0|<=24.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=24.1.0|<=24.11.0 | |
|
vers:oracle/21.7.1.0.0
Oracle / Oracle Essbase / Oracle Essbase
|
cpe:2.3:a:oracle:essbase:21.7.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.7.1.0.0 | |
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle / GoldenGate
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219 | ||
|
vers:unknown/>=21.3|<=21.17
Oracle / Oracle / GoldenGate
|
vers:unknown/>=21.3|<=21.17 | ||
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10
Oracle / Oracle GoldenGate / GoldenGate Stream Analytics
|
cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10 | |
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219 | |
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18 | |
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0 | |
|
vers:oracle/>=23.4|<=23.6
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.6 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7
Oracle / Oracle GoldenGate Stream Analytics
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7 | ||
|
vers:oracle/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:oracle/23.1 | ||
|
vers:oracle/<23.1
Oracle / Big Data Spatial and Graph
|
vers:oracle/<23.1 | ||
|
vers:unknown/2.0
Oracle / Big Data Spatial and Graph
|
cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:*:*:*:*:*:*:*
|
vers:unknown/2.0 | |
|
vers:unknown/2.0
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/2.0 | ||
|
vers:unknown/20.2
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/20.2 | ||
|
vers:unknown/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/23.1
Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/none
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/none | ||
|
vers:oracle/23.4.3
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.3:*:*:*:*:*:*:*
|
vers:oracle/23.4.3 | |
|
vers:oracle/24.3.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.3.0:*:*:*:*:*:*:*
|
vers:oracle/24.3.0 | |
|
vers:oracle/23.4.4
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.4:*:*:*:*:*:*:*
|
vers:oracle/23.4.4 | |
|
vers:oracle/24.4.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.4.0:*:*:*:*:*:*:*
|
vers:oracle/24.4.0 | |
|
vers:oracle/<=22.4.7
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=22.4.7 | |
|
vers:oracle/<=23.4.2
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=23.4.2 | |
|
vers:oracle/<=24.1.0
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=24.1.0 | |
|
vers:oracle/3.0.6
Oracle / Oracle Big Data Spatial and Graph
|
cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:*:*:*:*:*:*:*
|
vers:oracle/3.0.6 | |
|
vers:oracle/12.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.1 | |
|
vers:oracle/12.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.2 | |
|
vers:oracle/12.1.0.3
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.3:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.3 | |
|
vers:oracle/18.1.0.0
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.0 | |
|
vers:oracle/18.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.1 | |
|
vers:oracle/18.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.2 | |
|
vers:semver/12.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.1 | ||
|
vers:semver/12.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.2 | ||
|
vers:semver/12.1.0.3
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.3 | ||
|
vers:semver/18.1.0.0
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.0 | ||
|
vers:semver/18.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.1 | ||
|
vers:semver/18.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.2 |
6.5 (Medium)
Affected products
Known affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/22.1
Oracle / Oracle / Database Server
|
vers:unknown/22.1 | ||
|
vers:unknown/13.5.0.0
Oracle / Oracle / Enterprise Manager for Oracle Database
|
vers:unknown/13.5.0.0 | ||
|
vers:oracle/>=19.3|<=19.22
Oracle / Oracle Database Server
|
vers:oracle/>=19.3|<=19.22 | ||
|
vers:oracle/>=19.3|<=19.26
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:*:*:*:*:*:*:*
|
vers:oracle/>=19.3|<=19.26 | |
|
vers:oracle/>=21.3|<=21.13
Oracle / Oracle Database Server
|
vers:oracle/>=21.3|<=21.13 | ||
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=21.4|<=21.16
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:*:*:*:*:*:*:*
|
vers:oracle/>=21.4|<=21.16 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/13.5.0.0
Oracle / Oracle Enterprise Manager for Oracle Database
|
vers:oracle/13.5.0.0 | ||
|
vers:oracle/1.5.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*
|
vers:oracle/1.5.0 | |
|
vers:oracle/1.6.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.0:*:*:*:*:*:*:*
|
vers:oracle/1.6.0 | |
|
vers:oracle/1.6.1
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.1:*:*:*:*:*:*:*
|
vers:oracle/1.6.1 | |
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0
Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database
|
cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:*:*:*:*:*:*:*
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0 | |
|
vers:semver/19.3|<=19.26
Oracle Corporation / Oracle Database Server
|
vers:semver/19.3|<=19.26 | ||
|
vers:semver/21.3|<=21.17
Oracle Corporation / Oracle Database Server
|
vers:semver/21.3|<=21.17 | ||
|
vers:semver/23.4|<=23.7
Oracle Corporation / Oracle Database Server
|
vers:semver/23.4|<=23.7 | ||
|
vers:oracle/25.1.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:*:*:*:*:*:*:*
|
vers:oracle/25.1.0 | |
|
vers:oracle/25.2.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:*:*:*:*:*:*:*
|
vers:oracle/25.2.0 | |
|
vers:oracle/>=23.8.0|<=23.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=23.8.0|<=23.11.0 | |
|
vers:oracle/>=24.1.0|<=24.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=24.1.0|<=24.11.0 | |
|
vers:oracle/21.7.1.0.0
Oracle / Oracle Essbase / Oracle Essbase
|
cpe:2.3:a:oracle:essbase:21.7.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.7.1.0.0 | |
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle / GoldenGate
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219 | ||
|
vers:unknown/>=21.3|<=21.17
Oracle / Oracle / GoldenGate
|
vers:unknown/>=21.3|<=21.17 | ||
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10
Oracle / Oracle GoldenGate / GoldenGate Stream Analytics
|
cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10 | |
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219 | |
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18 | |
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0 | |
|
vers:oracle/>=23.4|<=23.6
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.6 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7
Oracle / Oracle GoldenGate Stream Analytics
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7 | ||
|
vers:oracle/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:oracle/23.1 | ||
|
vers:oracle/<23.1
Oracle / Big Data Spatial and Graph
|
vers:oracle/<23.1 | ||
|
vers:unknown/2.0
Oracle / Big Data Spatial and Graph
|
cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:*:*:*:*:*:*:*
|
vers:unknown/2.0 | |
|
vers:unknown/2.0
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/2.0 | ||
|
vers:unknown/20.2
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/20.2 | ||
|
vers:unknown/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/23.1
Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/none
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/none | ||
|
vers:oracle/23.4.3
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.3:*:*:*:*:*:*:*
|
vers:oracle/23.4.3 | |
|
vers:oracle/24.3.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.3.0:*:*:*:*:*:*:*
|
vers:oracle/24.3.0 | |
|
vers:oracle/23.4.4
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.4:*:*:*:*:*:*:*
|
vers:oracle/23.4.4 | |
|
vers:oracle/24.4.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.4.0:*:*:*:*:*:*:*
|
vers:oracle/24.4.0 | |
|
vers:oracle/<=22.4.7
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=22.4.7 | |
|
vers:oracle/<=23.4.2
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=23.4.2 | |
|
vers:oracle/<=24.1.0
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=24.1.0 | |
|
vers:oracle/3.0.6
Oracle / Oracle Big Data Spatial and Graph
|
cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:*:*:*:*:*:*:*
|
vers:oracle/3.0.6 | |
|
vers:oracle/12.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.1 | |
|
vers:oracle/12.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.2 | |
|
vers:oracle/12.1.0.3
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.3:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.3 | |
|
vers:oracle/18.1.0.0
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.0 | |
|
vers:oracle/18.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.1 | |
|
vers:oracle/18.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.2 | |
|
vers:semver/12.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.1 | ||
|
vers:semver/12.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.2 | ||
|
vers:semver/12.1.0.3
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.3 | ||
|
vers:semver/18.1.0.0
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.0 | ||
|
vers:semver/18.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.1 | ||
|
vers:semver/18.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.2 |
CWE-20
- Improper Input Validation
Affected products
Known affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/22.1
Oracle / Oracle / Database Server
|
vers:unknown/22.1 | ||
|
vers:unknown/13.5.0.0
Oracle / Oracle / Enterprise Manager for Oracle Database
|
vers:unknown/13.5.0.0 | ||
|
vers:oracle/>=19.3|<=19.22
Oracle / Oracle Database Server
|
vers:oracle/>=19.3|<=19.22 | ||
|
vers:oracle/>=19.3|<=19.26
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:*:*:*:*:*:*:*
|
vers:oracle/>=19.3|<=19.26 | |
|
vers:oracle/>=21.3|<=21.13
Oracle / Oracle Database Server
|
vers:oracle/>=21.3|<=21.13 | ||
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=21.4|<=21.16
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:*:*:*:*:*:*:*
|
vers:oracle/>=21.4|<=21.16 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/13.5.0.0
Oracle / Oracle Enterprise Manager for Oracle Database
|
vers:oracle/13.5.0.0 | ||
|
vers:oracle/1.5.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*
|
vers:oracle/1.5.0 | |
|
vers:oracle/1.6.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.0:*:*:*:*:*:*:*
|
vers:oracle/1.6.0 | |
|
vers:oracle/1.6.1
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.1:*:*:*:*:*:*:*
|
vers:oracle/1.6.1 | |
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0
Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database
|
cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:*:*:*:*:*:*:*
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0 | |
|
vers:semver/19.3|<=19.26
Oracle Corporation / Oracle Database Server
|
vers:semver/19.3|<=19.26 | ||
|
vers:semver/21.3|<=21.17
Oracle Corporation / Oracle Database Server
|
vers:semver/21.3|<=21.17 | ||
|
vers:semver/23.4|<=23.7
Oracle Corporation / Oracle Database Server
|
vers:semver/23.4|<=23.7 | ||
|
vers:oracle/25.1.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:*:*:*:*:*:*:*
|
vers:oracle/25.1.0 | |
|
vers:oracle/25.2.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:*:*:*:*:*:*:*
|
vers:oracle/25.2.0 | |
|
vers:oracle/>=23.8.0|<=23.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=23.8.0|<=23.11.0 | |
|
vers:oracle/>=24.1.0|<=24.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=24.1.0|<=24.11.0 | |
|
vers:oracle/21.7.1.0.0
Oracle / Oracle Essbase / Oracle Essbase
|
cpe:2.3:a:oracle:essbase:21.7.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.7.1.0.0 | |
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle / GoldenGate
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219 | ||
|
vers:unknown/>=21.3|<=21.17
Oracle / Oracle / GoldenGate
|
vers:unknown/>=21.3|<=21.17 | ||
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10
Oracle / Oracle GoldenGate / GoldenGate Stream Analytics
|
cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10 | |
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219 | |
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18 | |
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0 | |
|
vers:oracle/>=23.4|<=23.6
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.6 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7
Oracle / Oracle GoldenGate Stream Analytics
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7 | ||
|
vers:oracle/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:oracle/23.1 | ||
|
vers:oracle/<23.1
Oracle / Big Data Spatial and Graph
|
vers:oracle/<23.1 | ||
|
vers:unknown/2.0
Oracle / Big Data Spatial and Graph
|
cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:*:*:*:*:*:*:*
|
vers:unknown/2.0 | |
|
vers:unknown/2.0
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/2.0 | ||
|
vers:unknown/20.2
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/20.2 | ||
|
vers:unknown/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/23.1
Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/none
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/none | ||
|
vers:oracle/23.4.3
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.3:*:*:*:*:*:*:*
|
vers:oracle/23.4.3 | |
|
vers:oracle/24.3.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.3.0:*:*:*:*:*:*:*
|
vers:oracle/24.3.0 | |
|
vers:oracle/23.4.4
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.4:*:*:*:*:*:*:*
|
vers:oracle/23.4.4 | |
|
vers:oracle/24.4.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.4.0:*:*:*:*:*:*:*
|
vers:oracle/24.4.0 | |
|
vers:oracle/<=22.4.7
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=22.4.7 | |
|
vers:oracle/<=23.4.2
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=23.4.2 | |
|
vers:oracle/<=24.1.0
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=24.1.0 | |
|
vers:oracle/3.0.6
Oracle / Oracle Big Data Spatial and Graph
|
cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:*:*:*:*:*:*:*
|
vers:oracle/3.0.6 | |
|
vers:oracle/12.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.1 | |
|
vers:oracle/12.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.2 | |
|
vers:oracle/12.1.0.3
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.3:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.3 | |
|
vers:oracle/18.1.0.0
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.0 | |
|
vers:oracle/18.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.1 | |
|
vers:oracle/18.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.2 | |
|
vers:semver/12.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.1 | ||
|
vers:semver/12.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.2 | ||
|
vers:semver/12.1.0.3
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.3 | ||
|
vers:semver/18.1.0.0
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.0 | ||
|
vers:semver/18.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.1 | ||
|
vers:semver/18.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.2 |
7.5 (High)
Affected products
Known affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/22.1
Oracle / Oracle / Database Server
|
vers:unknown/22.1 | ||
|
vers:unknown/13.5.0.0
Oracle / Oracle / Enterprise Manager for Oracle Database
|
vers:unknown/13.5.0.0 | ||
|
vers:oracle/>=19.3|<=19.22
Oracle / Oracle Database Server
|
vers:oracle/>=19.3|<=19.22 | ||
|
vers:oracle/>=19.3|<=19.26
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:*:*:*:*:*:*:*
|
vers:oracle/>=19.3|<=19.26 | |
|
vers:oracle/>=21.3|<=21.13
Oracle / Oracle Database Server
|
vers:oracle/>=21.3|<=21.13 | ||
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=21.4|<=21.16
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:*:*:*:*:*:*:*
|
vers:oracle/>=21.4|<=21.16 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/13.5.0.0
Oracle / Oracle Enterprise Manager for Oracle Database
|
vers:oracle/13.5.0.0 | ||
|
vers:oracle/1.5.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*
|
vers:oracle/1.5.0 | |
|
vers:oracle/1.6.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.0:*:*:*:*:*:*:*
|
vers:oracle/1.6.0 | |
|
vers:oracle/1.6.1
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.1:*:*:*:*:*:*:*
|
vers:oracle/1.6.1 | |
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0
Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database
|
cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:*:*:*:*:*:*:*
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0 | |
|
vers:semver/19.3|<=19.26
Oracle Corporation / Oracle Database Server
|
vers:semver/19.3|<=19.26 | ||
|
vers:semver/21.3|<=21.17
Oracle Corporation / Oracle Database Server
|
vers:semver/21.3|<=21.17 | ||
|
vers:semver/23.4|<=23.7
Oracle Corporation / Oracle Database Server
|
vers:semver/23.4|<=23.7 | ||
|
vers:oracle/25.1.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:*:*:*:*:*:*:*
|
vers:oracle/25.1.0 | |
|
vers:oracle/25.2.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:*:*:*:*:*:*:*
|
vers:oracle/25.2.0 | |
|
vers:oracle/>=23.8.0|<=23.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=23.8.0|<=23.11.0 | |
|
vers:oracle/>=24.1.0|<=24.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=24.1.0|<=24.11.0 | |
|
vers:oracle/21.7.1.0.0
Oracle / Oracle Essbase / Oracle Essbase
|
cpe:2.3:a:oracle:essbase:21.7.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.7.1.0.0 | |
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle / GoldenGate
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219 | ||
|
vers:unknown/>=21.3|<=21.17
Oracle / Oracle / GoldenGate
|
vers:unknown/>=21.3|<=21.17 | ||
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10
Oracle / Oracle GoldenGate / GoldenGate Stream Analytics
|
cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10 | |
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219 | |
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18 | |
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0 | |
|
vers:oracle/>=23.4|<=23.6
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.6 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7
Oracle / Oracle GoldenGate Stream Analytics
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7 | ||
|
vers:oracle/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:oracle/23.1 | ||
|
vers:oracle/<23.1
Oracle / Big Data Spatial and Graph
|
vers:oracle/<23.1 | ||
|
vers:unknown/2.0
Oracle / Big Data Spatial and Graph
|
cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:*:*:*:*:*:*:*
|
vers:unknown/2.0 | |
|
vers:unknown/2.0
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/2.0 | ||
|
vers:unknown/20.2
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/20.2 | ||
|
vers:unknown/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/23.1
Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/none
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/none | ||
|
vers:oracle/23.4.3
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.3:*:*:*:*:*:*:*
|
vers:oracle/23.4.3 | |
|
vers:oracle/24.3.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.3.0:*:*:*:*:*:*:*
|
vers:oracle/24.3.0 | |
|
vers:oracle/23.4.4
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.4:*:*:*:*:*:*:*
|
vers:oracle/23.4.4 | |
|
vers:oracle/24.4.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.4.0:*:*:*:*:*:*:*
|
vers:oracle/24.4.0 | |
|
vers:oracle/<=22.4.7
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=22.4.7 | |
|
vers:oracle/<=23.4.2
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=23.4.2 | |
|
vers:oracle/<=24.1.0
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=24.1.0 | |
|
vers:oracle/3.0.6
Oracle / Oracle Big Data Spatial and Graph
|
cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:*:*:*:*:*:*:*
|
vers:oracle/3.0.6 | |
|
vers:oracle/12.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.1 | |
|
vers:oracle/12.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.2 | |
|
vers:oracle/12.1.0.3
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.3:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.3 | |
|
vers:oracle/18.1.0.0
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.0 | |
|
vers:oracle/18.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.1 | |
|
vers:oracle/18.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.2 | |
|
vers:semver/12.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.1 | ||
|
vers:semver/12.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.2 | ||
|
vers:semver/12.1.0.3
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.3 | ||
|
vers:semver/18.1.0.0
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.0 | ||
|
vers:semver/18.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.1 | ||
|
vers:semver/18.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.2 |
9.8 (Critical)
Affected products
Known affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/22.1
Oracle / Oracle / Database Server
|
vers:unknown/22.1 | ||
|
vers:unknown/13.5.0.0
Oracle / Oracle / Enterprise Manager for Oracle Database
|
vers:unknown/13.5.0.0 | ||
|
vers:oracle/>=19.3|<=19.22
Oracle / Oracle Database Server
|
vers:oracle/>=19.3|<=19.22 | ||
|
vers:oracle/>=19.3|<=19.26
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:*:*:*:*:*:*:*
|
vers:oracle/>=19.3|<=19.26 | |
|
vers:oracle/>=21.3|<=21.13
Oracle / Oracle Database Server
|
vers:oracle/>=21.3|<=21.13 | ||
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=21.4|<=21.16
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:*:*:*:*:*:*:*
|
vers:oracle/>=21.4|<=21.16 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/13.5.0.0
Oracle / Oracle Enterprise Manager for Oracle Database
|
vers:oracle/13.5.0.0 | ||
|
vers:oracle/1.5.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*
|
vers:oracle/1.5.0 | |
|
vers:oracle/1.6.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.0:*:*:*:*:*:*:*
|
vers:oracle/1.6.0 | |
|
vers:oracle/1.6.1
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.1:*:*:*:*:*:*:*
|
vers:oracle/1.6.1 | |
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0
Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database
|
cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:*:*:*:*:*:*:*
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0 | |
|
vers:semver/19.3|<=19.26
Oracle Corporation / Oracle Database Server
|
vers:semver/19.3|<=19.26 | ||
|
vers:semver/21.3|<=21.17
Oracle Corporation / Oracle Database Server
|
vers:semver/21.3|<=21.17 | ||
|
vers:semver/23.4|<=23.7
Oracle Corporation / Oracle Database Server
|
vers:semver/23.4|<=23.7 | ||
|
vers:oracle/25.1.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:*:*:*:*:*:*:*
|
vers:oracle/25.1.0 | |
|
vers:oracle/25.2.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:*:*:*:*:*:*:*
|
vers:oracle/25.2.0 | |
|
vers:oracle/>=23.8.0|<=23.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=23.8.0|<=23.11.0 | |
|
vers:oracle/>=24.1.0|<=24.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=24.1.0|<=24.11.0 | |
|
vers:oracle/21.7.1.0.0
Oracle / Oracle Essbase / Oracle Essbase
|
cpe:2.3:a:oracle:essbase:21.7.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.7.1.0.0 | |
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle / GoldenGate
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219 | ||
|
vers:unknown/>=21.3|<=21.17
Oracle / Oracle / GoldenGate
|
vers:unknown/>=21.3|<=21.17 | ||
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10
Oracle / Oracle GoldenGate / GoldenGate Stream Analytics
|
cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10 | |
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219 | |
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18 | |
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0 | |
|
vers:oracle/>=23.4|<=23.6
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.6 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7
Oracle / Oracle GoldenGate Stream Analytics
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7 | ||
|
vers:oracle/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:oracle/23.1 | ||
|
vers:oracle/<23.1
Oracle / Big Data Spatial and Graph
|
vers:oracle/<23.1 | ||
|
vers:unknown/2.0
Oracle / Big Data Spatial and Graph
|
cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:*:*:*:*:*:*:*
|
vers:unknown/2.0 | |
|
vers:unknown/2.0
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/2.0 | ||
|
vers:unknown/20.2
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/20.2 | ||
|
vers:unknown/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/23.1
Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/none
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/none | ||
|
vers:oracle/23.4.3
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.3:*:*:*:*:*:*:*
|
vers:oracle/23.4.3 | |
|
vers:oracle/24.3.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.3.0:*:*:*:*:*:*:*
|
vers:oracle/24.3.0 | |
|
vers:oracle/23.4.4
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.4:*:*:*:*:*:*:*
|
vers:oracle/23.4.4 | |
|
vers:oracle/24.4.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.4.0:*:*:*:*:*:*:*
|
vers:oracle/24.4.0 | |
|
vers:oracle/<=22.4.7
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=22.4.7 | |
|
vers:oracle/<=23.4.2
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=23.4.2 | |
|
vers:oracle/<=24.1.0
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=24.1.0 | |
|
vers:oracle/3.0.6
Oracle / Oracle Big Data Spatial and Graph
|
cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:*:*:*:*:*:*:*
|
vers:oracle/3.0.6 | |
|
vers:oracle/12.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.1 | |
|
vers:oracle/12.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.2 | |
|
vers:oracle/12.1.0.3
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.3:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.3 | |
|
vers:oracle/18.1.0.0
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.0 | |
|
vers:oracle/18.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.1 | |
|
vers:oracle/18.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.2 | |
|
vers:semver/12.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.1 | ||
|
vers:semver/12.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.2 | ||
|
vers:semver/12.1.0.3
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.3 | ||
|
vers:semver/18.1.0.0
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.0 | ||
|
vers:semver/18.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.1 | ||
|
vers:semver/18.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.2 |
8.6 (High)
Affected products
Known affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/22.1
Oracle / Oracle / Database Server
|
vers:unknown/22.1 | ||
|
vers:unknown/13.5.0.0
Oracle / Oracle / Enterprise Manager for Oracle Database
|
vers:unknown/13.5.0.0 | ||
|
vers:oracle/>=19.3|<=19.22
Oracle / Oracle Database Server
|
vers:oracle/>=19.3|<=19.22 | ||
|
vers:oracle/>=19.3|<=19.26
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:*:*:*:*:*:*:*
|
vers:oracle/>=19.3|<=19.26 | |
|
vers:oracle/>=21.3|<=21.13
Oracle / Oracle Database Server
|
vers:oracle/>=21.3|<=21.13 | ||
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=21.4|<=21.16
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:*:*:*:*:*:*:*
|
vers:oracle/>=21.4|<=21.16 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/13.5.0.0
Oracle / Oracle Enterprise Manager for Oracle Database
|
vers:oracle/13.5.0.0 | ||
|
vers:oracle/1.5.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*
|
vers:oracle/1.5.0 | |
|
vers:oracle/1.6.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.0:*:*:*:*:*:*:*
|
vers:oracle/1.6.0 | |
|
vers:oracle/1.6.1
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.1:*:*:*:*:*:*:*
|
vers:oracle/1.6.1 | |
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0
Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database
|
cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:*:*:*:*:*:*:*
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0 | |
|
vers:semver/19.3|<=19.26
Oracle Corporation / Oracle Database Server
|
vers:semver/19.3|<=19.26 | ||
|
vers:semver/21.3|<=21.17
Oracle Corporation / Oracle Database Server
|
vers:semver/21.3|<=21.17 | ||
|
vers:semver/23.4|<=23.7
Oracle Corporation / Oracle Database Server
|
vers:semver/23.4|<=23.7 | ||
|
vers:oracle/25.1.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:*:*:*:*:*:*:*
|
vers:oracle/25.1.0 | |
|
vers:oracle/25.2.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:*:*:*:*:*:*:*
|
vers:oracle/25.2.0 | |
|
vers:oracle/>=23.8.0|<=23.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=23.8.0|<=23.11.0 | |
|
vers:oracle/>=24.1.0|<=24.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=24.1.0|<=24.11.0 | |
|
vers:oracle/21.7.1.0.0
Oracle / Oracle Essbase / Oracle Essbase
|
cpe:2.3:a:oracle:essbase:21.7.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.7.1.0.0 | |
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle / GoldenGate
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219 | ||
|
vers:unknown/>=21.3|<=21.17
Oracle / Oracle / GoldenGate
|
vers:unknown/>=21.3|<=21.17 | ||
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10
Oracle / Oracle GoldenGate / GoldenGate Stream Analytics
|
cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10 | |
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219 | |
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18 | |
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0 | |
|
vers:oracle/>=23.4|<=23.6
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.6 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7
Oracle / Oracle GoldenGate Stream Analytics
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7 | ||
|
vers:oracle/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:oracle/23.1 | ||
|
vers:oracle/<23.1
Oracle / Big Data Spatial and Graph
|
vers:oracle/<23.1 | ||
|
vers:unknown/2.0
Oracle / Big Data Spatial and Graph
|
cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:*:*:*:*:*:*:*
|
vers:unknown/2.0 | |
|
vers:unknown/2.0
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/2.0 | ||
|
vers:unknown/20.2
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/20.2 | ||
|
vers:unknown/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/23.1
Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/none
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/none | ||
|
vers:oracle/23.4.3
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.3:*:*:*:*:*:*:*
|
vers:oracle/23.4.3 | |
|
vers:oracle/24.3.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.3.0:*:*:*:*:*:*:*
|
vers:oracle/24.3.0 | |
|
vers:oracle/23.4.4
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.4:*:*:*:*:*:*:*
|
vers:oracle/23.4.4 | |
|
vers:oracle/24.4.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.4.0:*:*:*:*:*:*:*
|
vers:oracle/24.4.0 | |
|
vers:oracle/<=22.4.7
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=22.4.7 | |
|
vers:oracle/<=23.4.2
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=23.4.2 | |
|
vers:oracle/<=24.1.0
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=24.1.0 | |
|
vers:oracle/3.0.6
Oracle / Oracle Big Data Spatial and Graph
|
cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:*:*:*:*:*:*:*
|
vers:oracle/3.0.6 | |
|
vers:oracle/12.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.1 | |
|
vers:oracle/12.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.2 | |
|
vers:oracle/12.1.0.3
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.3:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.3 | |
|
vers:oracle/18.1.0.0
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.0 | |
|
vers:oracle/18.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.1 | |
|
vers:oracle/18.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.2 | |
|
vers:semver/12.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.1 | ||
|
vers:semver/12.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.2 | ||
|
vers:semver/12.1.0.3
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.3 | ||
|
vers:semver/18.1.0.0
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.0 | ||
|
vers:semver/18.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.1 | ||
|
vers:semver/18.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.2 |
7.5 (High)
Affected products
Known affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/22.1
Oracle / Oracle / Database Server
|
vers:unknown/22.1 | ||
|
vers:unknown/13.5.0.0
Oracle / Oracle / Enterprise Manager for Oracle Database
|
vers:unknown/13.5.0.0 | ||
|
vers:oracle/>=19.3|<=19.22
Oracle / Oracle Database Server
|
vers:oracle/>=19.3|<=19.22 | ||
|
vers:oracle/>=19.3|<=19.26
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:*:*:*:*:*:*:*
|
vers:oracle/>=19.3|<=19.26 | |
|
vers:oracle/>=21.3|<=21.13
Oracle / Oracle Database Server
|
vers:oracle/>=21.3|<=21.13 | ||
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=21.4|<=21.16
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:*:*:*:*:*:*:*
|
vers:oracle/>=21.4|<=21.16 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/13.5.0.0
Oracle / Oracle Enterprise Manager for Oracle Database
|
vers:oracle/13.5.0.0 | ||
|
vers:oracle/1.5.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*
|
vers:oracle/1.5.0 | |
|
vers:oracle/1.6.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.0:*:*:*:*:*:*:*
|
vers:oracle/1.6.0 | |
|
vers:oracle/1.6.1
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.1:*:*:*:*:*:*:*
|
vers:oracle/1.6.1 | |
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0
Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database
|
cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:*:*:*:*:*:*:*
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0 | |
|
vers:semver/19.3|<=19.26
Oracle Corporation / Oracle Database Server
|
vers:semver/19.3|<=19.26 | ||
|
vers:semver/21.3|<=21.17
Oracle Corporation / Oracle Database Server
|
vers:semver/21.3|<=21.17 | ||
|
vers:semver/23.4|<=23.7
Oracle Corporation / Oracle Database Server
|
vers:semver/23.4|<=23.7 | ||
|
vers:oracle/25.1.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:*:*:*:*:*:*:*
|
vers:oracle/25.1.0 | |
|
vers:oracle/25.2.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:*:*:*:*:*:*:*
|
vers:oracle/25.2.0 | |
|
vers:oracle/>=23.8.0|<=23.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=23.8.0|<=23.11.0 | |
|
vers:oracle/>=24.1.0|<=24.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=24.1.0|<=24.11.0 | |
|
vers:oracle/21.7.1.0.0
Oracle / Oracle Essbase / Oracle Essbase
|
cpe:2.3:a:oracle:essbase:21.7.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.7.1.0.0 | |
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle / GoldenGate
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219 | ||
|
vers:unknown/>=21.3|<=21.17
Oracle / Oracle / GoldenGate
|
vers:unknown/>=21.3|<=21.17 | ||
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10
Oracle / Oracle GoldenGate / GoldenGate Stream Analytics
|
cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10 | |
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219 | |
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18 | |
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0 | |
|
vers:oracle/>=23.4|<=23.6
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.6 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7
Oracle / Oracle GoldenGate Stream Analytics
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7 | ||
|
vers:oracle/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:oracle/23.1 | ||
|
vers:oracle/<23.1
Oracle / Big Data Spatial and Graph
|
vers:oracle/<23.1 | ||
|
vers:unknown/2.0
Oracle / Big Data Spatial and Graph
|
cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:*:*:*:*:*:*:*
|
vers:unknown/2.0 | |
|
vers:unknown/2.0
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/2.0 | ||
|
vers:unknown/20.2
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/20.2 | ||
|
vers:unknown/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/23.1
Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/none
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/none | ||
|
vers:oracle/23.4.3
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.3:*:*:*:*:*:*:*
|
vers:oracle/23.4.3 | |
|
vers:oracle/24.3.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.3.0:*:*:*:*:*:*:*
|
vers:oracle/24.3.0 | |
|
vers:oracle/23.4.4
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.4:*:*:*:*:*:*:*
|
vers:oracle/23.4.4 | |
|
vers:oracle/24.4.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.4.0:*:*:*:*:*:*:*
|
vers:oracle/24.4.0 | |
|
vers:oracle/<=22.4.7
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=22.4.7 | |
|
vers:oracle/<=23.4.2
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=23.4.2 | |
|
vers:oracle/<=24.1.0
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=24.1.0 | |
|
vers:oracle/3.0.6
Oracle / Oracle Big Data Spatial and Graph
|
cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:*:*:*:*:*:*:*
|
vers:oracle/3.0.6 | |
|
vers:oracle/12.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.1 | |
|
vers:oracle/12.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.2 | |
|
vers:oracle/12.1.0.3
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.3:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.3 | |
|
vers:oracle/18.1.0.0
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.0 | |
|
vers:oracle/18.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.1 | |
|
vers:oracle/18.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.2 | |
|
vers:semver/12.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.1 | ||
|
vers:semver/12.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.2 | ||
|
vers:semver/12.1.0.3
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.3 | ||
|
vers:semver/18.1.0.0
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.0 | ||
|
vers:semver/18.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.1 | ||
|
vers:semver/18.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.2 |
7.5 (High)
Affected products
Known affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/22.1
Oracle / Oracle / Database Server
|
vers:unknown/22.1 | ||
|
vers:unknown/13.5.0.0
Oracle / Oracle / Enterprise Manager for Oracle Database
|
vers:unknown/13.5.0.0 | ||
|
vers:oracle/>=19.3|<=19.22
Oracle / Oracle Database Server
|
vers:oracle/>=19.3|<=19.22 | ||
|
vers:oracle/>=19.3|<=19.26
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:*:*:*:*:*:*:*
|
vers:oracle/>=19.3|<=19.26 | |
|
vers:oracle/>=21.3|<=21.13
Oracle / Oracle Database Server
|
vers:oracle/>=21.3|<=21.13 | ||
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=21.4|<=21.16
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:*:*:*:*:*:*:*
|
vers:oracle/>=21.4|<=21.16 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/13.5.0.0
Oracle / Oracle Enterprise Manager for Oracle Database
|
vers:oracle/13.5.0.0 | ||
|
vers:oracle/1.5.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*
|
vers:oracle/1.5.0 | |
|
vers:oracle/1.6.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.0:*:*:*:*:*:*:*
|
vers:oracle/1.6.0 | |
|
vers:oracle/1.6.1
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.1:*:*:*:*:*:*:*
|
vers:oracle/1.6.1 | |
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0
Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database
|
cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:*:*:*:*:*:*:*
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0 | |
|
vers:semver/19.3|<=19.26
Oracle Corporation / Oracle Database Server
|
vers:semver/19.3|<=19.26 | ||
|
vers:semver/21.3|<=21.17
Oracle Corporation / Oracle Database Server
|
vers:semver/21.3|<=21.17 | ||
|
vers:semver/23.4|<=23.7
Oracle Corporation / Oracle Database Server
|
vers:semver/23.4|<=23.7 | ||
|
vers:oracle/25.1.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:*:*:*:*:*:*:*
|
vers:oracle/25.1.0 | |
|
vers:oracle/25.2.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:*:*:*:*:*:*:*
|
vers:oracle/25.2.0 | |
|
vers:oracle/>=23.8.0|<=23.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=23.8.0|<=23.11.0 | |
|
vers:oracle/>=24.1.0|<=24.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=24.1.0|<=24.11.0 | |
|
vers:oracle/21.7.1.0.0
Oracle / Oracle Essbase / Oracle Essbase
|
cpe:2.3:a:oracle:essbase:21.7.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.7.1.0.0 | |
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle / GoldenGate
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219 | ||
|
vers:unknown/>=21.3|<=21.17
Oracle / Oracle / GoldenGate
|
vers:unknown/>=21.3|<=21.17 | ||
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10
Oracle / Oracle GoldenGate / GoldenGate Stream Analytics
|
cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10 | |
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219 | |
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18 | |
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0 | |
|
vers:oracle/>=23.4|<=23.6
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.6 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7
Oracle / Oracle GoldenGate Stream Analytics
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7 | ||
|
vers:oracle/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:oracle/23.1 | ||
|
vers:oracle/<23.1
Oracle / Big Data Spatial and Graph
|
vers:oracle/<23.1 | ||
|
vers:unknown/2.0
Oracle / Big Data Spatial and Graph
|
cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:*:*:*:*:*:*:*
|
vers:unknown/2.0 | |
|
vers:unknown/2.0
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/2.0 | ||
|
vers:unknown/20.2
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/20.2 | ||
|
vers:unknown/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/23.1
Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/none
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/none | ||
|
vers:oracle/23.4.3
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.3:*:*:*:*:*:*:*
|
vers:oracle/23.4.3 | |
|
vers:oracle/24.3.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.3.0:*:*:*:*:*:*:*
|
vers:oracle/24.3.0 | |
|
vers:oracle/23.4.4
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.4:*:*:*:*:*:*:*
|
vers:oracle/23.4.4 | |
|
vers:oracle/24.4.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.4.0:*:*:*:*:*:*:*
|
vers:oracle/24.4.0 | |
|
vers:oracle/<=22.4.7
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=22.4.7 | |
|
vers:oracle/<=23.4.2
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=23.4.2 | |
|
vers:oracle/<=24.1.0
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=24.1.0 | |
|
vers:oracle/3.0.6
Oracle / Oracle Big Data Spatial and Graph
|
cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:*:*:*:*:*:*:*
|
vers:oracle/3.0.6 | |
|
vers:oracle/12.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.1 | |
|
vers:oracle/12.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.2 | |
|
vers:oracle/12.1.0.3
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.3:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.3 | |
|
vers:oracle/18.1.0.0
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.0 | |
|
vers:oracle/18.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.1 | |
|
vers:oracle/18.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.2 | |
|
vers:semver/12.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.1 | ||
|
vers:semver/12.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.2 | ||
|
vers:semver/12.1.0.3
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.3 | ||
|
vers:semver/18.1.0.0
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.0 | ||
|
vers:semver/18.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.1 | ||
|
vers:semver/18.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.2 |
7.5 (High)
Affected products
Known affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/22.1
Oracle / Oracle / Database Server
|
vers:unknown/22.1 | ||
|
vers:unknown/13.5.0.0
Oracle / Oracle / Enterprise Manager for Oracle Database
|
vers:unknown/13.5.0.0 | ||
|
vers:oracle/>=19.3|<=19.22
Oracle / Oracle Database Server
|
vers:oracle/>=19.3|<=19.22 | ||
|
vers:oracle/>=19.3|<=19.26
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:*:*:*:*:*:*:*
|
vers:oracle/>=19.3|<=19.26 | |
|
vers:oracle/>=21.3|<=21.13
Oracle / Oracle Database Server
|
vers:oracle/>=21.3|<=21.13 | ||
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=21.4|<=21.16
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:*:*:*:*:*:*:*
|
vers:oracle/>=21.4|<=21.16 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/13.5.0.0
Oracle / Oracle Enterprise Manager for Oracle Database
|
vers:oracle/13.5.0.0 | ||
|
vers:oracle/1.5.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*
|
vers:oracle/1.5.0 | |
|
vers:oracle/1.6.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.0:*:*:*:*:*:*:*
|
vers:oracle/1.6.0 | |
|
vers:oracle/1.6.1
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.1:*:*:*:*:*:*:*
|
vers:oracle/1.6.1 | |
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0
Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database
|
cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:*:*:*:*:*:*:*
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0 | |
|
vers:semver/19.3|<=19.26
Oracle Corporation / Oracle Database Server
|
vers:semver/19.3|<=19.26 | ||
|
vers:semver/21.3|<=21.17
Oracle Corporation / Oracle Database Server
|
vers:semver/21.3|<=21.17 | ||
|
vers:semver/23.4|<=23.7
Oracle Corporation / Oracle Database Server
|
vers:semver/23.4|<=23.7 | ||
|
vers:oracle/25.1.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:*:*:*:*:*:*:*
|
vers:oracle/25.1.0 | |
|
vers:oracle/25.2.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:*:*:*:*:*:*:*
|
vers:oracle/25.2.0 | |
|
vers:oracle/>=23.8.0|<=23.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=23.8.0|<=23.11.0 | |
|
vers:oracle/>=24.1.0|<=24.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=24.1.0|<=24.11.0 | |
|
vers:oracle/21.7.1.0.0
Oracle / Oracle Essbase / Oracle Essbase
|
cpe:2.3:a:oracle:essbase:21.7.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.7.1.0.0 | |
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle / GoldenGate
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219 | ||
|
vers:unknown/>=21.3|<=21.17
Oracle / Oracle / GoldenGate
|
vers:unknown/>=21.3|<=21.17 | ||
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10
Oracle / Oracle GoldenGate / GoldenGate Stream Analytics
|
cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10 | |
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219 | |
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18 | |
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0 | |
|
vers:oracle/>=23.4|<=23.6
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.6 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7
Oracle / Oracle GoldenGate Stream Analytics
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7 | ||
|
vers:oracle/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:oracle/23.1 | ||
|
vers:oracle/<23.1
Oracle / Big Data Spatial and Graph
|
vers:oracle/<23.1 | ||
|
vers:unknown/2.0
Oracle / Big Data Spatial and Graph
|
cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:*:*:*:*:*:*:*
|
vers:unknown/2.0 | |
|
vers:unknown/2.0
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/2.0 | ||
|
vers:unknown/20.2
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/20.2 | ||
|
vers:unknown/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/23.1
Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/none
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/none | ||
|
vers:oracle/23.4.3
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.3:*:*:*:*:*:*:*
|
vers:oracle/23.4.3 | |
|
vers:oracle/24.3.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.3.0:*:*:*:*:*:*:*
|
vers:oracle/24.3.0 | |
|
vers:oracle/23.4.4
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.4:*:*:*:*:*:*:*
|
vers:oracle/23.4.4 | |
|
vers:oracle/24.4.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.4.0:*:*:*:*:*:*:*
|
vers:oracle/24.4.0 | |
|
vers:oracle/<=22.4.7
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=22.4.7 | |
|
vers:oracle/<=23.4.2
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=23.4.2 | |
|
vers:oracle/<=24.1.0
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=24.1.0 | |
|
vers:oracle/3.0.6
Oracle / Oracle Big Data Spatial and Graph
|
cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:*:*:*:*:*:*:*
|
vers:oracle/3.0.6 | |
|
vers:oracle/12.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.1 | |
|
vers:oracle/12.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.2 | |
|
vers:oracle/12.1.0.3
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.3:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.3 | |
|
vers:oracle/18.1.0.0
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.0 | |
|
vers:oracle/18.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.1 | |
|
vers:oracle/18.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.2 | |
|
vers:semver/12.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.1 | ||
|
vers:semver/12.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.2 | ||
|
vers:semver/12.1.0.3
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.3 | ||
|
vers:semver/18.1.0.0
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.0 | ||
|
vers:semver/18.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.1 | ||
|
vers:semver/18.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.2 |
7.5 (High)
Affected products
Known affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/22.1
Oracle / Oracle / Database Server
|
vers:unknown/22.1 | ||
|
vers:unknown/13.5.0.0
Oracle / Oracle / Enterprise Manager for Oracle Database
|
vers:unknown/13.5.0.0 | ||
|
vers:oracle/>=19.3|<=19.22
Oracle / Oracle Database Server
|
vers:oracle/>=19.3|<=19.22 | ||
|
vers:oracle/>=19.3|<=19.26
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:*:*:*:*:*:*:*
|
vers:oracle/>=19.3|<=19.26 | |
|
vers:oracle/>=21.3|<=21.13
Oracle / Oracle Database Server
|
vers:oracle/>=21.3|<=21.13 | ||
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=21.4|<=21.16
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:*:*:*:*:*:*:*
|
vers:oracle/>=21.4|<=21.16 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/13.5.0.0
Oracle / Oracle Enterprise Manager for Oracle Database
|
vers:oracle/13.5.0.0 | ||
|
vers:oracle/1.5.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*
|
vers:oracle/1.5.0 | |
|
vers:oracle/1.6.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.0:*:*:*:*:*:*:*
|
vers:oracle/1.6.0 | |
|
vers:oracle/1.6.1
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.1:*:*:*:*:*:*:*
|
vers:oracle/1.6.1 | |
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0
Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database
|
cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:*:*:*:*:*:*:*
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0 | |
|
vers:semver/19.3|<=19.26
Oracle Corporation / Oracle Database Server
|
vers:semver/19.3|<=19.26 | ||
|
vers:semver/21.3|<=21.17
Oracle Corporation / Oracle Database Server
|
vers:semver/21.3|<=21.17 | ||
|
vers:semver/23.4|<=23.7
Oracle Corporation / Oracle Database Server
|
vers:semver/23.4|<=23.7 | ||
|
vers:oracle/25.1.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:*:*:*:*:*:*:*
|
vers:oracle/25.1.0 | |
|
vers:oracle/25.2.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:*:*:*:*:*:*:*
|
vers:oracle/25.2.0 | |
|
vers:oracle/>=23.8.0|<=23.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=23.8.0|<=23.11.0 | |
|
vers:oracle/>=24.1.0|<=24.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=24.1.0|<=24.11.0 | |
|
vers:oracle/21.7.1.0.0
Oracle / Oracle Essbase / Oracle Essbase
|
cpe:2.3:a:oracle:essbase:21.7.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.7.1.0.0 | |
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle / GoldenGate
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219 | ||
|
vers:unknown/>=21.3|<=21.17
Oracle / Oracle / GoldenGate
|
vers:unknown/>=21.3|<=21.17 | ||
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10
Oracle / Oracle GoldenGate / GoldenGate Stream Analytics
|
cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10 | |
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219 | |
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18 | |
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0 | |
|
vers:oracle/>=23.4|<=23.6
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.6 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7
Oracle / Oracle GoldenGate Stream Analytics
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7 | ||
|
vers:oracle/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:oracle/23.1 | ||
|
vers:oracle/<23.1
Oracle / Big Data Spatial and Graph
|
vers:oracle/<23.1 | ||
|
vers:unknown/2.0
Oracle / Big Data Spatial and Graph
|
cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:*:*:*:*:*:*:*
|
vers:unknown/2.0 | |
|
vers:unknown/2.0
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/2.0 | ||
|
vers:unknown/20.2
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/20.2 | ||
|
vers:unknown/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/23.1
Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/none
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/none | ||
|
vers:oracle/23.4.3
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.3:*:*:*:*:*:*:*
|
vers:oracle/23.4.3 | |
|
vers:oracle/24.3.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.3.0:*:*:*:*:*:*:*
|
vers:oracle/24.3.0 | |
|
vers:oracle/23.4.4
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.4:*:*:*:*:*:*:*
|
vers:oracle/23.4.4 | |
|
vers:oracle/24.4.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.4.0:*:*:*:*:*:*:*
|
vers:oracle/24.4.0 | |
|
vers:oracle/<=22.4.7
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=22.4.7 | |
|
vers:oracle/<=23.4.2
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=23.4.2 | |
|
vers:oracle/<=24.1.0
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=24.1.0 | |
|
vers:oracle/3.0.6
Oracle / Oracle Big Data Spatial and Graph
|
cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:*:*:*:*:*:*:*
|
vers:oracle/3.0.6 | |
|
vers:oracle/12.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.1 | |
|
vers:oracle/12.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.2 | |
|
vers:oracle/12.1.0.3
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.3:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.3 | |
|
vers:oracle/18.1.0.0
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.0 | |
|
vers:oracle/18.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.1 | |
|
vers:oracle/18.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.2 | |
|
vers:semver/12.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.1 | ||
|
vers:semver/12.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.2 | ||
|
vers:semver/12.1.0.3
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.3 | ||
|
vers:semver/18.1.0.0
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.0 | ||
|
vers:semver/18.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.1 | ||
|
vers:semver/18.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.2 |
7.5 (High)
Affected products
Known affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/22.1
Oracle / Oracle / Database Server
|
vers:unknown/22.1 | ||
|
vers:unknown/13.5.0.0
Oracle / Oracle / Enterprise Manager for Oracle Database
|
vers:unknown/13.5.0.0 | ||
|
vers:oracle/>=19.3|<=19.22
Oracle / Oracle Database Server
|
vers:oracle/>=19.3|<=19.22 | ||
|
vers:oracle/>=19.3|<=19.26
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:*:*:*:*:*:*:*
|
vers:oracle/>=19.3|<=19.26 | |
|
vers:oracle/>=21.3|<=21.13
Oracle / Oracle Database Server
|
vers:oracle/>=21.3|<=21.13 | ||
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=21.4|<=21.16
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:*:*:*:*:*:*:*
|
vers:oracle/>=21.4|<=21.16 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/13.5.0.0
Oracle / Oracle Enterprise Manager for Oracle Database
|
vers:oracle/13.5.0.0 | ||
|
vers:oracle/1.5.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*
|
vers:oracle/1.5.0 | |
|
vers:oracle/1.6.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.0:*:*:*:*:*:*:*
|
vers:oracle/1.6.0 | |
|
vers:oracle/1.6.1
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.1:*:*:*:*:*:*:*
|
vers:oracle/1.6.1 | |
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0
Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database
|
cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:*:*:*:*:*:*:*
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0 | |
|
vers:semver/19.3|<=19.26
Oracle Corporation / Oracle Database Server
|
vers:semver/19.3|<=19.26 | ||
|
vers:semver/21.3|<=21.17
Oracle Corporation / Oracle Database Server
|
vers:semver/21.3|<=21.17 | ||
|
vers:semver/23.4|<=23.7
Oracle Corporation / Oracle Database Server
|
vers:semver/23.4|<=23.7 | ||
|
vers:oracle/25.1.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:*:*:*:*:*:*:*
|
vers:oracle/25.1.0 | |
|
vers:oracle/25.2.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:*:*:*:*:*:*:*
|
vers:oracle/25.2.0 | |
|
vers:oracle/>=23.8.0|<=23.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=23.8.0|<=23.11.0 | |
|
vers:oracle/>=24.1.0|<=24.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=24.1.0|<=24.11.0 | |
|
vers:oracle/21.7.1.0.0
Oracle / Oracle Essbase / Oracle Essbase
|
cpe:2.3:a:oracle:essbase:21.7.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.7.1.0.0 | |
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle / GoldenGate
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219 | ||
|
vers:unknown/>=21.3|<=21.17
Oracle / Oracle / GoldenGate
|
vers:unknown/>=21.3|<=21.17 | ||
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10
Oracle / Oracle GoldenGate / GoldenGate Stream Analytics
|
cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10 | |
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219 | |
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18 | |
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0 | |
|
vers:oracle/>=23.4|<=23.6
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.6 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7
Oracle / Oracle GoldenGate Stream Analytics
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7 | ||
|
vers:oracle/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:oracle/23.1 | ||
|
vers:oracle/<23.1
Oracle / Big Data Spatial and Graph
|
vers:oracle/<23.1 | ||
|
vers:unknown/2.0
Oracle / Big Data Spatial and Graph
|
cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:*:*:*:*:*:*:*
|
vers:unknown/2.0 | |
|
vers:unknown/2.0
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/2.0 | ||
|
vers:unknown/20.2
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/20.2 | ||
|
vers:unknown/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/23.1
Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/none
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/none | ||
|
vers:oracle/23.4.3
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.3:*:*:*:*:*:*:*
|
vers:oracle/23.4.3 | |
|
vers:oracle/24.3.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.3.0:*:*:*:*:*:*:*
|
vers:oracle/24.3.0 | |
|
vers:oracle/23.4.4
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.4:*:*:*:*:*:*:*
|
vers:oracle/23.4.4 | |
|
vers:oracle/24.4.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.4.0:*:*:*:*:*:*:*
|
vers:oracle/24.4.0 | |
|
vers:oracle/<=22.4.7
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=22.4.7 | |
|
vers:oracle/<=23.4.2
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=23.4.2 | |
|
vers:oracle/<=24.1.0
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=24.1.0 | |
|
vers:oracle/3.0.6
Oracle / Oracle Big Data Spatial and Graph
|
cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:*:*:*:*:*:*:*
|
vers:oracle/3.0.6 | |
|
vers:oracle/12.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.1 | |
|
vers:oracle/12.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.2 | |
|
vers:oracle/12.1.0.3
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.3:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.3 | |
|
vers:oracle/18.1.0.0
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.0 | |
|
vers:oracle/18.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.1 | |
|
vers:oracle/18.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.2 | |
|
vers:semver/12.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.1 | ||
|
vers:semver/12.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.2 | ||
|
vers:semver/12.1.0.3
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.3 | ||
|
vers:semver/18.1.0.0
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.0 | ||
|
vers:semver/18.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.1 | ||
|
vers:semver/18.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.2 |
7.5 (High)
Affected products
Known affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/22.1
Oracle / Oracle / Database Server
|
vers:unknown/22.1 | ||
|
vers:unknown/13.5.0.0
Oracle / Oracle / Enterprise Manager for Oracle Database
|
vers:unknown/13.5.0.0 | ||
|
vers:oracle/>=19.3|<=19.22
Oracle / Oracle Database Server
|
vers:oracle/>=19.3|<=19.22 | ||
|
vers:oracle/>=19.3|<=19.26
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:*:*:*:*:*:*:*
|
vers:oracle/>=19.3|<=19.26 | |
|
vers:oracle/>=21.3|<=21.13
Oracle / Oracle Database Server
|
vers:oracle/>=21.3|<=21.13 | ||
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=21.4|<=21.16
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:*:*:*:*:*:*:*
|
vers:oracle/>=21.4|<=21.16 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/13.5.0.0
Oracle / Oracle Enterprise Manager for Oracle Database
|
vers:oracle/13.5.0.0 | ||
|
vers:oracle/1.5.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*
|
vers:oracle/1.5.0 | |
|
vers:oracle/1.6.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.0:*:*:*:*:*:*:*
|
vers:oracle/1.6.0 | |
|
vers:oracle/1.6.1
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.1:*:*:*:*:*:*:*
|
vers:oracle/1.6.1 | |
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0
Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database
|
cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:*:*:*:*:*:*:*
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0 | |
|
vers:semver/19.3|<=19.26
Oracle Corporation / Oracle Database Server
|
vers:semver/19.3|<=19.26 | ||
|
vers:semver/21.3|<=21.17
Oracle Corporation / Oracle Database Server
|
vers:semver/21.3|<=21.17 | ||
|
vers:semver/23.4|<=23.7
Oracle Corporation / Oracle Database Server
|
vers:semver/23.4|<=23.7 | ||
|
vers:oracle/25.1.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:*:*:*:*:*:*:*
|
vers:oracle/25.1.0 | |
|
vers:oracle/25.2.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:*:*:*:*:*:*:*
|
vers:oracle/25.2.0 | |
|
vers:oracle/>=23.8.0|<=23.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=23.8.0|<=23.11.0 | |
|
vers:oracle/>=24.1.0|<=24.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=24.1.0|<=24.11.0 | |
|
vers:oracle/21.7.1.0.0
Oracle / Oracle Essbase / Oracle Essbase
|
cpe:2.3:a:oracle:essbase:21.7.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.7.1.0.0 | |
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle / GoldenGate
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219 | ||
|
vers:unknown/>=21.3|<=21.17
Oracle / Oracle / GoldenGate
|
vers:unknown/>=21.3|<=21.17 | ||
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10
Oracle / Oracle GoldenGate / GoldenGate Stream Analytics
|
cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10 | |
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219 | |
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18 | |
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0 | |
|
vers:oracle/>=23.4|<=23.6
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.6 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7
Oracle / Oracle GoldenGate Stream Analytics
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7 | ||
|
vers:oracle/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:oracle/23.1 | ||
|
vers:oracle/<23.1
Oracle / Big Data Spatial and Graph
|
vers:oracle/<23.1 | ||
|
vers:unknown/2.0
Oracle / Big Data Spatial and Graph
|
cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:*:*:*:*:*:*:*
|
vers:unknown/2.0 | |
|
vers:unknown/2.0
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/2.0 | ||
|
vers:unknown/20.2
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/20.2 | ||
|
vers:unknown/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/23.1
Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/none
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/none | ||
|
vers:oracle/23.4.3
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.3:*:*:*:*:*:*:*
|
vers:oracle/23.4.3 | |
|
vers:oracle/24.3.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.3.0:*:*:*:*:*:*:*
|
vers:oracle/24.3.0 | |
|
vers:oracle/23.4.4
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.4:*:*:*:*:*:*:*
|
vers:oracle/23.4.4 | |
|
vers:oracle/24.4.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.4.0:*:*:*:*:*:*:*
|
vers:oracle/24.4.0 | |
|
vers:oracle/<=22.4.7
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=22.4.7 | |
|
vers:oracle/<=23.4.2
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=23.4.2 | |
|
vers:oracle/<=24.1.0
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=24.1.0 | |
|
vers:oracle/3.0.6
Oracle / Oracle Big Data Spatial and Graph
|
cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:*:*:*:*:*:*:*
|
vers:oracle/3.0.6 | |
|
vers:oracle/12.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.1 | |
|
vers:oracle/12.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.2 | |
|
vers:oracle/12.1.0.3
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.3:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.3 | |
|
vers:oracle/18.1.0.0
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.0 | |
|
vers:oracle/18.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.1 | |
|
vers:oracle/18.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.2 | |
|
vers:semver/12.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.1 | ||
|
vers:semver/12.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.2 | ||
|
vers:semver/12.1.0.3
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.3 | ||
|
vers:semver/18.1.0.0
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.0 | ||
|
vers:semver/18.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.1 | ||
|
vers:semver/18.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.2 |
7.5 (High)
Affected products
Known affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/22.1
Oracle / Oracle / Database Server
|
vers:unknown/22.1 | ||
|
vers:unknown/13.5.0.0
Oracle / Oracle / Enterprise Manager for Oracle Database
|
vers:unknown/13.5.0.0 | ||
|
vers:oracle/>=19.3|<=19.22
Oracle / Oracle Database Server
|
vers:oracle/>=19.3|<=19.22 | ||
|
vers:oracle/>=19.3|<=19.26
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:*:*:*:*:*:*:*
|
vers:oracle/>=19.3|<=19.26 | |
|
vers:oracle/>=21.3|<=21.13
Oracle / Oracle Database Server
|
vers:oracle/>=21.3|<=21.13 | ||
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=21.4|<=21.16
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:*:*:*:*:*:*:*
|
vers:oracle/>=21.4|<=21.16 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/13.5.0.0
Oracle / Oracle Enterprise Manager for Oracle Database
|
vers:oracle/13.5.0.0 | ||
|
vers:oracle/1.5.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*
|
vers:oracle/1.5.0 | |
|
vers:oracle/1.6.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.0:*:*:*:*:*:*:*
|
vers:oracle/1.6.0 | |
|
vers:oracle/1.6.1
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.1:*:*:*:*:*:*:*
|
vers:oracle/1.6.1 | |
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0
Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database
|
cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:*:*:*:*:*:*:*
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0 | |
|
vers:semver/19.3|<=19.26
Oracle Corporation / Oracle Database Server
|
vers:semver/19.3|<=19.26 | ||
|
vers:semver/21.3|<=21.17
Oracle Corporation / Oracle Database Server
|
vers:semver/21.3|<=21.17 | ||
|
vers:semver/23.4|<=23.7
Oracle Corporation / Oracle Database Server
|
vers:semver/23.4|<=23.7 | ||
|
vers:oracle/25.1.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:*:*:*:*:*:*:*
|
vers:oracle/25.1.0 | |
|
vers:oracle/25.2.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:*:*:*:*:*:*:*
|
vers:oracle/25.2.0 | |
|
vers:oracle/>=23.8.0|<=23.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=23.8.0|<=23.11.0 | |
|
vers:oracle/>=24.1.0|<=24.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=24.1.0|<=24.11.0 | |
|
vers:oracle/21.7.1.0.0
Oracle / Oracle Essbase / Oracle Essbase
|
cpe:2.3:a:oracle:essbase:21.7.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.7.1.0.0 | |
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle / GoldenGate
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219 | ||
|
vers:unknown/>=21.3|<=21.17
Oracle / Oracle / GoldenGate
|
vers:unknown/>=21.3|<=21.17 | ||
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10
Oracle / Oracle GoldenGate / GoldenGate Stream Analytics
|
cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10 | |
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219 | |
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18 | |
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0 | |
|
vers:oracle/>=23.4|<=23.6
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.6 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7
Oracle / Oracle GoldenGate Stream Analytics
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7 | ||
|
vers:oracle/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:oracle/23.1 | ||
|
vers:oracle/<23.1
Oracle / Big Data Spatial and Graph
|
vers:oracle/<23.1 | ||
|
vers:unknown/2.0
Oracle / Big Data Spatial and Graph
|
cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:*:*:*:*:*:*:*
|
vers:unknown/2.0 | |
|
vers:unknown/2.0
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/2.0 | ||
|
vers:unknown/20.2
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/20.2 | ||
|
vers:unknown/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/23.1
Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/none
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/none | ||
|
vers:oracle/23.4.3
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.3:*:*:*:*:*:*:*
|
vers:oracle/23.4.3 | |
|
vers:oracle/24.3.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.3.0:*:*:*:*:*:*:*
|
vers:oracle/24.3.0 | |
|
vers:oracle/23.4.4
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.4:*:*:*:*:*:*:*
|
vers:oracle/23.4.4 | |
|
vers:oracle/24.4.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.4.0:*:*:*:*:*:*:*
|
vers:oracle/24.4.0 | |
|
vers:oracle/<=22.4.7
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=22.4.7 | |
|
vers:oracle/<=23.4.2
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=23.4.2 | |
|
vers:oracle/<=24.1.0
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=24.1.0 | |
|
vers:oracle/3.0.6
Oracle / Oracle Big Data Spatial and Graph
|
cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:*:*:*:*:*:*:*
|
vers:oracle/3.0.6 | |
|
vers:oracle/12.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.1 | |
|
vers:oracle/12.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.2 | |
|
vers:oracle/12.1.0.3
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.3:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.3 | |
|
vers:oracle/18.1.0.0
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.0 | |
|
vers:oracle/18.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.1 | |
|
vers:oracle/18.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.2 | |
|
vers:semver/12.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.1 | ||
|
vers:semver/12.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.2 | ||
|
vers:semver/12.1.0.3
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.3 | ||
|
vers:semver/18.1.0.0
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.0 | ||
|
vers:semver/18.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.1 | ||
|
vers:semver/18.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.2 |
7.5 (High)
Affected products
Known affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/22.1
Oracle / Oracle / Database Server
|
vers:unknown/22.1 | ||
|
vers:unknown/13.5.0.0
Oracle / Oracle / Enterprise Manager for Oracle Database
|
vers:unknown/13.5.0.0 | ||
|
vers:oracle/>=19.3|<=19.22
Oracle / Oracle Database Server
|
vers:oracle/>=19.3|<=19.22 | ||
|
vers:oracle/>=19.3|<=19.26
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:*:*:*:*:*:*:*
|
vers:oracle/>=19.3|<=19.26 | |
|
vers:oracle/>=21.3|<=21.13
Oracle / Oracle Database Server
|
vers:oracle/>=21.3|<=21.13 | ||
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=21.4|<=21.16
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:*:*:*:*:*:*:*
|
vers:oracle/>=21.4|<=21.16 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/13.5.0.0
Oracle / Oracle Enterprise Manager for Oracle Database
|
vers:oracle/13.5.0.0 | ||
|
vers:oracle/1.5.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*
|
vers:oracle/1.5.0 | |
|
vers:oracle/1.6.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.0:*:*:*:*:*:*:*
|
vers:oracle/1.6.0 | |
|
vers:oracle/1.6.1
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.1:*:*:*:*:*:*:*
|
vers:oracle/1.6.1 | |
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0
Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database
|
cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:*:*:*:*:*:*:*
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0 | |
|
vers:semver/19.3|<=19.26
Oracle Corporation / Oracle Database Server
|
vers:semver/19.3|<=19.26 | ||
|
vers:semver/21.3|<=21.17
Oracle Corporation / Oracle Database Server
|
vers:semver/21.3|<=21.17 | ||
|
vers:semver/23.4|<=23.7
Oracle Corporation / Oracle Database Server
|
vers:semver/23.4|<=23.7 | ||
|
vers:oracle/25.1.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:*:*:*:*:*:*:*
|
vers:oracle/25.1.0 | |
|
vers:oracle/25.2.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:*:*:*:*:*:*:*
|
vers:oracle/25.2.0 | |
|
vers:oracle/>=23.8.0|<=23.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=23.8.0|<=23.11.0 | |
|
vers:oracle/>=24.1.0|<=24.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=24.1.0|<=24.11.0 | |
|
vers:oracle/21.7.1.0.0
Oracle / Oracle Essbase / Oracle Essbase
|
cpe:2.3:a:oracle:essbase:21.7.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.7.1.0.0 | |
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle / GoldenGate
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219 | ||
|
vers:unknown/>=21.3|<=21.17
Oracle / Oracle / GoldenGate
|
vers:unknown/>=21.3|<=21.17 | ||
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10
Oracle / Oracle GoldenGate / GoldenGate Stream Analytics
|
cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10 | |
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219 | |
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18 | |
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0 | |
|
vers:oracle/>=23.4|<=23.6
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.6 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7
Oracle / Oracle GoldenGate Stream Analytics
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7 | ||
|
vers:oracle/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:oracle/23.1 | ||
|
vers:oracle/<23.1
Oracle / Big Data Spatial and Graph
|
vers:oracle/<23.1 | ||
|
vers:unknown/2.0
Oracle / Big Data Spatial and Graph
|
cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:*:*:*:*:*:*:*
|
vers:unknown/2.0 | |
|
vers:unknown/2.0
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/2.0 | ||
|
vers:unknown/20.2
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/20.2 | ||
|
vers:unknown/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/23.1
Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/none
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/none | ||
|
vers:oracle/23.4.3
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.3:*:*:*:*:*:*:*
|
vers:oracle/23.4.3 | |
|
vers:oracle/24.3.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.3.0:*:*:*:*:*:*:*
|
vers:oracle/24.3.0 | |
|
vers:oracle/23.4.4
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.4:*:*:*:*:*:*:*
|
vers:oracle/23.4.4 | |
|
vers:oracle/24.4.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.4.0:*:*:*:*:*:*:*
|
vers:oracle/24.4.0 | |
|
vers:oracle/<=22.4.7
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=22.4.7 | |
|
vers:oracle/<=23.4.2
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=23.4.2 | |
|
vers:oracle/<=24.1.0
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=24.1.0 | |
|
vers:oracle/3.0.6
Oracle / Oracle Big Data Spatial and Graph
|
cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:*:*:*:*:*:*:*
|
vers:oracle/3.0.6 | |
|
vers:oracle/12.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.1 | |
|
vers:oracle/12.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.2 | |
|
vers:oracle/12.1.0.3
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.3:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.3 | |
|
vers:oracle/18.1.0.0
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.0 | |
|
vers:oracle/18.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.1 | |
|
vers:oracle/18.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.2 | |
|
vers:semver/12.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.1 | ||
|
vers:semver/12.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.2 | ||
|
vers:semver/12.1.0.3
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.3 | ||
|
vers:semver/18.1.0.0
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.0 | ||
|
vers:semver/18.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.1 | ||
|
vers:semver/18.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.2 |
CWE-1286
- Improper Validation of Syntactic Correctness of Input
Affected products
Known affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/22.1
Oracle / Oracle / Database Server
|
vers:unknown/22.1 | ||
|
vers:unknown/13.5.0.0
Oracle / Oracle / Enterprise Manager for Oracle Database
|
vers:unknown/13.5.0.0 | ||
|
vers:oracle/>=19.3|<=19.22
Oracle / Oracle Database Server
|
vers:oracle/>=19.3|<=19.22 | ||
|
vers:oracle/>=19.3|<=19.26
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:*:*:*:*:*:*:*
|
vers:oracle/>=19.3|<=19.26 | |
|
vers:oracle/>=21.3|<=21.13
Oracle / Oracle Database Server
|
vers:oracle/>=21.3|<=21.13 | ||
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=21.4|<=21.16
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:*:*:*:*:*:*:*
|
vers:oracle/>=21.4|<=21.16 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/13.5.0.0
Oracle / Oracle Enterprise Manager for Oracle Database
|
vers:oracle/13.5.0.0 | ||
|
vers:oracle/1.5.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*
|
vers:oracle/1.5.0 | |
|
vers:oracle/1.6.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.0:*:*:*:*:*:*:*
|
vers:oracle/1.6.0 | |
|
vers:oracle/1.6.1
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.1:*:*:*:*:*:*:*
|
vers:oracle/1.6.1 | |
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0
Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database
|
cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:*:*:*:*:*:*:*
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0 | |
|
vers:semver/19.3|<=19.26
Oracle Corporation / Oracle Database Server
|
vers:semver/19.3|<=19.26 | ||
|
vers:semver/21.3|<=21.17
Oracle Corporation / Oracle Database Server
|
vers:semver/21.3|<=21.17 | ||
|
vers:semver/23.4|<=23.7
Oracle Corporation / Oracle Database Server
|
vers:semver/23.4|<=23.7 | ||
|
vers:oracle/25.1.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:*:*:*:*:*:*:*
|
vers:oracle/25.1.0 | |
|
vers:oracle/25.2.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:*:*:*:*:*:*:*
|
vers:oracle/25.2.0 | |
|
vers:oracle/>=23.8.0|<=23.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=23.8.0|<=23.11.0 | |
|
vers:oracle/>=24.1.0|<=24.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=24.1.0|<=24.11.0 | |
|
vers:oracle/21.7.1.0.0
Oracle / Oracle Essbase / Oracle Essbase
|
cpe:2.3:a:oracle:essbase:21.7.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.7.1.0.0 | |
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle / GoldenGate
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219 | ||
|
vers:unknown/>=21.3|<=21.17
Oracle / Oracle / GoldenGate
|
vers:unknown/>=21.3|<=21.17 | ||
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10
Oracle / Oracle GoldenGate / GoldenGate Stream Analytics
|
cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10 | |
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219 | |
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18 | |
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0 | |
|
vers:oracle/>=23.4|<=23.6
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.6 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7
Oracle / Oracle GoldenGate Stream Analytics
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7 | ||
|
vers:oracle/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:oracle/23.1 | ||
|
vers:oracle/<23.1
Oracle / Big Data Spatial and Graph
|
vers:oracle/<23.1 | ||
|
vers:unknown/2.0
Oracle / Big Data Spatial and Graph
|
cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:*:*:*:*:*:*:*
|
vers:unknown/2.0 | |
|
vers:unknown/2.0
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/2.0 | ||
|
vers:unknown/20.2
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/20.2 | ||
|
vers:unknown/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/23.1
Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/none
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/none | ||
|
vers:oracle/23.4.3
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.3:*:*:*:*:*:*:*
|
vers:oracle/23.4.3 | |
|
vers:oracle/24.3.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.3.0:*:*:*:*:*:*:*
|
vers:oracle/24.3.0 | |
|
vers:oracle/23.4.4
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.4:*:*:*:*:*:*:*
|
vers:oracle/23.4.4 | |
|
vers:oracle/24.4.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.4.0:*:*:*:*:*:*:*
|
vers:oracle/24.4.0 | |
|
vers:oracle/<=22.4.7
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=22.4.7 | |
|
vers:oracle/<=23.4.2
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=23.4.2 | |
|
vers:oracle/<=24.1.0
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=24.1.0 | |
|
vers:oracle/3.0.6
Oracle / Oracle Big Data Spatial and Graph
|
cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:*:*:*:*:*:*:*
|
vers:oracle/3.0.6 | |
|
vers:oracle/12.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.1 | |
|
vers:oracle/12.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.2 | |
|
vers:oracle/12.1.0.3
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.3:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.3 | |
|
vers:oracle/18.1.0.0
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.0 | |
|
vers:oracle/18.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.1 | |
|
vers:oracle/18.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.2 | |
|
vers:semver/12.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.1 | ||
|
vers:semver/12.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.2 | ||
|
vers:semver/12.1.0.3
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.3 | ||
|
vers:semver/18.1.0.0
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.0 | ||
|
vers:semver/18.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.1 | ||
|
vers:semver/18.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.2 |
7.5 (High)
Affected products
Known affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/22.1
Oracle / Oracle / Database Server
|
vers:unknown/22.1 | ||
|
vers:unknown/13.5.0.0
Oracle / Oracle / Enterprise Manager for Oracle Database
|
vers:unknown/13.5.0.0 | ||
|
vers:oracle/>=19.3|<=19.22
Oracle / Oracle Database Server
|
vers:oracle/>=19.3|<=19.22 | ||
|
vers:oracle/>=19.3|<=19.26
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:*:*:*:*:*:*:*
|
vers:oracle/>=19.3|<=19.26 | |
|
vers:oracle/>=21.3|<=21.13
Oracle / Oracle Database Server
|
vers:oracle/>=21.3|<=21.13 | ||
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=21.4|<=21.16
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:*:*:*:*:*:*:*
|
vers:oracle/>=21.4|<=21.16 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/13.5.0.0
Oracle / Oracle Enterprise Manager for Oracle Database
|
vers:oracle/13.5.0.0 | ||
|
vers:oracle/1.5.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*
|
vers:oracle/1.5.0 | |
|
vers:oracle/1.6.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.0:*:*:*:*:*:*:*
|
vers:oracle/1.6.0 | |
|
vers:oracle/1.6.1
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.1:*:*:*:*:*:*:*
|
vers:oracle/1.6.1 | |
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0
Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database
|
cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:*:*:*:*:*:*:*
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0 | |
|
vers:semver/19.3|<=19.26
Oracle Corporation / Oracle Database Server
|
vers:semver/19.3|<=19.26 | ||
|
vers:semver/21.3|<=21.17
Oracle Corporation / Oracle Database Server
|
vers:semver/21.3|<=21.17 | ||
|
vers:semver/23.4|<=23.7
Oracle Corporation / Oracle Database Server
|
vers:semver/23.4|<=23.7 | ||
|
vers:oracle/25.1.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:*:*:*:*:*:*:*
|
vers:oracle/25.1.0 | |
|
vers:oracle/25.2.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:*:*:*:*:*:*:*
|
vers:oracle/25.2.0 | |
|
vers:oracle/>=23.8.0|<=23.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=23.8.0|<=23.11.0 | |
|
vers:oracle/>=24.1.0|<=24.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=24.1.0|<=24.11.0 | |
|
vers:oracle/21.7.1.0.0
Oracle / Oracle Essbase / Oracle Essbase
|
cpe:2.3:a:oracle:essbase:21.7.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.7.1.0.0 | |
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle / GoldenGate
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219 | ||
|
vers:unknown/>=21.3|<=21.17
Oracle / Oracle / GoldenGate
|
vers:unknown/>=21.3|<=21.17 | ||
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10
Oracle / Oracle GoldenGate / GoldenGate Stream Analytics
|
cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10 | |
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219 | |
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18 | |
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0 | |
|
vers:oracle/>=23.4|<=23.6
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.6 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7
Oracle / Oracle GoldenGate Stream Analytics
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7 | ||
|
vers:oracle/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:oracle/23.1 | ||
|
vers:oracle/<23.1
Oracle / Big Data Spatial and Graph
|
vers:oracle/<23.1 | ||
|
vers:unknown/2.0
Oracle / Big Data Spatial and Graph
|
cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:*:*:*:*:*:*:*
|
vers:unknown/2.0 | |
|
vers:unknown/2.0
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/2.0 | ||
|
vers:unknown/20.2
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/20.2 | ||
|
vers:unknown/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/23.1
Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/none
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/none | ||
|
vers:oracle/23.4.3
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.3:*:*:*:*:*:*:*
|
vers:oracle/23.4.3 | |
|
vers:oracle/24.3.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.3.0:*:*:*:*:*:*:*
|
vers:oracle/24.3.0 | |
|
vers:oracle/23.4.4
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.4:*:*:*:*:*:*:*
|
vers:oracle/23.4.4 | |
|
vers:oracle/24.4.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.4.0:*:*:*:*:*:*:*
|
vers:oracle/24.4.0 | |
|
vers:oracle/<=22.4.7
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=22.4.7 | |
|
vers:oracle/<=23.4.2
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=23.4.2 | |
|
vers:oracle/<=24.1.0
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=24.1.0 | |
|
vers:oracle/3.0.6
Oracle / Oracle Big Data Spatial and Graph
|
cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:*:*:*:*:*:*:*
|
vers:oracle/3.0.6 | |
|
vers:oracle/12.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.1 | |
|
vers:oracle/12.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.2 | |
|
vers:oracle/12.1.0.3
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.3:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.3 | |
|
vers:oracle/18.1.0.0
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.0 | |
|
vers:oracle/18.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.1 | |
|
vers:oracle/18.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.2 | |
|
vers:semver/12.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.1 | ||
|
vers:semver/12.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.2 | ||
|
vers:semver/12.1.0.3
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.3 | ||
|
vers:semver/18.1.0.0
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.0 | ||
|
vers:semver/18.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.1 | ||
|
vers:semver/18.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.2 |
6.5 (Medium)
Affected products
Known affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/22.1
Oracle / Oracle / Database Server
|
vers:unknown/22.1 | ||
|
vers:unknown/13.5.0.0
Oracle / Oracle / Enterprise Manager for Oracle Database
|
vers:unknown/13.5.0.0 | ||
|
vers:oracle/>=19.3|<=19.22
Oracle / Oracle Database Server
|
vers:oracle/>=19.3|<=19.22 | ||
|
vers:oracle/>=19.3|<=19.26
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:*:*:*:*:*:*:*
|
vers:oracle/>=19.3|<=19.26 | |
|
vers:oracle/>=21.3|<=21.13
Oracle / Oracle Database Server
|
vers:oracle/>=21.3|<=21.13 | ||
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=21.4|<=21.16
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:*:*:*:*:*:*:*
|
vers:oracle/>=21.4|<=21.16 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/13.5.0.0
Oracle / Oracle Enterprise Manager for Oracle Database
|
vers:oracle/13.5.0.0 | ||
|
vers:oracle/1.5.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*
|
vers:oracle/1.5.0 | |
|
vers:oracle/1.6.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.0:*:*:*:*:*:*:*
|
vers:oracle/1.6.0 | |
|
vers:oracle/1.6.1
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.1:*:*:*:*:*:*:*
|
vers:oracle/1.6.1 | |
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0
Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database
|
cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:*:*:*:*:*:*:*
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0 | |
|
vers:semver/19.3|<=19.26
Oracle Corporation / Oracle Database Server
|
vers:semver/19.3|<=19.26 | ||
|
vers:semver/21.3|<=21.17
Oracle Corporation / Oracle Database Server
|
vers:semver/21.3|<=21.17 | ||
|
vers:semver/23.4|<=23.7
Oracle Corporation / Oracle Database Server
|
vers:semver/23.4|<=23.7 | ||
|
vers:oracle/25.1.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:*:*:*:*:*:*:*
|
vers:oracle/25.1.0 | |
|
vers:oracle/25.2.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:*:*:*:*:*:*:*
|
vers:oracle/25.2.0 | |
|
vers:oracle/>=23.8.0|<=23.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=23.8.0|<=23.11.0 | |
|
vers:oracle/>=24.1.0|<=24.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=24.1.0|<=24.11.0 | |
|
vers:oracle/21.7.1.0.0
Oracle / Oracle Essbase / Oracle Essbase
|
cpe:2.3:a:oracle:essbase:21.7.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.7.1.0.0 | |
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle / GoldenGate
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219 | ||
|
vers:unknown/>=21.3|<=21.17
Oracle / Oracle / GoldenGate
|
vers:unknown/>=21.3|<=21.17 | ||
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10
Oracle / Oracle GoldenGate / GoldenGate Stream Analytics
|
cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10 | |
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219 | |
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18 | |
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0 | |
|
vers:oracle/>=23.4|<=23.6
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.6 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7
Oracle / Oracle GoldenGate Stream Analytics
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7 | ||
|
vers:oracle/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:oracle/23.1 | ||
|
vers:oracle/<23.1
Oracle / Big Data Spatial and Graph
|
vers:oracle/<23.1 | ||
|
vers:unknown/2.0
Oracle / Big Data Spatial and Graph
|
cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:*:*:*:*:*:*:*
|
vers:unknown/2.0 | |
|
vers:unknown/2.0
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/2.0 | ||
|
vers:unknown/20.2
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/20.2 | ||
|
vers:unknown/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/23.1
Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/none
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/none | ||
|
vers:oracle/23.4.3
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.3:*:*:*:*:*:*:*
|
vers:oracle/23.4.3 | |
|
vers:oracle/24.3.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.3.0:*:*:*:*:*:*:*
|
vers:oracle/24.3.0 | |
|
vers:oracle/23.4.4
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.4:*:*:*:*:*:*:*
|
vers:oracle/23.4.4 | |
|
vers:oracle/24.4.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.4.0:*:*:*:*:*:*:*
|
vers:oracle/24.4.0 | |
|
vers:oracle/<=22.4.7
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=22.4.7 | |
|
vers:oracle/<=23.4.2
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=23.4.2 | |
|
vers:oracle/<=24.1.0
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=24.1.0 | |
|
vers:oracle/3.0.6
Oracle / Oracle Big Data Spatial and Graph
|
cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:*:*:*:*:*:*:*
|
vers:oracle/3.0.6 | |
|
vers:oracle/12.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.1 | |
|
vers:oracle/12.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.2 | |
|
vers:oracle/12.1.0.3
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.3:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.3 | |
|
vers:oracle/18.1.0.0
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.0 | |
|
vers:oracle/18.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.1 | |
|
vers:oracle/18.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.2 | |
|
vers:semver/12.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.1 | ||
|
vers:semver/12.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.2 | ||
|
vers:semver/12.1.0.3
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.3 | ||
|
vers:semver/18.1.0.0
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.0 | ||
|
vers:semver/18.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.1 | ||
|
vers:semver/18.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.2 |
CWE-787
- Out-of-bounds Write
Affected products
Known affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/22.1
Oracle / Oracle / Database Server
|
vers:unknown/22.1 | ||
|
vers:unknown/13.5.0.0
Oracle / Oracle / Enterprise Manager for Oracle Database
|
vers:unknown/13.5.0.0 | ||
|
vers:oracle/>=19.3|<=19.22
Oracle / Oracle Database Server
|
vers:oracle/>=19.3|<=19.22 | ||
|
vers:oracle/>=19.3|<=19.26
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:*:*:*:*:*:*:*
|
vers:oracle/>=19.3|<=19.26 | |
|
vers:oracle/>=21.3|<=21.13
Oracle / Oracle Database Server
|
vers:oracle/>=21.3|<=21.13 | ||
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=21.4|<=21.16
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:*:*:*:*:*:*:*
|
vers:oracle/>=21.4|<=21.16 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/13.5.0.0
Oracle / Oracle Enterprise Manager for Oracle Database
|
vers:oracle/13.5.0.0 | ||
|
vers:oracle/1.5.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*
|
vers:oracle/1.5.0 | |
|
vers:oracle/1.6.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.0:*:*:*:*:*:*:*
|
vers:oracle/1.6.0 | |
|
vers:oracle/1.6.1
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.1:*:*:*:*:*:*:*
|
vers:oracle/1.6.1 | |
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0
Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database
|
cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:*:*:*:*:*:*:*
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0 | |
|
vers:semver/19.3|<=19.26
Oracle Corporation / Oracle Database Server
|
vers:semver/19.3|<=19.26 | ||
|
vers:semver/21.3|<=21.17
Oracle Corporation / Oracle Database Server
|
vers:semver/21.3|<=21.17 | ||
|
vers:semver/23.4|<=23.7
Oracle Corporation / Oracle Database Server
|
vers:semver/23.4|<=23.7 | ||
|
vers:oracle/25.1.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:*:*:*:*:*:*:*
|
vers:oracle/25.1.0 | |
|
vers:oracle/25.2.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:*:*:*:*:*:*:*
|
vers:oracle/25.2.0 | |
|
vers:oracle/>=23.8.0|<=23.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=23.8.0|<=23.11.0 | |
|
vers:oracle/>=24.1.0|<=24.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=24.1.0|<=24.11.0 | |
|
vers:oracle/21.7.1.0.0
Oracle / Oracle Essbase / Oracle Essbase
|
cpe:2.3:a:oracle:essbase:21.7.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.7.1.0.0 | |
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle / GoldenGate
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219 | ||
|
vers:unknown/>=21.3|<=21.17
Oracle / Oracle / GoldenGate
|
vers:unknown/>=21.3|<=21.17 | ||
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10
Oracle / Oracle GoldenGate / GoldenGate Stream Analytics
|
cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10 | |
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219 | |
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18 | |
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0 | |
|
vers:oracle/>=23.4|<=23.6
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.6 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7
Oracle / Oracle GoldenGate Stream Analytics
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7 | ||
|
vers:oracle/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:oracle/23.1 | ||
|
vers:oracle/<23.1
Oracle / Big Data Spatial and Graph
|
vers:oracle/<23.1 | ||
|
vers:unknown/2.0
Oracle / Big Data Spatial and Graph
|
cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:*:*:*:*:*:*:*
|
vers:unknown/2.0 | |
|
vers:unknown/2.0
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/2.0 | ||
|
vers:unknown/20.2
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/20.2 | ||
|
vers:unknown/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/23.1
Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/none
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/none | ||
|
vers:oracle/23.4.3
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.3:*:*:*:*:*:*:*
|
vers:oracle/23.4.3 | |
|
vers:oracle/24.3.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.3.0:*:*:*:*:*:*:*
|
vers:oracle/24.3.0 | |
|
vers:oracle/23.4.4
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.4:*:*:*:*:*:*:*
|
vers:oracle/23.4.4 | |
|
vers:oracle/24.4.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.4.0:*:*:*:*:*:*:*
|
vers:oracle/24.4.0 | |
|
vers:oracle/<=22.4.7
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=22.4.7 | |
|
vers:oracle/<=23.4.2
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=23.4.2 | |
|
vers:oracle/<=24.1.0
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=24.1.0 | |
|
vers:oracle/3.0.6
Oracle / Oracle Big Data Spatial and Graph
|
cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:*:*:*:*:*:*:*
|
vers:oracle/3.0.6 | |
|
vers:oracle/12.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.1 | |
|
vers:oracle/12.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.2 | |
|
vers:oracle/12.1.0.3
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.3:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.3 | |
|
vers:oracle/18.1.0.0
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.0 | |
|
vers:oracle/18.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.1 | |
|
vers:oracle/18.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.2 | |
|
vers:semver/12.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.1 | ||
|
vers:semver/12.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.2 | ||
|
vers:semver/12.1.0.3
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.3 | ||
|
vers:semver/18.1.0.0
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.0 | ||
|
vers:semver/18.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.1 | ||
|
vers:semver/18.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.2 |
9.1 (Critical)
Affected products
Known affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/22.1
Oracle / Oracle / Database Server
|
vers:unknown/22.1 | ||
|
vers:unknown/13.5.0.0
Oracle / Oracle / Enterprise Manager for Oracle Database
|
vers:unknown/13.5.0.0 | ||
|
vers:oracle/>=19.3|<=19.22
Oracle / Oracle Database Server
|
vers:oracle/>=19.3|<=19.22 | ||
|
vers:oracle/>=19.3|<=19.26
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:*:*:*:*:*:*:*
|
vers:oracle/>=19.3|<=19.26 | |
|
vers:oracle/>=21.3|<=21.13
Oracle / Oracle Database Server
|
vers:oracle/>=21.3|<=21.13 | ||
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=21.4|<=21.16
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:*:*:*:*:*:*:*
|
vers:oracle/>=21.4|<=21.16 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/13.5.0.0
Oracle / Oracle Enterprise Manager for Oracle Database
|
vers:oracle/13.5.0.0 | ||
|
vers:oracle/1.5.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*
|
vers:oracle/1.5.0 | |
|
vers:oracle/1.6.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.0:*:*:*:*:*:*:*
|
vers:oracle/1.6.0 | |
|
vers:oracle/1.6.1
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.1:*:*:*:*:*:*:*
|
vers:oracle/1.6.1 | |
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0
Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database
|
cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:*:*:*:*:*:*:*
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0 | |
|
vers:semver/19.3|<=19.26
Oracle Corporation / Oracle Database Server
|
vers:semver/19.3|<=19.26 | ||
|
vers:semver/21.3|<=21.17
Oracle Corporation / Oracle Database Server
|
vers:semver/21.3|<=21.17 | ||
|
vers:semver/23.4|<=23.7
Oracle Corporation / Oracle Database Server
|
vers:semver/23.4|<=23.7 | ||
|
vers:oracle/25.1.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:*:*:*:*:*:*:*
|
vers:oracle/25.1.0 | |
|
vers:oracle/25.2.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:*:*:*:*:*:*:*
|
vers:oracle/25.2.0 | |
|
vers:oracle/>=23.8.0|<=23.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=23.8.0|<=23.11.0 | |
|
vers:oracle/>=24.1.0|<=24.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=24.1.0|<=24.11.0 | |
|
vers:oracle/21.7.1.0.0
Oracle / Oracle Essbase / Oracle Essbase
|
cpe:2.3:a:oracle:essbase:21.7.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.7.1.0.0 | |
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle / GoldenGate
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219 | ||
|
vers:unknown/>=21.3|<=21.17
Oracle / Oracle / GoldenGate
|
vers:unknown/>=21.3|<=21.17 | ||
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10
Oracle / Oracle GoldenGate / GoldenGate Stream Analytics
|
cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10 | |
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219 | |
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18 | |
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0 | |
|
vers:oracle/>=23.4|<=23.6
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.6 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7
Oracle / Oracle GoldenGate Stream Analytics
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7 | ||
|
vers:oracle/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:oracle/23.1 | ||
|
vers:oracle/<23.1
Oracle / Big Data Spatial and Graph
|
vers:oracle/<23.1 | ||
|
vers:unknown/2.0
Oracle / Big Data Spatial and Graph
|
cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:*:*:*:*:*:*:*
|
vers:unknown/2.0 | |
|
vers:unknown/2.0
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/2.0 | ||
|
vers:unknown/20.2
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/20.2 | ||
|
vers:unknown/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/23.1
Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/none
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/none | ||
|
vers:oracle/23.4.3
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.3:*:*:*:*:*:*:*
|
vers:oracle/23.4.3 | |
|
vers:oracle/24.3.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.3.0:*:*:*:*:*:*:*
|
vers:oracle/24.3.0 | |
|
vers:oracle/23.4.4
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.4:*:*:*:*:*:*:*
|
vers:oracle/23.4.4 | |
|
vers:oracle/24.4.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.4.0:*:*:*:*:*:*:*
|
vers:oracle/24.4.0 | |
|
vers:oracle/<=22.4.7
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=22.4.7 | |
|
vers:oracle/<=23.4.2
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=23.4.2 | |
|
vers:oracle/<=24.1.0
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=24.1.0 | |
|
vers:oracle/3.0.6
Oracle / Oracle Big Data Spatial and Graph
|
cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:*:*:*:*:*:*:*
|
vers:oracle/3.0.6 | |
|
vers:oracle/12.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.1 | |
|
vers:oracle/12.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.2 | |
|
vers:oracle/12.1.0.3
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.3:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.3 | |
|
vers:oracle/18.1.0.0
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.0 | |
|
vers:oracle/18.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.1 | |
|
vers:oracle/18.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.2 | |
|
vers:semver/12.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.1 | ||
|
vers:semver/12.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.2 | ||
|
vers:semver/12.1.0.3
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.3 | ||
|
vers:semver/18.1.0.0
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.0 | ||
|
vers:semver/18.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.1 | ||
|
vers:semver/18.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.2 |
8.2 (High)
Affected products
Known affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/22.1
Oracle / Oracle / Database Server
|
vers:unknown/22.1 | ||
|
vers:unknown/13.5.0.0
Oracle / Oracle / Enterprise Manager for Oracle Database
|
vers:unknown/13.5.0.0 | ||
|
vers:oracle/>=19.3|<=19.22
Oracle / Oracle Database Server
|
vers:oracle/>=19.3|<=19.22 | ||
|
vers:oracle/>=19.3|<=19.26
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:*:*:*:*:*:*:*
|
vers:oracle/>=19.3|<=19.26 | |
|
vers:oracle/>=21.3|<=21.13
Oracle / Oracle Database Server
|
vers:oracle/>=21.3|<=21.13 | ||
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=21.4|<=21.16
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:*:*:*:*:*:*:*
|
vers:oracle/>=21.4|<=21.16 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/13.5.0.0
Oracle / Oracle Enterprise Manager for Oracle Database
|
vers:oracle/13.5.0.0 | ||
|
vers:oracle/1.5.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*
|
vers:oracle/1.5.0 | |
|
vers:oracle/1.6.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.0:*:*:*:*:*:*:*
|
vers:oracle/1.6.0 | |
|
vers:oracle/1.6.1
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.1:*:*:*:*:*:*:*
|
vers:oracle/1.6.1 | |
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0
Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database
|
cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:*:*:*:*:*:*:*
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0 | |
|
vers:semver/19.3|<=19.26
Oracle Corporation / Oracle Database Server
|
vers:semver/19.3|<=19.26 | ||
|
vers:semver/21.3|<=21.17
Oracle Corporation / Oracle Database Server
|
vers:semver/21.3|<=21.17 | ||
|
vers:semver/23.4|<=23.7
Oracle Corporation / Oracle Database Server
|
vers:semver/23.4|<=23.7 | ||
|
vers:oracle/25.1.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:*:*:*:*:*:*:*
|
vers:oracle/25.1.0 | |
|
vers:oracle/25.2.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:*:*:*:*:*:*:*
|
vers:oracle/25.2.0 | |
|
vers:oracle/>=23.8.0|<=23.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=23.8.0|<=23.11.0 | |
|
vers:oracle/>=24.1.0|<=24.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=24.1.0|<=24.11.0 | |
|
vers:oracle/21.7.1.0.0
Oracle / Oracle Essbase / Oracle Essbase
|
cpe:2.3:a:oracle:essbase:21.7.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.7.1.0.0 | |
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle / GoldenGate
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219 | ||
|
vers:unknown/>=21.3|<=21.17
Oracle / Oracle / GoldenGate
|
vers:unknown/>=21.3|<=21.17 | ||
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10
Oracle / Oracle GoldenGate / GoldenGate Stream Analytics
|
cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10 | |
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219 | |
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18 | |
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0 | |
|
vers:oracle/>=23.4|<=23.6
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.6 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7
Oracle / Oracle GoldenGate Stream Analytics
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7 | ||
|
vers:oracle/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:oracle/23.1 | ||
|
vers:oracle/<23.1
Oracle / Big Data Spatial and Graph
|
vers:oracle/<23.1 | ||
|
vers:unknown/2.0
Oracle / Big Data Spatial and Graph
|
cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:*:*:*:*:*:*:*
|
vers:unknown/2.0 | |
|
vers:unknown/2.0
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/2.0 | ||
|
vers:unknown/20.2
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/20.2 | ||
|
vers:unknown/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/23.1
Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/none
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/none | ||
|
vers:oracle/23.4.3
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.3:*:*:*:*:*:*:*
|
vers:oracle/23.4.3 | |
|
vers:oracle/24.3.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.3.0:*:*:*:*:*:*:*
|
vers:oracle/24.3.0 | |
|
vers:oracle/23.4.4
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.4:*:*:*:*:*:*:*
|
vers:oracle/23.4.4 | |
|
vers:oracle/24.4.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.4.0:*:*:*:*:*:*:*
|
vers:oracle/24.4.0 | |
|
vers:oracle/<=22.4.7
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=22.4.7 | |
|
vers:oracle/<=23.4.2
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=23.4.2 | |
|
vers:oracle/<=24.1.0
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=24.1.0 | |
|
vers:oracle/3.0.6
Oracle / Oracle Big Data Spatial and Graph
|
cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:*:*:*:*:*:*:*
|
vers:oracle/3.0.6 | |
|
vers:oracle/12.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.1 | |
|
vers:oracle/12.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.2 | |
|
vers:oracle/12.1.0.3
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.3:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.3 | |
|
vers:oracle/18.1.0.0
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.0 | |
|
vers:oracle/18.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.1 | |
|
vers:oracle/18.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.2 | |
|
vers:semver/12.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.1 | ||
|
vers:semver/12.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.2 | ||
|
vers:semver/12.1.0.3
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.3 | ||
|
vers:semver/18.1.0.0
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.0 | ||
|
vers:semver/18.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.1 | ||
|
vers:semver/18.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.2 |
7.2 (High)
Affected products
Known affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/22.1
Oracle / Oracle / Database Server
|
vers:unknown/22.1 | ||
|
vers:unknown/13.5.0.0
Oracle / Oracle / Enterprise Manager for Oracle Database
|
vers:unknown/13.5.0.0 | ||
|
vers:oracle/>=19.3|<=19.22
Oracle / Oracle Database Server
|
vers:oracle/>=19.3|<=19.22 | ||
|
vers:oracle/>=19.3|<=19.26
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:*:*:*:*:*:*:*
|
vers:oracle/>=19.3|<=19.26 | |
|
vers:oracle/>=21.3|<=21.13
Oracle / Oracle Database Server
|
vers:oracle/>=21.3|<=21.13 | ||
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=21.4|<=21.16
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:*:*:*:*:*:*:*
|
vers:oracle/>=21.4|<=21.16 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/13.5.0.0
Oracle / Oracle Enterprise Manager for Oracle Database
|
vers:oracle/13.5.0.0 | ||
|
vers:oracle/1.5.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*
|
vers:oracle/1.5.0 | |
|
vers:oracle/1.6.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.0:*:*:*:*:*:*:*
|
vers:oracle/1.6.0 | |
|
vers:oracle/1.6.1
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.1:*:*:*:*:*:*:*
|
vers:oracle/1.6.1 | |
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0
Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database
|
cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:*:*:*:*:*:*:*
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0 | |
|
vers:semver/19.3|<=19.26
Oracle Corporation / Oracle Database Server
|
vers:semver/19.3|<=19.26 | ||
|
vers:semver/21.3|<=21.17
Oracle Corporation / Oracle Database Server
|
vers:semver/21.3|<=21.17 | ||
|
vers:semver/23.4|<=23.7
Oracle Corporation / Oracle Database Server
|
vers:semver/23.4|<=23.7 | ||
|
vers:oracle/25.1.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:*:*:*:*:*:*:*
|
vers:oracle/25.1.0 | |
|
vers:oracle/25.2.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:*:*:*:*:*:*:*
|
vers:oracle/25.2.0 | |
|
vers:oracle/>=23.8.0|<=23.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=23.8.0|<=23.11.0 | |
|
vers:oracle/>=24.1.0|<=24.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=24.1.0|<=24.11.0 | |
|
vers:oracle/21.7.1.0.0
Oracle / Oracle Essbase / Oracle Essbase
|
cpe:2.3:a:oracle:essbase:21.7.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.7.1.0.0 | |
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle / GoldenGate
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219 | ||
|
vers:unknown/>=21.3|<=21.17
Oracle / Oracle / GoldenGate
|
vers:unknown/>=21.3|<=21.17 | ||
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10
Oracle / Oracle GoldenGate / GoldenGate Stream Analytics
|
cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10 | |
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219 | |
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18 | |
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0 | |
|
vers:oracle/>=23.4|<=23.6
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.6 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7
Oracle / Oracle GoldenGate Stream Analytics
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7 | ||
|
vers:oracle/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:oracle/23.1 | ||
|
vers:oracle/<23.1
Oracle / Big Data Spatial and Graph
|
vers:oracle/<23.1 | ||
|
vers:unknown/2.0
Oracle / Big Data Spatial and Graph
|
cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:*:*:*:*:*:*:*
|
vers:unknown/2.0 | |
|
vers:unknown/2.0
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/2.0 | ||
|
vers:unknown/20.2
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/20.2 | ||
|
vers:unknown/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/23.1
Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/none
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/none | ||
|
vers:oracle/23.4.3
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.3:*:*:*:*:*:*:*
|
vers:oracle/23.4.3 | |
|
vers:oracle/24.3.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.3.0:*:*:*:*:*:*:*
|
vers:oracle/24.3.0 | |
|
vers:oracle/23.4.4
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.4:*:*:*:*:*:*:*
|
vers:oracle/23.4.4 | |
|
vers:oracle/24.4.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.4.0:*:*:*:*:*:*:*
|
vers:oracle/24.4.0 | |
|
vers:oracle/<=22.4.7
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=22.4.7 | |
|
vers:oracle/<=23.4.2
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=23.4.2 | |
|
vers:oracle/<=24.1.0
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=24.1.0 | |
|
vers:oracle/3.0.6
Oracle / Oracle Big Data Spatial and Graph
|
cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:*:*:*:*:*:*:*
|
vers:oracle/3.0.6 | |
|
vers:oracle/12.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.1 | |
|
vers:oracle/12.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.2 | |
|
vers:oracle/12.1.0.3
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.3:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.3 | |
|
vers:oracle/18.1.0.0
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.0 | |
|
vers:oracle/18.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.1 | |
|
vers:oracle/18.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.2 | |
|
vers:semver/12.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.1 | ||
|
vers:semver/12.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.2 | ||
|
vers:semver/12.1.0.3
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.3 | ||
|
vers:semver/18.1.0.0
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.0 | ||
|
vers:semver/18.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.1 | ||
|
vers:semver/18.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.2 |
9.8 (Critical)
Affected products
Known affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/22.1
Oracle / Oracle / Database Server
|
vers:unknown/22.1 | ||
|
vers:unknown/13.5.0.0
Oracle / Oracle / Enterprise Manager for Oracle Database
|
vers:unknown/13.5.0.0 | ||
|
vers:oracle/>=19.3|<=19.22
Oracle / Oracle Database Server
|
vers:oracle/>=19.3|<=19.22 | ||
|
vers:oracle/>=19.3|<=19.26
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:*:*:*:*:*:*:*
|
vers:oracle/>=19.3|<=19.26 | |
|
vers:oracle/>=21.3|<=21.13
Oracle / Oracle Database Server
|
vers:oracle/>=21.3|<=21.13 | ||
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=21.4|<=21.16
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:*:*:*:*:*:*:*
|
vers:oracle/>=21.4|<=21.16 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/13.5.0.0
Oracle / Oracle Enterprise Manager for Oracle Database
|
vers:oracle/13.5.0.0 | ||
|
vers:oracle/1.5.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*
|
vers:oracle/1.5.0 | |
|
vers:oracle/1.6.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.0:*:*:*:*:*:*:*
|
vers:oracle/1.6.0 | |
|
vers:oracle/1.6.1
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.1:*:*:*:*:*:*:*
|
vers:oracle/1.6.1 | |
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0
Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database
|
cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:*:*:*:*:*:*:*
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0 | |
|
vers:semver/19.3|<=19.26
Oracle Corporation / Oracle Database Server
|
vers:semver/19.3|<=19.26 | ||
|
vers:semver/21.3|<=21.17
Oracle Corporation / Oracle Database Server
|
vers:semver/21.3|<=21.17 | ||
|
vers:semver/23.4|<=23.7
Oracle Corporation / Oracle Database Server
|
vers:semver/23.4|<=23.7 | ||
|
vers:oracle/25.1.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:*:*:*:*:*:*:*
|
vers:oracle/25.1.0 | |
|
vers:oracle/25.2.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:*:*:*:*:*:*:*
|
vers:oracle/25.2.0 | |
|
vers:oracle/>=23.8.0|<=23.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=23.8.0|<=23.11.0 | |
|
vers:oracle/>=24.1.0|<=24.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=24.1.0|<=24.11.0 | |
|
vers:oracle/21.7.1.0.0
Oracle / Oracle Essbase / Oracle Essbase
|
cpe:2.3:a:oracle:essbase:21.7.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.7.1.0.0 | |
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle / GoldenGate
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219 | ||
|
vers:unknown/>=21.3|<=21.17
Oracle / Oracle / GoldenGate
|
vers:unknown/>=21.3|<=21.17 | ||
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10
Oracle / Oracle GoldenGate / GoldenGate Stream Analytics
|
cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10 | |
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219 | |
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18 | |
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0 | |
|
vers:oracle/>=23.4|<=23.6
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.6 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7
Oracle / Oracle GoldenGate Stream Analytics
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7 | ||
|
vers:oracle/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:oracle/23.1 | ||
|
vers:oracle/<23.1
Oracle / Big Data Spatial and Graph
|
vers:oracle/<23.1 | ||
|
vers:unknown/2.0
Oracle / Big Data Spatial and Graph
|
cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:*:*:*:*:*:*:*
|
vers:unknown/2.0 | |
|
vers:unknown/2.0
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/2.0 | ||
|
vers:unknown/20.2
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/20.2 | ||
|
vers:unknown/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/23.1
Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/none
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/none | ||
|
vers:oracle/23.4.3
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.3:*:*:*:*:*:*:*
|
vers:oracle/23.4.3 | |
|
vers:oracle/24.3.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.3.0:*:*:*:*:*:*:*
|
vers:oracle/24.3.0 | |
|
vers:oracle/23.4.4
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.4:*:*:*:*:*:*:*
|
vers:oracle/23.4.4 | |
|
vers:oracle/24.4.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.4.0:*:*:*:*:*:*:*
|
vers:oracle/24.4.0 | |
|
vers:oracle/<=22.4.7
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=22.4.7 | |
|
vers:oracle/<=23.4.2
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=23.4.2 | |
|
vers:oracle/<=24.1.0
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=24.1.0 | |
|
vers:oracle/3.0.6
Oracle / Oracle Big Data Spatial and Graph
|
cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:*:*:*:*:*:*:*
|
vers:oracle/3.0.6 | |
|
vers:oracle/12.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.1 | |
|
vers:oracle/12.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.2 | |
|
vers:oracle/12.1.0.3
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.3:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.3 | |
|
vers:oracle/18.1.0.0
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.0 | |
|
vers:oracle/18.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.1 | |
|
vers:oracle/18.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.2 | |
|
vers:semver/12.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.1 | ||
|
vers:semver/12.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.2 | ||
|
vers:semver/12.1.0.3
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.3 | ||
|
vers:semver/18.1.0.0
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.0 | ||
|
vers:semver/18.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.1 | ||
|
vers:semver/18.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.2 |
5.9 (Medium)
Affected products
Known affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/22.1
Oracle / Oracle / Database Server
|
vers:unknown/22.1 | ||
|
vers:unknown/13.5.0.0
Oracle / Oracle / Enterprise Manager for Oracle Database
|
vers:unknown/13.5.0.0 | ||
|
vers:oracle/>=19.3|<=19.22
Oracle / Oracle Database Server
|
vers:oracle/>=19.3|<=19.22 | ||
|
vers:oracle/>=19.3|<=19.26
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:*:*:*:*:*:*:*
|
vers:oracle/>=19.3|<=19.26 | |
|
vers:oracle/>=21.3|<=21.13
Oracle / Oracle Database Server
|
vers:oracle/>=21.3|<=21.13 | ||
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=21.4|<=21.16
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:*:*:*:*:*:*:*
|
vers:oracle/>=21.4|<=21.16 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/13.5.0.0
Oracle / Oracle Enterprise Manager for Oracle Database
|
vers:oracle/13.5.0.0 | ||
|
vers:oracle/1.5.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*
|
vers:oracle/1.5.0 | |
|
vers:oracle/1.6.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.0:*:*:*:*:*:*:*
|
vers:oracle/1.6.0 | |
|
vers:oracle/1.6.1
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.1:*:*:*:*:*:*:*
|
vers:oracle/1.6.1 | |
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0
Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database
|
cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:*:*:*:*:*:*:*
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0 | |
|
vers:semver/19.3|<=19.26
Oracle Corporation / Oracle Database Server
|
vers:semver/19.3|<=19.26 | ||
|
vers:semver/21.3|<=21.17
Oracle Corporation / Oracle Database Server
|
vers:semver/21.3|<=21.17 | ||
|
vers:semver/23.4|<=23.7
Oracle Corporation / Oracle Database Server
|
vers:semver/23.4|<=23.7 | ||
|
vers:oracle/25.1.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:*:*:*:*:*:*:*
|
vers:oracle/25.1.0 | |
|
vers:oracle/25.2.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:*:*:*:*:*:*:*
|
vers:oracle/25.2.0 | |
|
vers:oracle/>=23.8.0|<=23.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=23.8.0|<=23.11.0 | |
|
vers:oracle/>=24.1.0|<=24.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=24.1.0|<=24.11.0 | |
|
vers:oracle/21.7.1.0.0
Oracle / Oracle Essbase / Oracle Essbase
|
cpe:2.3:a:oracle:essbase:21.7.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.7.1.0.0 | |
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle / GoldenGate
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219 | ||
|
vers:unknown/>=21.3|<=21.17
Oracle / Oracle / GoldenGate
|
vers:unknown/>=21.3|<=21.17 | ||
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10
Oracle / Oracle GoldenGate / GoldenGate Stream Analytics
|
cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10 | |
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219 | |
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18 | |
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0 | |
|
vers:oracle/>=23.4|<=23.6
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.6 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7
Oracle / Oracle GoldenGate Stream Analytics
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7 | ||
|
vers:oracle/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:oracle/23.1 | ||
|
vers:oracle/<23.1
Oracle / Big Data Spatial and Graph
|
vers:oracle/<23.1 | ||
|
vers:unknown/2.0
Oracle / Big Data Spatial and Graph
|
cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:*:*:*:*:*:*:*
|
vers:unknown/2.0 | |
|
vers:unknown/2.0
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/2.0 | ||
|
vers:unknown/20.2
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/20.2 | ||
|
vers:unknown/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/23.1
Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/none
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/none | ||
|
vers:oracle/23.4.3
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.3:*:*:*:*:*:*:*
|
vers:oracle/23.4.3 | |
|
vers:oracle/24.3.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.3.0:*:*:*:*:*:*:*
|
vers:oracle/24.3.0 | |
|
vers:oracle/23.4.4
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.4:*:*:*:*:*:*:*
|
vers:oracle/23.4.4 | |
|
vers:oracle/24.4.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.4.0:*:*:*:*:*:*:*
|
vers:oracle/24.4.0 | |
|
vers:oracle/<=22.4.7
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=22.4.7 | |
|
vers:oracle/<=23.4.2
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=23.4.2 | |
|
vers:oracle/<=24.1.0
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=24.1.0 | |
|
vers:oracle/3.0.6
Oracle / Oracle Big Data Spatial and Graph
|
cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:*:*:*:*:*:*:*
|
vers:oracle/3.0.6 | |
|
vers:oracle/12.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.1 | |
|
vers:oracle/12.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.2 | |
|
vers:oracle/12.1.0.3
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.3:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.3 | |
|
vers:oracle/18.1.0.0
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.0 | |
|
vers:oracle/18.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.1 | |
|
vers:oracle/18.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.2 | |
|
vers:semver/12.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.1 | ||
|
vers:semver/12.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.2 | ||
|
vers:semver/12.1.0.3
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.3 | ||
|
vers:semver/18.1.0.0
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.0 | ||
|
vers:semver/18.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.1 | ||
|
vers:semver/18.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.2 |
7.5 (High)
Affected products
Known affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/22.1
Oracle / Oracle / Database Server
|
vers:unknown/22.1 | ||
|
vers:unknown/13.5.0.0
Oracle / Oracle / Enterprise Manager for Oracle Database
|
vers:unknown/13.5.0.0 | ||
|
vers:oracle/>=19.3|<=19.22
Oracle / Oracle Database Server
|
vers:oracle/>=19.3|<=19.22 | ||
|
vers:oracle/>=19.3|<=19.26
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:*:*:*:*:*:*:*
|
vers:oracle/>=19.3|<=19.26 | |
|
vers:oracle/>=21.3|<=21.13
Oracle / Oracle Database Server
|
vers:oracle/>=21.3|<=21.13 | ||
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=21.4|<=21.16
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:*:*:*:*:*:*:*
|
vers:oracle/>=21.4|<=21.16 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/13.5.0.0
Oracle / Oracle Enterprise Manager for Oracle Database
|
vers:oracle/13.5.0.0 | ||
|
vers:oracle/1.5.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*
|
vers:oracle/1.5.0 | |
|
vers:oracle/1.6.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.0:*:*:*:*:*:*:*
|
vers:oracle/1.6.0 | |
|
vers:oracle/1.6.1
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.1:*:*:*:*:*:*:*
|
vers:oracle/1.6.1 | |
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0
Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database
|
cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:*:*:*:*:*:*:*
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0 | |
|
vers:semver/19.3|<=19.26
Oracle Corporation / Oracle Database Server
|
vers:semver/19.3|<=19.26 | ||
|
vers:semver/21.3|<=21.17
Oracle Corporation / Oracle Database Server
|
vers:semver/21.3|<=21.17 | ||
|
vers:semver/23.4|<=23.7
Oracle Corporation / Oracle Database Server
|
vers:semver/23.4|<=23.7 | ||
|
vers:oracle/25.1.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:*:*:*:*:*:*:*
|
vers:oracle/25.1.0 | |
|
vers:oracle/25.2.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:*:*:*:*:*:*:*
|
vers:oracle/25.2.0 | |
|
vers:oracle/>=23.8.0|<=23.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=23.8.0|<=23.11.0 | |
|
vers:oracle/>=24.1.0|<=24.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=24.1.0|<=24.11.0 | |
|
vers:oracle/21.7.1.0.0
Oracle / Oracle Essbase / Oracle Essbase
|
cpe:2.3:a:oracle:essbase:21.7.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.7.1.0.0 | |
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle / GoldenGate
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219 | ||
|
vers:unknown/>=21.3|<=21.17
Oracle / Oracle / GoldenGate
|
vers:unknown/>=21.3|<=21.17 | ||
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10
Oracle / Oracle GoldenGate / GoldenGate Stream Analytics
|
cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10 | |
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219 | |
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18 | |
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0 | |
|
vers:oracle/>=23.4|<=23.6
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.6 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7
Oracle / Oracle GoldenGate Stream Analytics
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7 | ||
|
vers:oracle/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:oracle/23.1 | ||
|
vers:oracle/<23.1
Oracle / Big Data Spatial and Graph
|
vers:oracle/<23.1 | ||
|
vers:unknown/2.0
Oracle / Big Data Spatial and Graph
|
cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:*:*:*:*:*:*:*
|
vers:unknown/2.0 | |
|
vers:unknown/2.0
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/2.0 | ||
|
vers:unknown/20.2
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/20.2 | ||
|
vers:unknown/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/23.1
Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/none
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/none | ||
|
vers:oracle/23.4.3
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.3:*:*:*:*:*:*:*
|
vers:oracle/23.4.3 | |
|
vers:oracle/24.3.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.3.0:*:*:*:*:*:*:*
|
vers:oracle/24.3.0 | |
|
vers:oracle/23.4.4
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.4:*:*:*:*:*:*:*
|
vers:oracle/23.4.4 | |
|
vers:oracle/24.4.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.4.0:*:*:*:*:*:*:*
|
vers:oracle/24.4.0 | |
|
vers:oracle/<=22.4.7
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=22.4.7 | |
|
vers:oracle/<=23.4.2
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=23.4.2 | |
|
vers:oracle/<=24.1.0
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=24.1.0 | |
|
vers:oracle/3.0.6
Oracle / Oracle Big Data Spatial and Graph
|
cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:*:*:*:*:*:*:*
|
vers:oracle/3.0.6 | |
|
vers:oracle/12.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.1 | |
|
vers:oracle/12.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.2 | |
|
vers:oracle/12.1.0.3
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.3:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.3 | |
|
vers:oracle/18.1.0.0
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.0 | |
|
vers:oracle/18.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.1 | |
|
vers:oracle/18.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.2 | |
|
vers:semver/12.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.1 | ||
|
vers:semver/12.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.2 | ||
|
vers:semver/12.1.0.3
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.3 | ||
|
vers:semver/18.1.0.0
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.0 | ||
|
vers:semver/18.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.1 | ||
|
vers:semver/18.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.2 |
7.5 (High)
Affected products
Known affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/22.1
Oracle / Oracle / Database Server
|
vers:unknown/22.1 | ||
|
vers:unknown/13.5.0.0
Oracle / Oracle / Enterprise Manager for Oracle Database
|
vers:unknown/13.5.0.0 | ||
|
vers:oracle/>=19.3|<=19.22
Oracle / Oracle Database Server
|
vers:oracle/>=19.3|<=19.22 | ||
|
vers:oracle/>=19.3|<=19.26
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:*:*:*:*:*:*:*
|
vers:oracle/>=19.3|<=19.26 | |
|
vers:oracle/>=21.3|<=21.13
Oracle / Oracle Database Server
|
vers:oracle/>=21.3|<=21.13 | ||
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=21.4|<=21.16
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:*:*:*:*:*:*:*
|
vers:oracle/>=21.4|<=21.16 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/13.5.0.0
Oracle / Oracle Enterprise Manager for Oracle Database
|
vers:oracle/13.5.0.0 | ||
|
vers:oracle/1.5.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*
|
vers:oracle/1.5.0 | |
|
vers:oracle/1.6.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.0:*:*:*:*:*:*:*
|
vers:oracle/1.6.0 | |
|
vers:oracle/1.6.1
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.1:*:*:*:*:*:*:*
|
vers:oracle/1.6.1 | |
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0
Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database
|
cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:*:*:*:*:*:*:*
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0 | |
|
vers:semver/19.3|<=19.26
Oracle Corporation / Oracle Database Server
|
vers:semver/19.3|<=19.26 | ||
|
vers:semver/21.3|<=21.17
Oracle Corporation / Oracle Database Server
|
vers:semver/21.3|<=21.17 | ||
|
vers:semver/23.4|<=23.7
Oracle Corporation / Oracle Database Server
|
vers:semver/23.4|<=23.7 | ||
|
vers:oracle/25.1.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:*:*:*:*:*:*:*
|
vers:oracle/25.1.0 | |
|
vers:oracle/25.2.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:*:*:*:*:*:*:*
|
vers:oracle/25.2.0 | |
|
vers:oracle/>=23.8.0|<=23.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=23.8.0|<=23.11.0 | |
|
vers:oracle/>=24.1.0|<=24.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=24.1.0|<=24.11.0 | |
|
vers:oracle/21.7.1.0.0
Oracle / Oracle Essbase / Oracle Essbase
|
cpe:2.3:a:oracle:essbase:21.7.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.7.1.0.0 | |
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle / GoldenGate
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219 | ||
|
vers:unknown/>=21.3|<=21.17
Oracle / Oracle / GoldenGate
|
vers:unknown/>=21.3|<=21.17 | ||
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10
Oracle / Oracle GoldenGate / GoldenGate Stream Analytics
|
cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10 | |
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219 | |
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18 | |
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0 | |
|
vers:oracle/>=23.4|<=23.6
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.6 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7
Oracle / Oracle GoldenGate Stream Analytics
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7 | ||
|
vers:oracle/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:oracle/23.1 | ||
|
vers:oracle/<23.1
Oracle / Big Data Spatial and Graph
|
vers:oracle/<23.1 | ||
|
vers:unknown/2.0
Oracle / Big Data Spatial and Graph
|
cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:*:*:*:*:*:*:*
|
vers:unknown/2.0 | |
|
vers:unknown/2.0
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/2.0 | ||
|
vers:unknown/20.2
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/20.2 | ||
|
vers:unknown/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/23.1
Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/none
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/none | ||
|
vers:oracle/23.4.3
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.3:*:*:*:*:*:*:*
|
vers:oracle/23.4.3 | |
|
vers:oracle/24.3.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.3.0:*:*:*:*:*:*:*
|
vers:oracle/24.3.0 | |
|
vers:oracle/23.4.4
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.4:*:*:*:*:*:*:*
|
vers:oracle/23.4.4 | |
|
vers:oracle/24.4.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.4.0:*:*:*:*:*:*:*
|
vers:oracle/24.4.0 | |
|
vers:oracle/<=22.4.7
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=22.4.7 | |
|
vers:oracle/<=23.4.2
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=23.4.2 | |
|
vers:oracle/<=24.1.0
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=24.1.0 | |
|
vers:oracle/3.0.6
Oracle / Oracle Big Data Spatial and Graph
|
cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:*:*:*:*:*:*:*
|
vers:oracle/3.0.6 | |
|
vers:oracle/12.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.1 | |
|
vers:oracle/12.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.2 | |
|
vers:oracle/12.1.0.3
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.3:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.3 | |
|
vers:oracle/18.1.0.0
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.0 | |
|
vers:oracle/18.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.1 | |
|
vers:oracle/18.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.2 | |
|
vers:semver/12.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.1 | ||
|
vers:semver/12.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.2 | ||
|
vers:semver/12.1.0.3
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.3 | ||
|
vers:semver/18.1.0.0
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.0 | ||
|
vers:semver/18.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.1 | ||
|
vers:semver/18.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.2 |
8.6 (High)
Affected products
Known affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/22.1
Oracle / Oracle / Database Server
|
vers:unknown/22.1 | ||
|
vers:unknown/13.5.0.0
Oracle / Oracle / Enterprise Manager for Oracle Database
|
vers:unknown/13.5.0.0 | ||
|
vers:oracle/>=19.3|<=19.22
Oracle / Oracle Database Server
|
vers:oracle/>=19.3|<=19.22 | ||
|
vers:oracle/>=19.3|<=19.26
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:*:*:*:*:*:*:*
|
vers:oracle/>=19.3|<=19.26 | |
|
vers:oracle/>=21.3|<=21.13
Oracle / Oracle Database Server
|
vers:oracle/>=21.3|<=21.13 | ||
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=21.4|<=21.16
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:*:*:*:*:*:*:*
|
vers:oracle/>=21.4|<=21.16 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/13.5.0.0
Oracle / Oracle Enterprise Manager for Oracle Database
|
vers:oracle/13.5.0.0 | ||
|
vers:oracle/1.5.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*
|
vers:oracle/1.5.0 | |
|
vers:oracle/1.6.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.0:*:*:*:*:*:*:*
|
vers:oracle/1.6.0 | |
|
vers:oracle/1.6.1
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.1:*:*:*:*:*:*:*
|
vers:oracle/1.6.1 | |
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0
Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database
|
cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:*:*:*:*:*:*:*
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0 | |
|
vers:semver/19.3|<=19.26
Oracle Corporation / Oracle Database Server
|
vers:semver/19.3|<=19.26 | ||
|
vers:semver/21.3|<=21.17
Oracle Corporation / Oracle Database Server
|
vers:semver/21.3|<=21.17 | ||
|
vers:semver/23.4|<=23.7
Oracle Corporation / Oracle Database Server
|
vers:semver/23.4|<=23.7 | ||
|
vers:oracle/25.1.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:*:*:*:*:*:*:*
|
vers:oracle/25.1.0 | |
|
vers:oracle/25.2.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:*:*:*:*:*:*:*
|
vers:oracle/25.2.0 | |
|
vers:oracle/>=23.8.0|<=23.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=23.8.0|<=23.11.0 | |
|
vers:oracle/>=24.1.0|<=24.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=24.1.0|<=24.11.0 | |
|
vers:oracle/21.7.1.0.0
Oracle / Oracle Essbase / Oracle Essbase
|
cpe:2.3:a:oracle:essbase:21.7.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.7.1.0.0 | |
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle / GoldenGate
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219 | ||
|
vers:unknown/>=21.3|<=21.17
Oracle / Oracle / GoldenGate
|
vers:unknown/>=21.3|<=21.17 | ||
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10
Oracle / Oracle GoldenGate / GoldenGate Stream Analytics
|
cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10 | |
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219 | |
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18 | |
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0 | |
|
vers:oracle/>=23.4|<=23.6
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.6 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7
Oracle / Oracle GoldenGate Stream Analytics
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7 | ||
|
vers:oracle/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:oracle/23.1 | ||
|
vers:oracle/<23.1
Oracle / Big Data Spatial and Graph
|
vers:oracle/<23.1 | ||
|
vers:unknown/2.0
Oracle / Big Data Spatial and Graph
|
cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:*:*:*:*:*:*:*
|
vers:unknown/2.0 | |
|
vers:unknown/2.0
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/2.0 | ||
|
vers:unknown/20.2
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/20.2 | ||
|
vers:unknown/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/23.1
Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/none
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/none | ||
|
vers:oracle/23.4.3
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.3:*:*:*:*:*:*:*
|
vers:oracle/23.4.3 | |
|
vers:oracle/24.3.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.3.0:*:*:*:*:*:*:*
|
vers:oracle/24.3.0 | |
|
vers:oracle/23.4.4
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.4:*:*:*:*:*:*:*
|
vers:oracle/23.4.4 | |
|
vers:oracle/24.4.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.4.0:*:*:*:*:*:*:*
|
vers:oracle/24.4.0 | |
|
vers:oracle/<=22.4.7
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=22.4.7 | |
|
vers:oracle/<=23.4.2
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=23.4.2 | |
|
vers:oracle/<=24.1.0
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=24.1.0 | |
|
vers:oracle/3.0.6
Oracle / Oracle Big Data Spatial and Graph
|
cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:*:*:*:*:*:*:*
|
vers:oracle/3.0.6 | |
|
vers:oracle/12.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.1 | |
|
vers:oracle/12.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.2 | |
|
vers:oracle/12.1.0.3
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.3:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.3 | |
|
vers:oracle/18.1.0.0
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.0 | |
|
vers:oracle/18.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.1 | |
|
vers:oracle/18.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.2 | |
|
vers:semver/12.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.1 | ||
|
vers:semver/12.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.2 | ||
|
vers:semver/12.1.0.3
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.3 | ||
|
vers:semver/18.1.0.0
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.0 | ||
|
vers:semver/18.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.1 | ||
|
vers:semver/18.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.2 |
4.4 (Medium)
Affected products
Known affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/22.1
Oracle / Oracle / Database Server
|
vers:unknown/22.1 | ||
|
vers:unknown/13.5.0.0
Oracle / Oracle / Enterprise Manager for Oracle Database
|
vers:unknown/13.5.0.0 | ||
|
vers:oracle/>=19.3|<=19.22
Oracle / Oracle Database Server
|
vers:oracle/>=19.3|<=19.22 | ||
|
vers:oracle/>=19.3|<=19.26
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:*:*:*:*:*:*:*
|
vers:oracle/>=19.3|<=19.26 | |
|
vers:oracle/>=21.3|<=21.13
Oracle / Oracle Database Server
|
vers:oracle/>=21.3|<=21.13 | ||
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=21.4|<=21.16
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:*:*:*:*:*:*:*
|
vers:oracle/>=21.4|<=21.16 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/13.5.0.0
Oracle / Oracle Enterprise Manager for Oracle Database
|
vers:oracle/13.5.0.0 | ||
|
vers:oracle/1.5.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*
|
vers:oracle/1.5.0 | |
|
vers:oracle/1.6.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.0:*:*:*:*:*:*:*
|
vers:oracle/1.6.0 | |
|
vers:oracle/1.6.1
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.1:*:*:*:*:*:*:*
|
vers:oracle/1.6.1 | |
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0
Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database
|
cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:*:*:*:*:*:*:*
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0 | |
|
vers:semver/19.3|<=19.26
Oracle Corporation / Oracle Database Server
|
vers:semver/19.3|<=19.26 | ||
|
vers:semver/21.3|<=21.17
Oracle Corporation / Oracle Database Server
|
vers:semver/21.3|<=21.17 | ||
|
vers:semver/23.4|<=23.7
Oracle Corporation / Oracle Database Server
|
vers:semver/23.4|<=23.7 | ||
|
vers:oracle/25.1.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:*:*:*:*:*:*:*
|
vers:oracle/25.1.0 | |
|
vers:oracle/25.2.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:*:*:*:*:*:*:*
|
vers:oracle/25.2.0 | |
|
vers:oracle/>=23.8.0|<=23.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=23.8.0|<=23.11.0 | |
|
vers:oracle/>=24.1.0|<=24.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=24.1.0|<=24.11.0 | |
|
vers:oracle/21.7.1.0.0
Oracle / Oracle Essbase / Oracle Essbase
|
cpe:2.3:a:oracle:essbase:21.7.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.7.1.0.0 | |
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle / GoldenGate
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219 | ||
|
vers:unknown/>=21.3|<=21.17
Oracle / Oracle / GoldenGate
|
vers:unknown/>=21.3|<=21.17 | ||
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10
Oracle / Oracle GoldenGate / GoldenGate Stream Analytics
|
cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10 | |
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219 | |
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18 | |
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0 | |
|
vers:oracle/>=23.4|<=23.6
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.6 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7
Oracle / Oracle GoldenGate Stream Analytics
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7 | ||
|
vers:oracle/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:oracle/23.1 | ||
|
vers:oracle/<23.1
Oracle / Big Data Spatial and Graph
|
vers:oracle/<23.1 | ||
|
vers:unknown/2.0
Oracle / Big Data Spatial and Graph
|
cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:*:*:*:*:*:*:*
|
vers:unknown/2.0 | |
|
vers:unknown/2.0
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/2.0 | ||
|
vers:unknown/20.2
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/20.2 | ||
|
vers:unknown/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/23.1
Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/none
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/none | ||
|
vers:oracle/23.4.3
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.3:*:*:*:*:*:*:*
|
vers:oracle/23.4.3 | |
|
vers:oracle/24.3.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.3.0:*:*:*:*:*:*:*
|
vers:oracle/24.3.0 | |
|
vers:oracle/23.4.4
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.4:*:*:*:*:*:*:*
|
vers:oracle/23.4.4 | |
|
vers:oracle/24.4.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.4.0:*:*:*:*:*:*:*
|
vers:oracle/24.4.0 | |
|
vers:oracle/<=22.4.7
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=22.4.7 | |
|
vers:oracle/<=23.4.2
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=23.4.2 | |
|
vers:oracle/<=24.1.0
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=24.1.0 | |
|
vers:oracle/3.0.6
Oracle / Oracle Big Data Spatial and Graph
|
cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:*:*:*:*:*:*:*
|
vers:oracle/3.0.6 | |
|
vers:oracle/12.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.1 | |
|
vers:oracle/12.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.2 | |
|
vers:oracle/12.1.0.3
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.3:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.3 | |
|
vers:oracle/18.1.0.0
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.0 | |
|
vers:oracle/18.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.1 | |
|
vers:oracle/18.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.2 | |
|
vers:semver/12.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.1 | ||
|
vers:semver/12.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.2 | ||
|
vers:semver/12.1.0.3
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.3 | ||
|
vers:semver/18.1.0.0
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.0 | ||
|
vers:semver/18.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.1 | ||
|
vers:semver/18.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.2 |
8.1 (High)
Affected products
Known affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/22.1
Oracle / Oracle / Database Server
|
vers:unknown/22.1 | ||
|
vers:unknown/13.5.0.0
Oracle / Oracle / Enterprise Manager for Oracle Database
|
vers:unknown/13.5.0.0 | ||
|
vers:oracle/>=19.3|<=19.22
Oracle / Oracle Database Server
|
vers:oracle/>=19.3|<=19.22 | ||
|
vers:oracle/>=19.3|<=19.26
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:*:*:*:*:*:*:*
|
vers:oracle/>=19.3|<=19.26 | |
|
vers:oracle/>=21.3|<=21.13
Oracle / Oracle Database Server
|
vers:oracle/>=21.3|<=21.13 | ||
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=21.4|<=21.16
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:*:*:*:*:*:*:*
|
vers:oracle/>=21.4|<=21.16 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/13.5.0.0
Oracle / Oracle Enterprise Manager for Oracle Database
|
vers:oracle/13.5.0.0 | ||
|
vers:oracle/1.5.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*
|
vers:oracle/1.5.0 | |
|
vers:oracle/1.6.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.0:*:*:*:*:*:*:*
|
vers:oracle/1.6.0 | |
|
vers:oracle/1.6.1
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.1:*:*:*:*:*:*:*
|
vers:oracle/1.6.1 | |
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0
Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database
|
cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:*:*:*:*:*:*:*
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0 | |
|
vers:semver/19.3|<=19.26
Oracle Corporation / Oracle Database Server
|
vers:semver/19.3|<=19.26 | ||
|
vers:semver/21.3|<=21.17
Oracle Corporation / Oracle Database Server
|
vers:semver/21.3|<=21.17 | ||
|
vers:semver/23.4|<=23.7
Oracle Corporation / Oracle Database Server
|
vers:semver/23.4|<=23.7 | ||
|
vers:oracle/25.1.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:*:*:*:*:*:*:*
|
vers:oracle/25.1.0 | |
|
vers:oracle/25.2.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:*:*:*:*:*:*:*
|
vers:oracle/25.2.0 | |
|
vers:oracle/>=23.8.0|<=23.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=23.8.0|<=23.11.0 | |
|
vers:oracle/>=24.1.0|<=24.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=24.1.0|<=24.11.0 | |
|
vers:oracle/21.7.1.0.0
Oracle / Oracle Essbase / Oracle Essbase
|
cpe:2.3:a:oracle:essbase:21.7.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.7.1.0.0 | |
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle / GoldenGate
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219 | ||
|
vers:unknown/>=21.3|<=21.17
Oracle / Oracle / GoldenGate
|
vers:unknown/>=21.3|<=21.17 | ||
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10
Oracle / Oracle GoldenGate / GoldenGate Stream Analytics
|
cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10 | |
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219 | |
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18 | |
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0 | |
|
vers:oracle/>=23.4|<=23.6
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.6 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7
Oracle / Oracle GoldenGate Stream Analytics
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7 | ||
|
vers:oracle/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:oracle/23.1 | ||
|
vers:oracle/<23.1
Oracle / Big Data Spatial and Graph
|
vers:oracle/<23.1 | ||
|
vers:unknown/2.0
Oracle / Big Data Spatial and Graph
|
cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:*:*:*:*:*:*:*
|
vers:unknown/2.0 | |
|
vers:unknown/2.0
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/2.0 | ||
|
vers:unknown/20.2
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/20.2 | ||
|
vers:unknown/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/23.1
Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/none
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/none | ||
|
vers:oracle/23.4.3
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.3:*:*:*:*:*:*:*
|
vers:oracle/23.4.3 | |
|
vers:oracle/24.3.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.3.0:*:*:*:*:*:*:*
|
vers:oracle/24.3.0 | |
|
vers:oracle/23.4.4
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.4:*:*:*:*:*:*:*
|
vers:oracle/23.4.4 | |
|
vers:oracle/24.4.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.4.0:*:*:*:*:*:*:*
|
vers:oracle/24.4.0 | |
|
vers:oracle/<=22.4.7
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=22.4.7 | |
|
vers:oracle/<=23.4.2
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=23.4.2 | |
|
vers:oracle/<=24.1.0
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=24.1.0 | |
|
vers:oracle/3.0.6
Oracle / Oracle Big Data Spatial and Graph
|
cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:*:*:*:*:*:*:*
|
vers:oracle/3.0.6 | |
|
vers:oracle/12.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.1 | |
|
vers:oracle/12.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.2 | |
|
vers:oracle/12.1.0.3
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.3:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.3 | |
|
vers:oracle/18.1.0.0
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.0 | |
|
vers:oracle/18.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.1 | |
|
vers:oracle/18.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.2 | |
|
vers:semver/12.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.1 | ||
|
vers:semver/12.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.2 | ||
|
vers:semver/12.1.0.3
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.3 | ||
|
vers:semver/18.1.0.0
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.0 | ||
|
vers:semver/18.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.1 | ||
|
vers:semver/18.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.2 |
9.8 (Critical)
Affected products
Known affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/22.1
Oracle / Oracle / Database Server
|
vers:unknown/22.1 | ||
|
vers:unknown/13.5.0.0
Oracle / Oracle / Enterprise Manager for Oracle Database
|
vers:unknown/13.5.0.0 | ||
|
vers:oracle/>=19.3|<=19.22
Oracle / Oracle Database Server
|
vers:oracle/>=19.3|<=19.22 | ||
|
vers:oracle/>=19.3|<=19.26
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:*:*:*:*:*:*:*
|
vers:oracle/>=19.3|<=19.26 | |
|
vers:oracle/>=21.3|<=21.13
Oracle / Oracle Database Server
|
vers:oracle/>=21.3|<=21.13 | ||
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=21.4|<=21.16
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:*:*:*:*:*:*:*
|
vers:oracle/>=21.4|<=21.16 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/13.5.0.0
Oracle / Oracle Enterprise Manager for Oracle Database
|
vers:oracle/13.5.0.0 | ||
|
vers:oracle/1.5.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*
|
vers:oracle/1.5.0 | |
|
vers:oracle/1.6.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.0:*:*:*:*:*:*:*
|
vers:oracle/1.6.0 | |
|
vers:oracle/1.6.1
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.1:*:*:*:*:*:*:*
|
vers:oracle/1.6.1 | |
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0
Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database
|
cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:*:*:*:*:*:*:*
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0 | |
|
vers:semver/19.3|<=19.26
Oracle Corporation / Oracle Database Server
|
vers:semver/19.3|<=19.26 | ||
|
vers:semver/21.3|<=21.17
Oracle Corporation / Oracle Database Server
|
vers:semver/21.3|<=21.17 | ||
|
vers:semver/23.4|<=23.7
Oracle Corporation / Oracle Database Server
|
vers:semver/23.4|<=23.7 | ||
|
vers:oracle/25.1.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:*:*:*:*:*:*:*
|
vers:oracle/25.1.0 | |
|
vers:oracle/25.2.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:*:*:*:*:*:*:*
|
vers:oracle/25.2.0 | |
|
vers:oracle/>=23.8.0|<=23.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=23.8.0|<=23.11.0 | |
|
vers:oracle/>=24.1.0|<=24.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=24.1.0|<=24.11.0 | |
|
vers:oracle/21.7.1.0.0
Oracle / Oracle Essbase / Oracle Essbase
|
cpe:2.3:a:oracle:essbase:21.7.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.7.1.0.0 | |
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle / GoldenGate
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219 | ||
|
vers:unknown/>=21.3|<=21.17
Oracle / Oracle / GoldenGate
|
vers:unknown/>=21.3|<=21.17 | ||
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10
Oracle / Oracle GoldenGate / GoldenGate Stream Analytics
|
cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10 | |
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219 | |
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18 | |
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0 | |
|
vers:oracle/>=23.4|<=23.6
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.6 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7
Oracle / Oracle GoldenGate Stream Analytics
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7 | ||
|
vers:oracle/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:oracle/23.1 | ||
|
vers:oracle/<23.1
Oracle / Big Data Spatial and Graph
|
vers:oracle/<23.1 | ||
|
vers:unknown/2.0
Oracle / Big Data Spatial and Graph
|
cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:*:*:*:*:*:*:*
|
vers:unknown/2.0 | |
|
vers:unknown/2.0
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/2.0 | ||
|
vers:unknown/20.2
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/20.2 | ||
|
vers:unknown/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/23.1
Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/none
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/none | ||
|
vers:oracle/23.4.3
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.3:*:*:*:*:*:*:*
|
vers:oracle/23.4.3 | |
|
vers:oracle/24.3.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.3.0:*:*:*:*:*:*:*
|
vers:oracle/24.3.0 | |
|
vers:oracle/23.4.4
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.4:*:*:*:*:*:*:*
|
vers:oracle/23.4.4 | |
|
vers:oracle/24.4.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.4.0:*:*:*:*:*:*:*
|
vers:oracle/24.4.0 | |
|
vers:oracle/<=22.4.7
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=22.4.7 | |
|
vers:oracle/<=23.4.2
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=23.4.2 | |
|
vers:oracle/<=24.1.0
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=24.1.0 | |
|
vers:oracle/3.0.6
Oracle / Oracle Big Data Spatial and Graph
|
cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:*:*:*:*:*:*:*
|
vers:oracle/3.0.6 | |
|
vers:oracle/12.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.1 | |
|
vers:oracle/12.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.2 | |
|
vers:oracle/12.1.0.3
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.3:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.3 | |
|
vers:oracle/18.1.0.0
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.0 | |
|
vers:oracle/18.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.1 | |
|
vers:oracle/18.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.2 | |
|
vers:semver/12.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.1 | ||
|
vers:semver/12.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.2 | ||
|
vers:semver/12.1.0.3
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.3 | ||
|
vers:semver/18.1.0.0
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.0 | ||
|
vers:semver/18.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.1 | ||
|
vers:semver/18.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.2 |
10.0 (Critical)
Affected products
Known affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/22.1
Oracle / Oracle / Database Server
|
vers:unknown/22.1 | ||
|
vers:unknown/13.5.0.0
Oracle / Oracle / Enterprise Manager for Oracle Database
|
vers:unknown/13.5.0.0 | ||
|
vers:oracle/>=19.3|<=19.22
Oracle / Oracle Database Server
|
vers:oracle/>=19.3|<=19.22 | ||
|
vers:oracle/>=19.3|<=19.26
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:*:*:*:*:*:*:*
|
vers:oracle/>=19.3|<=19.26 | |
|
vers:oracle/>=21.3|<=21.13
Oracle / Oracle Database Server
|
vers:oracle/>=21.3|<=21.13 | ||
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=21.4|<=21.16
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:*:*:*:*:*:*:*
|
vers:oracle/>=21.4|<=21.16 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/13.5.0.0
Oracle / Oracle Enterprise Manager for Oracle Database
|
vers:oracle/13.5.0.0 | ||
|
vers:oracle/1.5.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*
|
vers:oracle/1.5.0 | |
|
vers:oracle/1.6.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.0:*:*:*:*:*:*:*
|
vers:oracle/1.6.0 | |
|
vers:oracle/1.6.1
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.1:*:*:*:*:*:*:*
|
vers:oracle/1.6.1 | |
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0
Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database
|
cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:*:*:*:*:*:*:*
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0 | |
|
vers:semver/19.3|<=19.26
Oracle Corporation / Oracle Database Server
|
vers:semver/19.3|<=19.26 | ||
|
vers:semver/21.3|<=21.17
Oracle Corporation / Oracle Database Server
|
vers:semver/21.3|<=21.17 | ||
|
vers:semver/23.4|<=23.7
Oracle Corporation / Oracle Database Server
|
vers:semver/23.4|<=23.7 | ||
|
vers:oracle/25.1.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:*:*:*:*:*:*:*
|
vers:oracle/25.1.0 | |
|
vers:oracle/25.2.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:*:*:*:*:*:*:*
|
vers:oracle/25.2.0 | |
|
vers:oracle/>=23.8.0|<=23.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=23.8.0|<=23.11.0 | |
|
vers:oracle/>=24.1.0|<=24.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=24.1.0|<=24.11.0 | |
|
vers:oracle/21.7.1.0.0
Oracle / Oracle Essbase / Oracle Essbase
|
cpe:2.3:a:oracle:essbase:21.7.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.7.1.0.0 | |
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle / GoldenGate
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219 | ||
|
vers:unknown/>=21.3|<=21.17
Oracle / Oracle / GoldenGate
|
vers:unknown/>=21.3|<=21.17 | ||
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10
Oracle / Oracle GoldenGate / GoldenGate Stream Analytics
|
cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10 | |
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219 | |
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18 | |
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0 | |
|
vers:oracle/>=23.4|<=23.6
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.6 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7
Oracle / Oracle GoldenGate Stream Analytics
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7 | ||
|
vers:oracle/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:oracle/23.1 | ||
|
vers:oracle/<23.1
Oracle / Big Data Spatial and Graph
|
vers:oracle/<23.1 | ||
|
vers:unknown/2.0
Oracle / Big Data Spatial and Graph
|
cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:*:*:*:*:*:*:*
|
vers:unknown/2.0 | |
|
vers:unknown/2.0
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/2.0 | ||
|
vers:unknown/20.2
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/20.2 | ||
|
vers:unknown/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/23.1
Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/none
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/none | ||
|
vers:oracle/23.4.3
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.3:*:*:*:*:*:*:*
|
vers:oracle/23.4.3 | |
|
vers:oracle/24.3.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.3.0:*:*:*:*:*:*:*
|
vers:oracle/24.3.0 | |
|
vers:oracle/23.4.4
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.4:*:*:*:*:*:*:*
|
vers:oracle/23.4.4 | |
|
vers:oracle/24.4.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.4.0:*:*:*:*:*:*:*
|
vers:oracle/24.4.0 | |
|
vers:oracle/<=22.4.7
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=22.4.7 | |
|
vers:oracle/<=23.4.2
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=23.4.2 | |
|
vers:oracle/<=24.1.0
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=24.1.0 | |
|
vers:oracle/3.0.6
Oracle / Oracle Big Data Spatial and Graph
|
cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:*:*:*:*:*:*:*
|
vers:oracle/3.0.6 | |
|
vers:oracle/12.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.1 | |
|
vers:oracle/12.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.2 | |
|
vers:oracle/12.1.0.3
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.3:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.3 | |
|
vers:oracle/18.1.0.0
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.0 | |
|
vers:oracle/18.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.1 | |
|
vers:oracle/18.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.2 | |
|
vers:semver/12.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.1 | ||
|
vers:semver/12.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.2 | ||
|
vers:semver/12.1.0.3
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.3 | ||
|
vers:semver/18.1.0.0
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.0 | ||
|
vers:semver/18.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.1 | ||
|
vers:semver/18.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.2 |
8.6 (High)
Affected products
Known affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/22.1
Oracle / Oracle / Database Server
|
vers:unknown/22.1 | ||
|
vers:unknown/13.5.0.0
Oracle / Oracle / Enterprise Manager for Oracle Database
|
vers:unknown/13.5.0.0 | ||
|
vers:oracle/>=19.3|<=19.22
Oracle / Oracle Database Server
|
vers:oracle/>=19.3|<=19.22 | ||
|
vers:oracle/>=19.3|<=19.26
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:*:*:*:*:*:*:*
|
vers:oracle/>=19.3|<=19.26 | |
|
vers:oracle/>=21.3|<=21.13
Oracle / Oracle Database Server
|
vers:oracle/>=21.3|<=21.13 | ||
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=21.4|<=21.16
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:*:*:*:*:*:*:*
|
vers:oracle/>=21.4|<=21.16 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/13.5.0.0
Oracle / Oracle Enterprise Manager for Oracle Database
|
vers:oracle/13.5.0.0 | ||
|
vers:oracle/1.5.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*
|
vers:oracle/1.5.0 | |
|
vers:oracle/1.6.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.0:*:*:*:*:*:*:*
|
vers:oracle/1.6.0 | |
|
vers:oracle/1.6.1
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.1:*:*:*:*:*:*:*
|
vers:oracle/1.6.1 | |
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0
Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database
|
cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:*:*:*:*:*:*:*
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0 | |
|
vers:semver/19.3|<=19.26
Oracle Corporation / Oracle Database Server
|
vers:semver/19.3|<=19.26 | ||
|
vers:semver/21.3|<=21.17
Oracle Corporation / Oracle Database Server
|
vers:semver/21.3|<=21.17 | ||
|
vers:semver/23.4|<=23.7
Oracle Corporation / Oracle Database Server
|
vers:semver/23.4|<=23.7 | ||
|
vers:oracle/25.1.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:*:*:*:*:*:*:*
|
vers:oracle/25.1.0 | |
|
vers:oracle/25.2.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:*:*:*:*:*:*:*
|
vers:oracle/25.2.0 | |
|
vers:oracle/>=23.8.0|<=23.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=23.8.0|<=23.11.0 | |
|
vers:oracle/>=24.1.0|<=24.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=24.1.0|<=24.11.0 | |
|
vers:oracle/21.7.1.0.0
Oracle / Oracle Essbase / Oracle Essbase
|
cpe:2.3:a:oracle:essbase:21.7.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.7.1.0.0 | |
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle / GoldenGate
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219 | ||
|
vers:unknown/>=21.3|<=21.17
Oracle / Oracle / GoldenGate
|
vers:unknown/>=21.3|<=21.17 | ||
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10
Oracle / Oracle GoldenGate / GoldenGate Stream Analytics
|
cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10 | |
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219 | |
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18 | |
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0 | |
|
vers:oracle/>=23.4|<=23.6
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.6 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7
Oracle / Oracle GoldenGate Stream Analytics
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7 | ||
|
vers:oracle/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:oracle/23.1 | ||
|
vers:oracle/<23.1
Oracle / Big Data Spatial and Graph
|
vers:oracle/<23.1 | ||
|
vers:unknown/2.0
Oracle / Big Data Spatial and Graph
|
cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:*:*:*:*:*:*:*
|
vers:unknown/2.0 | |
|
vers:unknown/2.0
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/2.0 | ||
|
vers:unknown/20.2
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/20.2 | ||
|
vers:unknown/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/23.1
Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/none
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/none | ||
|
vers:oracle/23.4.3
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.3:*:*:*:*:*:*:*
|
vers:oracle/23.4.3 | |
|
vers:oracle/24.3.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.3.0:*:*:*:*:*:*:*
|
vers:oracle/24.3.0 | |
|
vers:oracle/23.4.4
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.4:*:*:*:*:*:*:*
|
vers:oracle/23.4.4 | |
|
vers:oracle/24.4.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.4.0:*:*:*:*:*:*:*
|
vers:oracle/24.4.0 | |
|
vers:oracle/<=22.4.7
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=22.4.7 | |
|
vers:oracle/<=23.4.2
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=23.4.2 | |
|
vers:oracle/<=24.1.0
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=24.1.0 | |
|
vers:oracle/3.0.6
Oracle / Oracle Big Data Spatial and Graph
|
cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:*:*:*:*:*:*:*
|
vers:oracle/3.0.6 | |
|
vers:oracle/12.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.1 | |
|
vers:oracle/12.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.2 | |
|
vers:oracle/12.1.0.3
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.3:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.3 | |
|
vers:oracle/18.1.0.0
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.0 | |
|
vers:oracle/18.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.1 | |
|
vers:oracle/18.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.2 | |
|
vers:semver/12.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.1 | ||
|
vers:semver/12.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.2 | ||
|
vers:semver/12.1.0.3
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.3 | ||
|
vers:semver/18.1.0.0
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.0 | ||
|
vers:semver/18.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.1 | ||
|
vers:semver/18.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.2 |
7.5 (High)
Affected products
Known affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/22.1
Oracle / Oracle / Database Server
|
vers:unknown/22.1 | ||
|
vers:unknown/13.5.0.0
Oracle / Oracle / Enterprise Manager for Oracle Database
|
vers:unknown/13.5.0.0 | ||
|
vers:oracle/>=19.3|<=19.22
Oracle / Oracle Database Server
|
vers:oracle/>=19.3|<=19.22 | ||
|
vers:oracle/>=19.3|<=19.26
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:*:*:*:*:*:*:*
|
vers:oracle/>=19.3|<=19.26 | |
|
vers:oracle/>=21.3|<=21.13
Oracle / Oracle Database Server
|
vers:oracle/>=21.3|<=21.13 | ||
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=21.4|<=21.16
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:*:*:*:*:*:*:*
|
vers:oracle/>=21.4|<=21.16 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/13.5.0.0
Oracle / Oracle Enterprise Manager for Oracle Database
|
vers:oracle/13.5.0.0 | ||
|
vers:oracle/1.5.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*
|
vers:oracle/1.5.0 | |
|
vers:oracle/1.6.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.0:*:*:*:*:*:*:*
|
vers:oracle/1.6.0 | |
|
vers:oracle/1.6.1
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.1:*:*:*:*:*:*:*
|
vers:oracle/1.6.1 | |
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0
Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database
|
cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:*:*:*:*:*:*:*
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0 | |
|
vers:semver/19.3|<=19.26
Oracle Corporation / Oracle Database Server
|
vers:semver/19.3|<=19.26 | ||
|
vers:semver/21.3|<=21.17
Oracle Corporation / Oracle Database Server
|
vers:semver/21.3|<=21.17 | ||
|
vers:semver/23.4|<=23.7
Oracle Corporation / Oracle Database Server
|
vers:semver/23.4|<=23.7 | ||
|
vers:oracle/25.1.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:*:*:*:*:*:*:*
|
vers:oracle/25.1.0 | |
|
vers:oracle/25.2.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:*:*:*:*:*:*:*
|
vers:oracle/25.2.0 | |
|
vers:oracle/>=23.8.0|<=23.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=23.8.0|<=23.11.0 | |
|
vers:oracle/>=24.1.0|<=24.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=24.1.0|<=24.11.0 | |
|
vers:oracle/21.7.1.0.0
Oracle / Oracle Essbase / Oracle Essbase
|
cpe:2.3:a:oracle:essbase:21.7.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.7.1.0.0 | |
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle / GoldenGate
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219 | ||
|
vers:unknown/>=21.3|<=21.17
Oracle / Oracle / GoldenGate
|
vers:unknown/>=21.3|<=21.17 | ||
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10
Oracle / Oracle GoldenGate / GoldenGate Stream Analytics
|
cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10 | |
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219 | |
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18 | |
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0 | |
|
vers:oracle/>=23.4|<=23.6
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.6 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7
Oracle / Oracle GoldenGate Stream Analytics
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7 | ||
|
vers:oracle/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:oracle/23.1 | ||
|
vers:oracle/<23.1
Oracle / Big Data Spatial and Graph
|
vers:oracle/<23.1 | ||
|
vers:unknown/2.0
Oracle / Big Data Spatial and Graph
|
cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:*:*:*:*:*:*:*
|
vers:unknown/2.0 | |
|
vers:unknown/2.0
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/2.0 | ||
|
vers:unknown/20.2
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/20.2 | ||
|
vers:unknown/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/23.1
Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/none
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/none | ||
|
vers:oracle/23.4.3
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.3:*:*:*:*:*:*:*
|
vers:oracle/23.4.3 | |
|
vers:oracle/24.3.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.3.0:*:*:*:*:*:*:*
|
vers:oracle/24.3.0 | |
|
vers:oracle/23.4.4
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.4:*:*:*:*:*:*:*
|
vers:oracle/23.4.4 | |
|
vers:oracle/24.4.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.4.0:*:*:*:*:*:*:*
|
vers:oracle/24.4.0 | |
|
vers:oracle/<=22.4.7
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=22.4.7 | |
|
vers:oracle/<=23.4.2
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=23.4.2 | |
|
vers:oracle/<=24.1.0
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=24.1.0 | |
|
vers:oracle/3.0.6
Oracle / Oracle Big Data Spatial and Graph
|
cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:*:*:*:*:*:*:*
|
vers:oracle/3.0.6 | |
|
vers:oracle/12.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.1 | |
|
vers:oracle/12.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.2 | |
|
vers:oracle/12.1.0.3
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.3:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.3 | |
|
vers:oracle/18.1.0.0
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.0 | |
|
vers:oracle/18.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.1 | |
|
vers:oracle/18.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.2 | |
|
vers:semver/12.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.1 | ||
|
vers:semver/12.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.2 | ||
|
vers:semver/12.1.0.3
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.3 | ||
|
vers:semver/18.1.0.0
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.0 | ||
|
vers:semver/18.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.1 | ||
|
vers:semver/18.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.2 |
9.8 (Critical)
Affected products
Known affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/22.1
Oracle / Oracle / Database Server
|
vers:unknown/22.1 | ||
|
vers:unknown/13.5.0.0
Oracle / Oracle / Enterprise Manager for Oracle Database
|
vers:unknown/13.5.0.0 | ||
|
vers:oracle/>=19.3|<=19.22
Oracle / Oracle Database Server
|
vers:oracle/>=19.3|<=19.22 | ||
|
vers:oracle/>=19.3|<=19.26
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:*:*:*:*:*:*:*
|
vers:oracle/>=19.3|<=19.26 | |
|
vers:oracle/>=21.3|<=21.13
Oracle / Oracle Database Server
|
vers:oracle/>=21.3|<=21.13 | ||
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=21.4|<=21.16
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:*:*:*:*:*:*:*
|
vers:oracle/>=21.4|<=21.16 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/13.5.0.0
Oracle / Oracle Enterprise Manager for Oracle Database
|
vers:oracle/13.5.0.0 | ||
|
vers:oracle/1.5.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*
|
vers:oracle/1.5.0 | |
|
vers:oracle/1.6.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.0:*:*:*:*:*:*:*
|
vers:oracle/1.6.0 | |
|
vers:oracle/1.6.1
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.1:*:*:*:*:*:*:*
|
vers:oracle/1.6.1 | |
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0
Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database
|
cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:*:*:*:*:*:*:*
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0 | |
|
vers:semver/19.3|<=19.26
Oracle Corporation / Oracle Database Server
|
vers:semver/19.3|<=19.26 | ||
|
vers:semver/21.3|<=21.17
Oracle Corporation / Oracle Database Server
|
vers:semver/21.3|<=21.17 | ||
|
vers:semver/23.4|<=23.7
Oracle Corporation / Oracle Database Server
|
vers:semver/23.4|<=23.7 | ||
|
vers:oracle/25.1.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:*:*:*:*:*:*:*
|
vers:oracle/25.1.0 | |
|
vers:oracle/25.2.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:*:*:*:*:*:*:*
|
vers:oracle/25.2.0 | |
|
vers:oracle/>=23.8.0|<=23.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=23.8.0|<=23.11.0 | |
|
vers:oracle/>=24.1.0|<=24.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=24.1.0|<=24.11.0 | |
|
vers:oracle/21.7.1.0.0
Oracle / Oracle Essbase / Oracle Essbase
|
cpe:2.3:a:oracle:essbase:21.7.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.7.1.0.0 | |
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle / GoldenGate
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219 | ||
|
vers:unknown/>=21.3|<=21.17
Oracle / Oracle / GoldenGate
|
vers:unknown/>=21.3|<=21.17 | ||
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10
Oracle / Oracle GoldenGate / GoldenGate Stream Analytics
|
cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10 | |
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219 | |
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18 | |
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0 | |
|
vers:oracle/>=23.4|<=23.6
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.6 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7
Oracle / Oracle GoldenGate Stream Analytics
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7 | ||
|
vers:oracle/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:oracle/23.1 | ||
|
vers:oracle/<23.1
Oracle / Big Data Spatial and Graph
|
vers:oracle/<23.1 | ||
|
vers:unknown/2.0
Oracle / Big Data Spatial and Graph
|
cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:*:*:*:*:*:*:*
|
vers:unknown/2.0 | |
|
vers:unknown/2.0
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/2.0 | ||
|
vers:unknown/20.2
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/20.2 | ||
|
vers:unknown/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/23.1
Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/none
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/none | ||
|
vers:oracle/23.4.3
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.3:*:*:*:*:*:*:*
|
vers:oracle/23.4.3 | |
|
vers:oracle/24.3.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.3.0:*:*:*:*:*:*:*
|
vers:oracle/24.3.0 | |
|
vers:oracle/23.4.4
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.4:*:*:*:*:*:*:*
|
vers:oracle/23.4.4 | |
|
vers:oracle/24.4.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.4.0:*:*:*:*:*:*:*
|
vers:oracle/24.4.0 | |
|
vers:oracle/<=22.4.7
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=22.4.7 | |
|
vers:oracle/<=23.4.2
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=23.4.2 | |
|
vers:oracle/<=24.1.0
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=24.1.0 | |
|
vers:oracle/3.0.6
Oracle / Oracle Big Data Spatial and Graph
|
cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:*:*:*:*:*:*:*
|
vers:oracle/3.0.6 | |
|
vers:oracle/12.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.1 | |
|
vers:oracle/12.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.2 | |
|
vers:oracle/12.1.0.3
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.3:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.3 | |
|
vers:oracle/18.1.0.0
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.0 | |
|
vers:oracle/18.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.1 | |
|
vers:oracle/18.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.2 | |
|
vers:semver/12.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.1 | ||
|
vers:semver/12.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.2 | ||
|
vers:semver/12.1.0.3
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.3 | ||
|
vers:semver/18.1.0.0
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.0 | ||
|
vers:semver/18.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.1 | ||
|
vers:semver/18.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.2 |
4.9 (Medium)
Affected products
Known affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/22.1
Oracle / Oracle / Database Server
|
vers:unknown/22.1 | ||
|
vers:unknown/13.5.0.0
Oracle / Oracle / Enterprise Manager for Oracle Database
|
vers:unknown/13.5.0.0 | ||
|
vers:oracle/>=19.3|<=19.22
Oracle / Oracle Database Server
|
vers:oracle/>=19.3|<=19.22 | ||
|
vers:oracle/>=19.3|<=19.26
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:*:*:*:*:*:*:*
|
vers:oracle/>=19.3|<=19.26 | |
|
vers:oracle/>=21.3|<=21.13
Oracle / Oracle Database Server
|
vers:oracle/>=21.3|<=21.13 | ||
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=21.4|<=21.16
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:*:*:*:*:*:*:*
|
vers:oracle/>=21.4|<=21.16 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/13.5.0.0
Oracle / Oracle Enterprise Manager for Oracle Database
|
vers:oracle/13.5.0.0 | ||
|
vers:oracle/1.5.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*
|
vers:oracle/1.5.0 | |
|
vers:oracle/1.6.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.0:*:*:*:*:*:*:*
|
vers:oracle/1.6.0 | |
|
vers:oracle/1.6.1
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.1:*:*:*:*:*:*:*
|
vers:oracle/1.6.1 | |
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0
Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database
|
cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:*:*:*:*:*:*:*
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0 | |
|
vers:semver/19.3|<=19.26
Oracle Corporation / Oracle Database Server
|
vers:semver/19.3|<=19.26 | ||
|
vers:semver/21.3|<=21.17
Oracle Corporation / Oracle Database Server
|
vers:semver/21.3|<=21.17 | ||
|
vers:semver/23.4|<=23.7
Oracle Corporation / Oracle Database Server
|
vers:semver/23.4|<=23.7 | ||
|
vers:oracle/25.1.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:*:*:*:*:*:*:*
|
vers:oracle/25.1.0 | |
|
vers:oracle/25.2.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:*:*:*:*:*:*:*
|
vers:oracle/25.2.0 | |
|
vers:oracle/>=23.8.0|<=23.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=23.8.0|<=23.11.0 | |
|
vers:oracle/>=24.1.0|<=24.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=24.1.0|<=24.11.0 | |
|
vers:oracle/21.7.1.0.0
Oracle / Oracle Essbase / Oracle Essbase
|
cpe:2.3:a:oracle:essbase:21.7.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.7.1.0.0 | |
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle / GoldenGate
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219 | ||
|
vers:unknown/>=21.3|<=21.17
Oracle / Oracle / GoldenGate
|
vers:unknown/>=21.3|<=21.17 | ||
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10
Oracle / Oracle GoldenGate / GoldenGate Stream Analytics
|
cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10 | |
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219 | |
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18 | |
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0 | |
|
vers:oracle/>=23.4|<=23.6
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.6 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7
Oracle / Oracle GoldenGate Stream Analytics
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7 | ||
|
vers:oracle/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:oracle/23.1 | ||
|
vers:oracle/<23.1
Oracle / Big Data Spatial and Graph
|
vers:oracle/<23.1 | ||
|
vers:unknown/2.0
Oracle / Big Data Spatial and Graph
|
cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:*:*:*:*:*:*:*
|
vers:unknown/2.0 | |
|
vers:unknown/2.0
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/2.0 | ||
|
vers:unknown/20.2
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/20.2 | ||
|
vers:unknown/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/23.1
Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/none
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/none | ||
|
vers:oracle/23.4.3
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.3:*:*:*:*:*:*:*
|
vers:oracle/23.4.3 | |
|
vers:oracle/24.3.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.3.0:*:*:*:*:*:*:*
|
vers:oracle/24.3.0 | |
|
vers:oracle/23.4.4
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.4:*:*:*:*:*:*:*
|
vers:oracle/23.4.4 | |
|
vers:oracle/24.4.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.4.0:*:*:*:*:*:*:*
|
vers:oracle/24.4.0 | |
|
vers:oracle/<=22.4.7
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=22.4.7 | |
|
vers:oracle/<=23.4.2
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=23.4.2 | |
|
vers:oracle/<=24.1.0
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=24.1.0 | |
|
vers:oracle/3.0.6
Oracle / Oracle Big Data Spatial and Graph
|
cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:*:*:*:*:*:*:*
|
vers:oracle/3.0.6 | |
|
vers:oracle/12.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.1 | |
|
vers:oracle/12.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.2 | |
|
vers:oracle/12.1.0.3
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.3:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.3 | |
|
vers:oracle/18.1.0.0
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.0 | |
|
vers:oracle/18.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.1 | |
|
vers:oracle/18.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.2 | |
|
vers:semver/12.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.1 | ||
|
vers:semver/12.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.2 | ||
|
vers:semver/12.1.0.3
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.3 | ||
|
vers:semver/18.1.0.0
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.0 | ||
|
vers:semver/18.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.1 | ||
|
vers:semver/18.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.2 |
7.5 (High)
Affected products
Known affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/22.1
Oracle / Oracle / Database Server
|
vers:unknown/22.1 | ||
|
vers:unknown/13.5.0.0
Oracle / Oracle / Enterprise Manager for Oracle Database
|
vers:unknown/13.5.0.0 | ||
|
vers:oracle/>=19.3|<=19.22
Oracle / Oracle Database Server
|
vers:oracle/>=19.3|<=19.22 | ||
|
vers:oracle/>=19.3|<=19.26
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:*:*:*:*:*:*:*
|
vers:oracle/>=19.3|<=19.26 | |
|
vers:oracle/>=21.3|<=21.13
Oracle / Oracle Database Server
|
vers:oracle/>=21.3|<=21.13 | ||
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=21.4|<=21.16
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:*:*:*:*:*:*:*
|
vers:oracle/>=21.4|<=21.16 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/13.5.0.0
Oracle / Oracle Enterprise Manager for Oracle Database
|
vers:oracle/13.5.0.0 | ||
|
vers:oracle/1.5.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*
|
vers:oracle/1.5.0 | |
|
vers:oracle/1.6.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.0:*:*:*:*:*:*:*
|
vers:oracle/1.6.0 | |
|
vers:oracle/1.6.1
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.1:*:*:*:*:*:*:*
|
vers:oracle/1.6.1 | |
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0
Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database
|
cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:*:*:*:*:*:*:*
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0 | |
|
vers:semver/19.3|<=19.26
Oracle Corporation / Oracle Database Server
|
vers:semver/19.3|<=19.26 | ||
|
vers:semver/21.3|<=21.17
Oracle Corporation / Oracle Database Server
|
vers:semver/21.3|<=21.17 | ||
|
vers:semver/23.4|<=23.7
Oracle Corporation / Oracle Database Server
|
vers:semver/23.4|<=23.7 | ||
|
vers:oracle/25.1.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:*:*:*:*:*:*:*
|
vers:oracle/25.1.0 | |
|
vers:oracle/25.2.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:*:*:*:*:*:*:*
|
vers:oracle/25.2.0 | |
|
vers:oracle/>=23.8.0|<=23.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=23.8.0|<=23.11.0 | |
|
vers:oracle/>=24.1.0|<=24.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=24.1.0|<=24.11.0 | |
|
vers:oracle/21.7.1.0.0
Oracle / Oracle Essbase / Oracle Essbase
|
cpe:2.3:a:oracle:essbase:21.7.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.7.1.0.0 | |
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle / GoldenGate
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219 | ||
|
vers:unknown/>=21.3|<=21.17
Oracle / Oracle / GoldenGate
|
vers:unknown/>=21.3|<=21.17 | ||
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10
Oracle / Oracle GoldenGate / GoldenGate Stream Analytics
|
cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10 | |
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219 | |
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18 | |
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0 | |
|
vers:oracle/>=23.4|<=23.6
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.6 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7
Oracle / Oracle GoldenGate Stream Analytics
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7 | ||
|
vers:oracle/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:oracle/23.1 | ||
|
vers:oracle/<23.1
Oracle / Big Data Spatial and Graph
|
vers:oracle/<23.1 | ||
|
vers:unknown/2.0
Oracle / Big Data Spatial and Graph
|
cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:*:*:*:*:*:*:*
|
vers:unknown/2.0 | |
|
vers:unknown/2.0
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/2.0 | ||
|
vers:unknown/20.2
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/20.2 | ||
|
vers:unknown/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/23.1
Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/none
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/none | ||
|
vers:oracle/23.4.3
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.3:*:*:*:*:*:*:*
|
vers:oracle/23.4.3 | |
|
vers:oracle/24.3.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.3.0:*:*:*:*:*:*:*
|
vers:oracle/24.3.0 | |
|
vers:oracle/23.4.4
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.4:*:*:*:*:*:*:*
|
vers:oracle/23.4.4 | |
|
vers:oracle/24.4.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.4.0:*:*:*:*:*:*:*
|
vers:oracle/24.4.0 | |
|
vers:oracle/<=22.4.7
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=22.4.7 | |
|
vers:oracle/<=23.4.2
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=23.4.2 | |
|
vers:oracle/<=24.1.0
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=24.1.0 | |
|
vers:oracle/3.0.6
Oracle / Oracle Big Data Spatial and Graph
|
cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:*:*:*:*:*:*:*
|
vers:oracle/3.0.6 | |
|
vers:oracle/12.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.1 | |
|
vers:oracle/12.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.2 | |
|
vers:oracle/12.1.0.3
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.3:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.3 | |
|
vers:oracle/18.1.0.0
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.0 | |
|
vers:oracle/18.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.1 | |
|
vers:oracle/18.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.2 | |
|
vers:semver/12.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.1 | ||
|
vers:semver/12.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.2 | ||
|
vers:semver/12.1.0.3
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.3 | ||
|
vers:semver/18.1.0.0
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.0 | ||
|
vers:semver/18.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.1 | ||
|
vers:semver/18.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.2 |
6.7 (Medium)
Affected products
Known affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/22.1
Oracle / Oracle / Database Server
|
vers:unknown/22.1 | ||
|
vers:unknown/13.5.0.0
Oracle / Oracle / Enterprise Manager for Oracle Database
|
vers:unknown/13.5.0.0 | ||
|
vers:oracle/>=19.3|<=19.22
Oracle / Oracle Database Server
|
vers:oracle/>=19.3|<=19.22 | ||
|
vers:oracle/>=19.3|<=19.26
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:*:*:*:*:*:*:*
|
vers:oracle/>=19.3|<=19.26 | |
|
vers:oracle/>=21.3|<=21.13
Oracle / Oracle Database Server
|
vers:oracle/>=21.3|<=21.13 | ||
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=21.4|<=21.16
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:*:*:*:*:*:*:*
|
vers:oracle/>=21.4|<=21.16 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/13.5.0.0
Oracle / Oracle Enterprise Manager for Oracle Database
|
vers:oracle/13.5.0.0 | ||
|
vers:oracle/1.5.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*
|
vers:oracle/1.5.0 | |
|
vers:oracle/1.6.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.0:*:*:*:*:*:*:*
|
vers:oracle/1.6.0 | |
|
vers:oracle/1.6.1
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.1:*:*:*:*:*:*:*
|
vers:oracle/1.6.1 | |
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0
Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database
|
cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:*:*:*:*:*:*:*
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0 | |
|
vers:semver/19.3|<=19.26
Oracle Corporation / Oracle Database Server
|
vers:semver/19.3|<=19.26 | ||
|
vers:semver/21.3|<=21.17
Oracle Corporation / Oracle Database Server
|
vers:semver/21.3|<=21.17 | ||
|
vers:semver/23.4|<=23.7
Oracle Corporation / Oracle Database Server
|
vers:semver/23.4|<=23.7 | ||
|
vers:oracle/25.1.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:*:*:*:*:*:*:*
|
vers:oracle/25.1.0 | |
|
vers:oracle/25.2.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:*:*:*:*:*:*:*
|
vers:oracle/25.2.0 | |
|
vers:oracle/>=23.8.0|<=23.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=23.8.0|<=23.11.0 | |
|
vers:oracle/>=24.1.0|<=24.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=24.1.0|<=24.11.0 | |
|
vers:oracle/21.7.1.0.0
Oracle / Oracle Essbase / Oracle Essbase
|
cpe:2.3:a:oracle:essbase:21.7.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.7.1.0.0 | |
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle / GoldenGate
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219 | ||
|
vers:unknown/>=21.3|<=21.17
Oracle / Oracle / GoldenGate
|
vers:unknown/>=21.3|<=21.17 | ||
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10
Oracle / Oracle GoldenGate / GoldenGate Stream Analytics
|
cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10 | |
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219 | |
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18 | |
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0 | |
|
vers:oracle/>=23.4|<=23.6
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.6 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7
Oracle / Oracle GoldenGate Stream Analytics
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7 | ||
|
vers:oracle/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:oracle/23.1 | ||
|
vers:oracle/<23.1
Oracle / Big Data Spatial and Graph
|
vers:oracle/<23.1 | ||
|
vers:unknown/2.0
Oracle / Big Data Spatial and Graph
|
cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:*:*:*:*:*:*:*
|
vers:unknown/2.0 | |
|
vers:unknown/2.0
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/2.0 | ||
|
vers:unknown/20.2
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/20.2 | ||
|
vers:unknown/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/23.1
Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/none
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/none | ||
|
vers:oracle/23.4.3
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.3:*:*:*:*:*:*:*
|
vers:oracle/23.4.3 | |
|
vers:oracle/24.3.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.3.0:*:*:*:*:*:*:*
|
vers:oracle/24.3.0 | |
|
vers:oracle/23.4.4
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.4:*:*:*:*:*:*:*
|
vers:oracle/23.4.4 | |
|
vers:oracle/24.4.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.4.0:*:*:*:*:*:*:*
|
vers:oracle/24.4.0 | |
|
vers:oracle/<=22.4.7
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=22.4.7 | |
|
vers:oracle/<=23.4.2
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=23.4.2 | |
|
vers:oracle/<=24.1.0
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=24.1.0 | |
|
vers:oracle/3.0.6
Oracle / Oracle Big Data Spatial and Graph
|
cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:*:*:*:*:*:*:*
|
vers:oracle/3.0.6 | |
|
vers:oracle/12.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.1 | |
|
vers:oracle/12.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.2 | |
|
vers:oracle/12.1.0.3
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.3:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.3 | |
|
vers:oracle/18.1.0.0
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.0 | |
|
vers:oracle/18.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.1 | |
|
vers:oracle/18.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.2 | |
|
vers:semver/12.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.1 | ||
|
vers:semver/12.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.2 | ||
|
vers:semver/12.1.0.3
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.3 | ||
|
vers:semver/18.1.0.0
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.0 | ||
|
vers:semver/18.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.1 | ||
|
vers:semver/18.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.2 |
9.8 (Critical)
Affected products
Known affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/22.1
Oracle / Oracle / Database Server
|
vers:unknown/22.1 | ||
|
vers:unknown/13.5.0.0
Oracle / Oracle / Enterprise Manager for Oracle Database
|
vers:unknown/13.5.0.0 | ||
|
vers:oracle/>=19.3|<=19.22
Oracle / Oracle Database Server
|
vers:oracle/>=19.3|<=19.22 | ||
|
vers:oracle/>=19.3|<=19.26
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:*:*:*:*:*:*:*
|
vers:oracle/>=19.3|<=19.26 | |
|
vers:oracle/>=21.3|<=21.13
Oracle / Oracle Database Server
|
vers:oracle/>=21.3|<=21.13 | ||
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=21.4|<=21.16
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:*:*:*:*:*:*:*
|
vers:oracle/>=21.4|<=21.16 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/13.5.0.0
Oracle / Oracle Enterprise Manager for Oracle Database
|
vers:oracle/13.5.0.0 | ||
|
vers:oracle/1.5.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*
|
vers:oracle/1.5.0 | |
|
vers:oracle/1.6.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.0:*:*:*:*:*:*:*
|
vers:oracle/1.6.0 | |
|
vers:oracle/1.6.1
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.1:*:*:*:*:*:*:*
|
vers:oracle/1.6.1 | |
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0
Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database
|
cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:*:*:*:*:*:*:*
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0 | |
|
vers:semver/19.3|<=19.26
Oracle Corporation / Oracle Database Server
|
vers:semver/19.3|<=19.26 | ||
|
vers:semver/21.3|<=21.17
Oracle Corporation / Oracle Database Server
|
vers:semver/21.3|<=21.17 | ||
|
vers:semver/23.4|<=23.7
Oracle Corporation / Oracle Database Server
|
vers:semver/23.4|<=23.7 | ||
|
vers:oracle/25.1.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:*:*:*:*:*:*:*
|
vers:oracle/25.1.0 | |
|
vers:oracle/25.2.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:*:*:*:*:*:*:*
|
vers:oracle/25.2.0 | |
|
vers:oracle/>=23.8.0|<=23.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=23.8.0|<=23.11.0 | |
|
vers:oracle/>=24.1.0|<=24.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=24.1.0|<=24.11.0 | |
|
vers:oracle/21.7.1.0.0
Oracle / Oracle Essbase / Oracle Essbase
|
cpe:2.3:a:oracle:essbase:21.7.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.7.1.0.0 | |
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle / GoldenGate
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219 | ||
|
vers:unknown/>=21.3|<=21.17
Oracle / Oracle / GoldenGate
|
vers:unknown/>=21.3|<=21.17 | ||
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10
Oracle / Oracle GoldenGate / GoldenGate Stream Analytics
|
cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10 | |
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219 | |
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18 | |
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0 | |
|
vers:oracle/>=23.4|<=23.6
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.6 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7
Oracle / Oracle GoldenGate Stream Analytics
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7 | ||
|
vers:oracle/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:oracle/23.1 | ||
|
vers:oracle/<23.1
Oracle / Big Data Spatial and Graph
|
vers:oracle/<23.1 | ||
|
vers:unknown/2.0
Oracle / Big Data Spatial and Graph
|
cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:*:*:*:*:*:*:*
|
vers:unknown/2.0 | |
|
vers:unknown/2.0
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/2.0 | ||
|
vers:unknown/20.2
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/20.2 | ||
|
vers:unknown/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/23.1
Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/none
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/none | ||
|
vers:oracle/23.4.3
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.3:*:*:*:*:*:*:*
|
vers:oracle/23.4.3 | |
|
vers:oracle/24.3.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.3.0:*:*:*:*:*:*:*
|
vers:oracle/24.3.0 | |
|
vers:oracle/23.4.4
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.4:*:*:*:*:*:*:*
|
vers:oracle/23.4.4 | |
|
vers:oracle/24.4.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.4.0:*:*:*:*:*:*:*
|
vers:oracle/24.4.0 | |
|
vers:oracle/<=22.4.7
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=22.4.7 | |
|
vers:oracle/<=23.4.2
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=23.4.2 | |
|
vers:oracle/<=24.1.0
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=24.1.0 | |
|
vers:oracle/3.0.6
Oracle / Oracle Big Data Spatial and Graph
|
cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:*:*:*:*:*:*:*
|
vers:oracle/3.0.6 | |
|
vers:oracle/12.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.1 | |
|
vers:oracle/12.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.2 | |
|
vers:oracle/12.1.0.3
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.3:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.3 | |
|
vers:oracle/18.1.0.0
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.0 | |
|
vers:oracle/18.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.1 | |
|
vers:oracle/18.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.2 | |
|
vers:semver/12.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.1 | ||
|
vers:semver/12.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.2 | ||
|
vers:semver/12.1.0.3
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.3 | ||
|
vers:semver/18.1.0.0
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.0 | ||
|
vers:semver/18.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.1 | ||
|
vers:semver/18.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.2 |
7.5 (High)
Affected products
Known affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/22.1
Oracle / Oracle / Database Server
|
vers:unknown/22.1 | ||
|
vers:unknown/13.5.0.0
Oracle / Oracle / Enterprise Manager for Oracle Database
|
vers:unknown/13.5.0.0 | ||
|
vers:oracle/>=19.3|<=19.22
Oracle / Oracle Database Server
|
vers:oracle/>=19.3|<=19.22 | ||
|
vers:oracle/>=19.3|<=19.26
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:*:*:*:*:*:*:*
|
vers:oracle/>=19.3|<=19.26 | |
|
vers:oracle/>=21.3|<=21.13
Oracle / Oracle Database Server
|
vers:oracle/>=21.3|<=21.13 | ||
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=21.4|<=21.16
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:*:*:*:*:*:*:*
|
vers:oracle/>=21.4|<=21.16 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/13.5.0.0
Oracle / Oracle Enterprise Manager for Oracle Database
|
vers:oracle/13.5.0.0 | ||
|
vers:oracle/1.5.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*
|
vers:oracle/1.5.0 | |
|
vers:oracle/1.6.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.0:*:*:*:*:*:*:*
|
vers:oracle/1.6.0 | |
|
vers:oracle/1.6.1
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.1:*:*:*:*:*:*:*
|
vers:oracle/1.6.1 | |
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0
Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database
|
cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:*:*:*:*:*:*:*
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0 | |
|
vers:semver/19.3|<=19.26
Oracle Corporation / Oracle Database Server
|
vers:semver/19.3|<=19.26 | ||
|
vers:semver/21.3|<=21.17
Oracle Corporation / Oracle Database Server
|
vers:semver/21.3|<=21.17 | ||
|
vers:semver/23.4|<=23.7
Oracle Corporation / Oracle Database Server
|
vers:semver/23.4|<=23.7 | ||
|
vers:oracle/25.1.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:*:*:*:*:*:*:*
|
vers:oracle/25.1.0 | |
|
vers:oracle/25.2.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:*:*:*:*:*:*:*
|
vers:oracle/25.2.0 | |
|
vers:oracle/>=23.8.0|<=23.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=23.8.0|<=23.11.0 | |
|
vers:oracle/>=24.1.0|<=24.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=24.1.0|<=24.11.0 | |
|
vers:oracle/21.7.1.0.0
Oracle / Oracle Essbase / Oracle Essbase
|
cpe:2.3:a:oracle:essbase:21.7.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.7.1.0.0 | |
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle / GoldenGate
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219 | ||
|
vers:unknown/>=21.3|<=21.17
Oracle / Oracle / GoldenGate
|
vers:unknown/>=21.3|<=21.17 | ||
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10
Oracle / Oracle GoldenGate / GoldenGate Stream Analytics
|
cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10 | |
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219 | |
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18 | |
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0 | |
|
vers:oracle/>=23.4|<=23.6
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.6 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7
Oracle / Oracle GoldenGate Stream Analytics
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7 | ||
|
vers:oracle/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:oracle/23.1 | ||
|
vers:oracle/<23.1
Oracle / Big Data Spatial and Graph
|
vers:oracle/<23.1 | ||
|
vers:unknown/2.0
Oracle / Big Data Spatial and Graph
|
cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:*:*:*:*:*:*:*
|
vers:unknown/2.0 | |
|
vers:unknown/2.0
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/2.0 | ||
|
vers:unknown/20.2
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/20.2 | ||
|
vers:unknown/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/23.1
Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/none
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/none | ||
|
vers:oracle/23.4.3
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.3:*:*:*:*:*:*:*
|
vers:oracle/23.4.3 | |
|
vers:oracle/24.3.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.3.0:*:*:*:*:*:*:*
|
vers:oracle/24.3.0 | |
|
vers:oracle/23.4.4
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.4:*:*:*:*:*:*:*
|
vers:oracle/23.4.4 | |
|
vers:oracle/24.4.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.4.0:*:*:*:*:*:*:*
|
vers:oracle/24.4.0 | |
|
vers:oracle/<=22.4.7
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=22.4.7 | |
|
vers:oracle/<=23.4.2
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=23.4.2 | |
|
vers:oracle/<=24.1.0
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=24.1.0 | |
|
vers:oracle/3.0.6
Oracle / Oracle Big Data Spatial and Graph
|
cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:*:*:*:*:*:*:*
|
vers:oracle/3.0.6 | |
|
vers:oracle/12.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.1 | |
|
vers:oracle/12.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.2 | |
|
vers:oracle/12.1.0.3
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.3:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.3 | |
|
vers:oracle/18.1.0.0
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.0 | |
|
vers:oracle/18.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.1 | |
|
vers:oracle/18.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.2 | |
|
vers:semver/12.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.1 | ||
|
vers:semver/12.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.2 | ||
|
vers:semver/12.1.0.3
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.3 | ||
|
vers:semver/18.1.0.0
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.0 | ||
|
vers:semver/18.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.1 | ||
|
vers:semver/18.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.2 |
7.5 (High)
Affected products
Known affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/22.1
Oracle / Oracle / Database Server
|
vers:unknown/22.1 | ||
|
vers:unknown/13.5.0.0
Oracle / Oracle / Enterprise Manager for Oracle Database
|
vers:unknown/13.5.0.0 | ||
|
vers:oracle/>=19.3|<=19.22
Oracle / Oracle Database Server
|
vers:oracle/>=19.3|<=19.22 | ||
|
vers:oracle/>=19.3|<=19.26
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:*:*:*:*:*:*:*
|
vers:oracle/>=19.3|<=19.26 | |
|
vers:oracle/>=21.3|<=21.13
Oracle / Oracle Database Server
|
vers:oracle/>=21.3|<=21.13 | ||
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=21.4|<=21.16
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:*:*:*:*:*:*:*
|
vers:oracle/>=21.4|<=21.16 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/13.5.0.0
Oracle / Oracle Enterprise Manager for Oracle Database
|
vers:oracle/13.5.0.0 | ||
|
vers:oracle/1.5.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*
|
vers:oracle/1.5.0 | |
|
vers:oracle/1.6.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.0:*:*:*:*:*:*:*
|
vers:oracle/1.6.0 | |
|
vers:oracle/1.6.1
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.1:*:*:*:*:*:*:*
|
vers:oracle/1.6.1 | |
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0
Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database
|
cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:*:*:*:*:*:*:*
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0 | |
|
vers:semver/19.3|<=19.26
Oracle Corporation / Oracle Database Server
|
vers:semver/19.3|<=19.26 | ||
|
vers:semver/21.3|<=21.17
Oracle Corporation / Oracle Database Server
|
vers:semver/21.3|<=21.17 | ||
|
vers:semver/23.4|<=23.7
Oracle Corporation / Oracle Database Server
|
vers:semver/23.4|<=23.7 | ||
|
vers:oracle/25.1.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:*:*:*:*:*:*:*
|
vers:oracle/25.1.0 | |
|
vers:oracle/25.2.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:*:*:*:*:*:*:*
|
vers:oracle/25.2.0 | |
|
vers:oracle/>=23.8.0|<=23.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=23.8.0|<=23.11.0 | |
|
vers:oracle/>=24.1.0|<=24.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=24.1.0|<=24.11.0 | |
|
vers:oracle/21.7.1.0.0
Oracle / Oracle Essbase / Oracle Essbase
|
cpe:2.3:a:oracle:essbase:21.7.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.7.1.0.0 | |
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle / GoldenGate
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219 | ||
|
vers:unknown/>=21.3|<=21.17
Oracle / Oracle / GoldenGate
|
vers:unknown/>=21.3|<=21.17 | ||
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10
Oracle / Oracle GoldenGate / GoldenGate Stream Analytics
|
cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10 | |
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219 | |
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18 | |
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0 | |
|
vers:oracle/>=23.4|<=23.6
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.6 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7
Oracle / Oracle GoldenGate Stream Analytics
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7 | ||
|
vers:oracle/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:oracle/23.1 | ||
|
vers:oracle/<23.1
Oracle / Big Data Spatial and Graph
|
vers:oracle/<23.1 | ||
|
vers:unknown/2.0
Oracle / Big Data Spatial and Graph
|
cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:*:*:*:*:*:*:*
|
vers:unknown/2.0 | |
|
vers:unknown/2.0
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/2.0 | ||
|
vers:unknown/20.2
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/20.2 | ||
|
vers:unknown/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/23.1
Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/none
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/none | ||
|
vers:oracle/23.4.3
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.3:*:*:*:*:*:*:*
|
vers:oracle/23.4.3 | |
|
vers:oracle/24.3.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.3.0:*:*:*:*:*:*:*
|
vers:oracle/24.3.0 | |
|
vers:oracle/23.4.4
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.4:*:*:*:*:*:*:*
|
vers:oracle/23.4.4 | |
|
vers:oracle/24.4.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.4.0:*:*:*:*:*:*:*
|
vers:oracle/24.4.0 | |
|
vers:oracle/<=22.4.7
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=22.4.7 | |
|
vers:oracle/<=23.4.2
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=23.4.2 | |
|
vers:oracle/<=24.1.0
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=24.1.0 | |
|
vers:oracle/3.0.6
Oracle / Oracle Big Data Spatial and Graph
|
cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:*:*:*:*:*:*:*
|
vers:oracle/3.0.6 | |
|
vers:oracle/12.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.1 | |
|
vers:oracle/12.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.2 | |
|
vers:oracle/12.1.0.3
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.3:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.3 | |
|
vers:oracle/18.1.0.0
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.0 | |
|
vers:oracle/18.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.1 | |
|
vers:oracle/18.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.2 | |
|
vers:semver/12.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.1 | ||
|
vers:semver/12.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.2 | ||
|
vers:semver/12.1.0.3
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.3 | ||
|
vers:semver/18.1.0.0
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.0 | ||
|
vers:semver/18.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.1 | ||
|
vers:semver/18.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.2 |
4.5 (Medium)
Affected products
Known affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/22.1
Oracle / Oracle / Database Server
|
vers:unknown/22.1 | ||
|
vers:unknown/13.5.0.0
Oracle / Oracle / Enterprise Manager for Oracle Database
|
vers:unknown/13.5.0.0 | ||
|
vers:oracle/>=19.3|<=19.22
Oracle / Oracle Database Server
|
vers:oracle/>=19.3|<=19.22 | ||
|
vers:oracle/>=19.3|<=19.26
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:*:*:*:*:*:*:*
|
vers:oracle/>=19.3|<=19.26 | |
|
vers:oracle/>=21.3|<=21.13
Oracle / Oracle Database Server
|
vers:oracle/>=21.3|<=21.13 | ||
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=21.4|<=21.16
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:*:*:*:*:*:*:*
|
vers:oracle/>=21.4|<=21.16 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/13.5.0.0
Oracle / Oracle Enterprise Manager for Oracle Database
|
vers:oracle/13.5.0.0 | ||
|
vers:oracle/1.5.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*
|
vers:oracle/1.5.0 | |
|
vers:oracle/1.6.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.0:*:*:*:*:*:*:*
|
vers:oracle/1.6.0 | |
|
vers:oracle/1.6.1
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.1:*:*:*:*:*:*:*
|
vers:oracle/1.6.1 | |
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0
Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database
|
cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:*:*:*:*:*:*:*
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0 | |
|
vers:semver/19.3|<=19.26
Oracle Corporation / Oracle Database Server
|
vers:semver/19.3|<=19.26 | ||
|
vers:semver/21.3|<=21.17
Oracle Corporation / Oracle Database Server
|
vers:semver/21.3|<=21.17 | ||
|
vers:semver/23.4|<=23.7
Oracle Corporation / Oracle Database Server
|
vers:semver/23.4|<=23.7 | ||
|
vers:oracle/25.1.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:*:*:*:*:*:*:*
|
vers:oracle/25.1.0 | |
|
vers:oracle/25.2.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:*:*:*:*:*:*:*
|
vers:oracle/25.2.0 | |
|
vers:oracle/>=23.8.0|<=23.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=23.8.0|<=23.11.0 | |
|
vers:oracle/>=24.1.0|<=24.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=24.1.0|<=24.11.0 | |
|
vers:oracle/21.7.1.0.0
Oracle / Oracle Essbase / Oracle Essbase
|
cpe:2.3:a:oracle:essbase:21.7.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.7.1.0.0 | |
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle / GoldenGate
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219 | ||
|
vers:unknown/>=21.3|<=21.17
Oracle / Oracle / GoldenGate
|
vers:unknown/>=21.3|<=21.17 | ||
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10
Oracle / Oracle GoldenGate / GoldenGate Stream Analytics
|
cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10 | |
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219 | |
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18 | |
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0 | |
|
vers:oracle/>=23.4|<=23.6
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.6 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7
Oracle / Oracle GoldenGate Stream Analytics
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7 | ||
|
vers:oracle/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:oracle/23.1 | ||
|
vers:oracle/<23.1
Oracle / Big Data Spatial and Graph
|
vers:oracle/<23.1 | ||
|
vers:unknown/2.0
Oracle / Big Data Spatial and Graph
|
cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:*:*:*:*:*:*:*
|
vers:unknown/2.0 | |
|
vers:unknown/2.0
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/2.0 | ||
|
vers:unknown/20.2
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/20.2 | ||
|
vers:unknown/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/23.1
Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/none
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/none | ||
|
vers:oracle/23.4.3
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.3:*:*:*:*:*:*:*
|
vers:oracle/23.4.3 | |
|
vers:oracle/24.3.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.3.0:*:*:*:*:*:*:*
|
vers:oracle/24.3.0 | |
|
vers:oracle/23.4.4
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.4:*:*:*:*:*:*:*
|
vers:oracle/23.4.4 | |
|
vers:oracle/24.4.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.4.0:*:*:*:*:*:*:*
|
vers:oracle/24.4.0 | |
|
vers:oracle/<=22.4.7
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=22.4.7 | |
|
vers:oracle/<=23.4.2
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=23.4.2 | |
|
vers:oracle/<=24.1.0
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=24.1.0 | |
|
vers:oracle/3.0.6
Oracle / Oracle Big Data Spatial and Graph
|
cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:*:*:*:*:*:*:*
|
vers:oracle/3.0.6 | |
|
vers:oracle/12.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.1 | |
|
vers:oracle/12.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.2 | |
|
vers:oracle/12.1.0.3
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.3:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.3 | |
|
vers:oracle/18.1.0.0
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.0 | |
|
vers:oracle/18.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.1 | |
|
vers:oracle/18.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.2 | |
|
vers:semver/12.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.1 | ||
|
vers:semver/12.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.2 | ||
|
vers:semver/12.1.0.3
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.3 | ||
|
vers:semver/18.1.0.0
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.0 | ||
|
vers:semver/18.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.1 | ||
|
vers:semver/18.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.2 |
5.4 (Medium)
Affected products
Known affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/22.1
Oracle / Oracle / Database Server
|
vers:unknown/22.1 | ||
|
vers:unknown/13.5.0.0
Oracle / Oracle / Enterprise Manager for Oracle Database
|
vers:unknown/13.5.0.0 | ||
|
vers:oracle/>=19.3|<=19.22
Oracle / Oracle Database Server
|
vers:oracle/>=19.3|<=19.22 | ||
|
vers:oracle/>=19.3|<=19.26
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:*:*:*:*:*:*:*
|
vers:oracle/>=19.3|<=19.26 | |
|
vers:oracle/>=21.3|<=21.13
Oracle / Oracle Database Server
|
vers:oracle/>=21.3|<=21.13 | ||
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=21.4|<=21.16
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:*:*:*:*:*:*:*
|
vers:oracle/>=21.4|<=21.16 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/13.5.0.0
Oracle / Oracle Enterprise Manager for Oracle Database
|
vers:oracle/13.5.0.0 | ||
|
vers:oracle/1.5.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*
|
vers:oracle/1.5.0 | |
|
vers:oracle/1.6.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.0:*:*:*:*:*:*:*
|
vers:oracle/1.6.0 | |
|
vers:oracle/1.6.1
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.1:*:*:*:*:*:*:*
|
vers:oracle/1.6.1 | |
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0
Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database
|
cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:*:*:*:*:*:*:*
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0 | |
|
vers:semver/19.3|<=19.26
Oracle Corporation / Oracle Database Server
|
vers:semver/19.3|<=19.26 | ||
|
vers:semver/21.3|<=21.17
Oracle Corporation / Oracle Database Server
|
vers:semver/21.3|<=21.17 | ||
|
vers:semver/23.4|<=23.7
Oracle Corporation / Oracle Database Server
|
vers:semver/23.4|<=23.7 | ||
|
vers:oracle/25.1.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:*:*:*:*:*:*:*
|
vers:oracle/25.1.0 | |
|
vers:oracle/25.2.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:*:*:*:*:*:*:*
|
vers:oracle/25.2.0 | |
|
vers:oracle/>=23.8.0|<=23.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=23.8.0|<=23.11.0 | |
|
vers:oracle/>=24.1.0|<=24.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=24.1.0|<=24.11.0 | |
|
vers:oracle/21.7.1.0.0
Oracle / Oracle Essbase / Oracle Essbase
|
cpe:2.3:a:oracle:essbase:21.7.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.7.1.0.0 | |
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle / GoldenGate
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219 | ||
|
vers:unknown/>=21.3|<=21.17
Oracle / Oracle / GoldenGate
|
vers:unknown/>=21.3|<=21.17 | ||
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10
Oracle / Oracle GoldenGate / GoldenGate Stream Analytics
|
cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10 | |
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219 | |
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18 | |
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0 | |
|
vers:oracle/>=23.4|<=23.6
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.6 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7
Oracle / Oracle GoldenGate Stream Analytics
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7 | ||
|
vers:oracle/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:oracle/23.1 | ||
|
vers:oracle/<23.1
Oracle / Big Data Spatial and Graph
|
vers:oracle/<23.1 | ||
|
vers:unknown/2.0
Oracle / Big Data Spatial and Graph
|
cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:*:*:*:*:*:*:*
|
vers:unknown/2.0 | |
|
vers:unknown/2.0
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/2.0 | ||
|
vers:unknown/20.2
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/20.2 | ||
|
vers:unknown/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/23.1
Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/none
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/none | ||
|
vers:oracle/23.4.3
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.3:*:*:*:*:*:*:*
|
vers:oracle/23.4.3 | |
|
vers:oracle/24.3.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.3.0:*:*:*:*:*:*:*
|
vers:oracle/24.3.0 | |
|
vers:oracle/23.4.4
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.4:*:*:*:*:*:*:*
|
vers:oracle/23.4.4 | |
|
vers:oracle/24.4.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.4.0:*:*:*:*:*:*:*
|
vers:oracle/24.4.0 | |
|
vers:oracle/<=22.4.7
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=22.4.7 | |
|
vers:oracle/<=23.4.2
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=23.4.2 | |
|
vers:oracle/<=24.1.0
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=24.1.0 | |
|
vers:oracle/3.0.6
Oracle / Oracle Big Data Spatial and Graph
|
cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:*:*:*:*:*:*:*
|
vers:oracle/3.0.6 | |
|
vers:oracle/12.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.1 | |
|
vers:oracle/12.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.2 | |
|
vers:oracle/12.1.0.3
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.3:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.3 | |
|
vers:oracle/18.1.0.0
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.0 | |
|
vers:oracle/18.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.1 | |
|
vers:oracle/18.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.2 | |
|
vers:semver/12.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.1 | ||
|
vers:semver/12.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.2 | ||
|
vers:semver/12.1.0.3
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.3 | ||
|
vers:semver/18.1.0.0
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.0 | ||
|
vers:semver/18.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.1 | ||
|
vers:semver/18.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.2 |
7.3 (High)
Affected products
Known affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/22.1
Oracle / Oracle / Database Server
|
vers:unknown/22.1 | ||
|
vers:unknown/13.5.0.0
Oracle / Oracle / Enterprise Manager for Oracle Database
|
vers:unknown/13.5.0.0 | ||
|
vers:oracle/>=19.3|<=19.22
Oracle / Oracle Database Server
|
vers:oracle/>=19.3|<=19.22 | ||
|
vers:oracle/>=19.3|<=19.26
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:*:*:*:*:*:*:*
|
vers:oracle/>=19.3|<=19.26 | |
|
vers:oracle/>=21.3|<=21.13
Oracle / Oracle Database Server
|
vers:oracle/>=21.3|<=21.13 | ||
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=21.4|<=21.16
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:*:*:*:*:*:*:*
|
vers:oracle/>=21.4|<=21.16 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/13.5.0.0
Oracle / Oracle Enterprise Manager for Oracle Database
|
vers:oracle/13.5.0.0 | ||
|
vers:oracle/1.5.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*
|
vers:oracle/1.5.0 | |
|
vers:oracle/1.6.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.0:*:*:*:*:*:*:*
|
vers:oracle/1.6.0 | |
|
vers:oracle/1.6.1
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.1:*:*:*:*:*:*:*
|
vers:oracle/1.6.1 | |
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0
Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database
|
cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:*:*:*:*:*:*:*
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0 | |
|
vers:semver/19.3|<=19.26
Oracle Corporation / Oracle Database Server
|
vers:semver/19.3|<=19.26 | ||
|
vers:semver/21.3|<=21.17
Oracle Corporation / Oracle Database Server
|
vers:semver/21.3|<=21.17 | ||
|
vers:semver/23.4|<=23.7
Oracle Corporation / Oracle Database Server
|
vers:semver/23.4|<=23.7 | ||
|
vers:oracle/25.1.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:*:*:*:*:*:*:*
|
vers:oracle/25.1.0 | |
|
vers:oracle/25.2.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:*:*:*:*:*:*:*
|
vers:oracle/25.2.0 | |
|
vers:oracle/>=23.8.0|<=23.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=23.8.0|<=23.11.0 | |
|
vers:oracle/>=24.1.0|<=24.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=24.1.0|<=24.11.0 | |
|
vers:oracle/21.7.1.0.0
Oracle / Oracle Essbase / Oracle Essbase
|
cpe:2.3:a:oracle:essbase:21.7.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.7.1.0.0 | |
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle / GoldenGate
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219 | ||
|
vers:unknown/>=21.3|<=21.17
Oracle / Oracle / GoldenGate
|
vers:unknown/>=21.3|<=21.17 | ||
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10
Oracle / Oracle GoldenGate / GoldenGate Stream Analytics
|
cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10 | |
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219 | |
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18 | |
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0 | |
|
vers:oracle/>=23.4|<=23.6
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.6 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7
Oracle / Oracle GoldenGate Stream Analytics
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7 | ||
|
vers:oracle/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:oracle/23.1 | ||
|
vers:oracle/<23.1
Oracle / Big Data Spatial and Graph
|
vers:oracle/<23.1 | ||
|
vers:unknown/2.0
Oracle / Big Data Spatial and Graph
|
cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:*:*:*:*:*:*:*
|
vers:unknown/2.0 | |
|
vers:unknown/2.0
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/2.0 | ||
|
vers:unknown/20.2
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/20.2 | ||
|
vers:unknown/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/23.1
Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/none
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/none | ||
|
vers:oracle/23.4.3
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.3:*:*:*:*:*:*:*
|
vers:oracle/23.4.3 | |
|
vers:oracle/24.3.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.3.0:*:*:*:*:*:*:*
|
vers:oracle/24.3.0 | |
|
vers:oracle/23.4.4
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.4:*:*:*:*:*:*:*
|
vers:oracle/23.4.4 | |
|
vers:oracle/24.4.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.4.0:*:*:*:*:*:*:*
|
vers:oracle/24.4.0 | |
|
vers:oracle/<=22.4.7
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=22.4.7 | |
|
vers:oracle/<=23.4.2
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=23.4.2 | |
|
vers:oracle/<=24.1.0
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=24.1.0 | |
|
vers:oracle/3.0.6
Oracle / Oracle Big Data Spatial and Graph
|
cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:*:*:*:*:*:*:*
|
vers:oracle/3.0.6 | |
|
vers:oracle/12.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.1 | |
|
vers:oracle/12.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.2 | |
|
vers:oracle/12.1.0.3
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.3:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.3 | |
|
vers:oracle/18.1.0.0
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.0 | |
|
vers:oracle/18.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.1 | |
|
vers:oracle/18.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.2 | |
|
vers:semver/12.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.1 | ||
|
vers:semver/12.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.2 | ||
|
vers:semver/12.1.0.3
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.3 | ||
|
vers:semver/18.1.0.0
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.0 | ||
|
vers:semver/18.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.1 | ||
|
vers:semver/18.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.2 |
5.3 (Medium)
Affected products
Known affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/22.1
Oracle / Oracle / Database Server
|
vers:unknown/22.1 | ||
|
vers:unknown/13.5.0.0
Oracle / Oracle / Enterprise Manager for Oracle Database
|
vers:unknown/13.5.0.0 | ||
|
vers:oracle/>=19.3|<=19.22
Oracle / Oracle Database Server
|
vers:oracle/>=19.3|<=19.22 | ||
|
vers:oracle/>=19.3|<=19.26
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:*:*:*:*:*:*:*
|
vers:oracle/>=19.3|<=19.26 | |
|
vers:oracle/>=21.3|<=21.13
Oracle / Oracle Database Server
|
vers:oracle/>=21.3|<=21.13 | ||
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=21.4|<=21.16
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:*:*:*:*:*:*:*
|
vers:oracle/>=21.4|<=21.16 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/13.5.0.0
Oracle / Oracle Enterprise Manager for Oracle Database
|
vers:oracle/13.5.0.0 | ||
|
vers:oracle/1.5.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*
|
vers:oracle/1.5.0 | |
|
vers:oracle/1.6.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.0:*:*:*:*:*:*:*
|
vers:oracle/1.6.0 | |
|
vers:oracle/1.6.1
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.1:*:*:*:*:*:*:*
|
vers:oracle/1.6.1 | |
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0
Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database
|
cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:*:*:*:*:*:*:*
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0 | |
|
vers:semver/19.3|<=19.26
Oracle Corporation / Oracle Database Server
|
vers:semver/19.3|<=19.26 | ||
|
vers:semver/21.3|<=21.17
Oracle Corporation / Oracle Database Server
|
vers:semver/21.3|<=21.17 | ||
|
vers:semver/23.4|<=23.7
Oracle Corporation / Oracle Database Server
|
vers:semver/23.4|<=23.7 | ||
|
vers:oracle/25.1.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:*:*:*:*:*:*:*
|
vers:oracle/25.1.0 | |
|
vers:oracle/25.2.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:*:*:*:*:*:*:*
|
vers:oracle/25.2.0 | |
|
vers:oracle/>=23.8.0|<=23.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=23.8.0|<=23.11.0 | |
|
vers:oracle/>=24.1.0|<=24.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=24.1.0|<=24.11.0 | |
|
vers:oracle/21.7.1.0.0
Oracle / Oracle Essbase / Oracle Essbase
|
cpe:2.3:a:oracle:essbase:21.7.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.7.1.0.0 | |
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle / GoldenGate
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219 | ||
|
vers:unknown/>=21.3|<=21.17
Oracle / Oracle / GoldenGate
|
vers:unknown/>=21.3|<=21.17 | ||
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10
Oracle / Oracle GoldenGate / GoldenGate Stream Analytics
|
cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10 | |
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219 | |
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18 | |
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0 | |
|
vers:oracle/>=23.4|<=23.6
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.6 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7
Oracle / Oracle GoldenGate Stream Analytics
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7 | ||
|
vers:oracle/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:oracle/23.1 | ||
|
vers:oracle/<23.1
Oracle / Big Data Spatial and Graph
|
vers:oracle/<23.1 | ||
|
vers:unknown/2.0
Oracle / Big Data Spatial and Graph
|
cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:*:*:*:*:*:*:*
|
vers:unknown/2.0 | |
|
vers:unknown/2.0
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/2.0 | ||
|
vers:unknown/20.2
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/20.2 | ||
|
vers:unknown/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/23.1
Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/none
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/none | ||
|
vers:oracle/23.4.3
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.3:*:*:*:*:*:*:*
|
vers:oracle/23.4.3 | |
|
vers:oracle/24.3.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.3.0:*:*:*:*:*:*:*
|
vers:oracle/24.3.0 | |
|
vers:oracle/23.4.4
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.4:*:*:*:*:*:*:*
|
vers:oracle/23.4.4 | |
|
vers:oracle/24.4.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.4.0:*:*:*:*:*:*:*
|
vers:oracle/24.4.0 | |
|
vers:oracle/<=22.4.7
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=22.4.7 | |
|
vers:oracle/<=23.4.2
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=23.4.2 | |
|
vers:oracle/<=24.1.0
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=24.1.0 | |
|
vers:oracle/3.0.6
Oracle / Oracle Big Data Spatial and Graph
|
cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:*:*:*:*:*:*:*
|
vers:oracle/3.0.6 | |
|
vers:oracle/12.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.1 | |
|
vers:oracle/12.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.2 | |
|
vers:oracle/12.1.0.3
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.3:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.3 | |
|
vers:oracle/18.1.0.0
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.0 | |
|
vers:oracle/18.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.1 | |
|
vers:oracle/18.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.2 | |
|
vers:semver/12.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.1 | ||
|
vers:semver/12.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.2 | ||
|
vers:semver/12.1.0.3
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.3 | ||
|
vers:semver/18.1.0.0
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.0 | ||
|
vers:semver/18.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.1 | ||
|
vers:semver/18.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.2 |
6.5 (Medium)
Affected products
Known affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/22.1
Oracle / Oracle / Database Server
|
vers:unknown/22.1 | ||
|
vers:unknown/13.5.0.0
Oracle / Oracle / Enterprise Manager for Oracle Database
|
vers:unknown/13.5.0.0 | ||
|
vers:oracle/>=19.3|<=19.22
Oracle / Oracle Database Server
|
vers:oracle/>=19.3|<=19.22 | ||
|
vers:oracle/>=19.3|<=19.26
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:*:*:*:*:*:*:*
|
vers:oracle/>=19.3|<=19.26 | |
|
vers:oracle/>=21.3|<=21.13
Oracle / Oracle Database Server
|
vers:oracle/>=21.3|<=21.13 | ||
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=21.4|<=21.16
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:*:*:*:*:*:*:*
|
vers:oracle/>=21.4|<=21.16 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/13.5.0.0
Oracle / Oracle Enterprise Manager for Oracle Database
|
vers:oracle/13.5.0.0 | ||
|
vers:oracle/1.5.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*
|
vers:oracle/1.5.0 | |
|
vers:oracle/1.6.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.0:*:*:*:*:*:*:*
|
vers:oracle/1.6.0 | |
|
vers:oracle/1.6.1
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.1:*:*:*:*:*:*:*
|
vers:oracle/1.6.1 | |
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0
Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database
|
cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:*:*:*:*:*:*:*
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0 | |
|
vers:semver/19.3|<=19.26
Oracle Corporation / Oracle Database Server
|
vers:semver/19.3|<=19.26 | ||
|
vers:semver/21.3|<=21.17
Oracle Corporation / Oracle Database Server
|
vers:semver/21.3|<=21.17 | ||
|
vers:semver/23.4|<=23.7
Oracle Corporation / Oracle Database Server
|
vers:semver/23.4|<=23.7 | ||
|
vers:oracle/25.1.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:*:*:*:*:*:*:*
|
vers:oracle/25.1.0 | |
|
vers:oracle/25.2.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:*:*:*:*:*:*:*
|
vers:oracle/25.2.0 | |
|
vers:oracle/>=23.8.0|<=23.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=23.8.0|<=23.11.0 | |
|
vers:oracle/>=24.1.0|<=24.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=24.1.0|<=24.11.0 | |
|
vers:oracle/21.7.1.0.0
Oracle / Oracle Essbase / Oracle Essbase
|
cpe:2.3:a:oracle:essbase:21.7.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.7.1.0.0 | |
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle / GoldenGate
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219 | ||
|
vers:unknown/>=21.3|<=21.17
Oracle / Oracle / GoldenGate
|
vers:unknown/>=21.3|<=21.17 | ||
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10
Oracle / Oracle GoldenGate / GoldenGate Stream Analytics
|
cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10 | |
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219 | |
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18 | |
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0 | |
|
vers:oracle/>=23.4|<=23.6
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.6 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7
Oracle / Oracle GoldenGate Stream Analytics
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7 | ||
|
vers:oracle/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:oracle/23.1 | ||
|
vers:oracle/<23.1
Oracle / Big Data Spatial and Graph
|
vers:oracle/<23.1 | ||
|
vers:unknown/2.0
Oracle / Big Data Spatial and Graph
|
cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:*:*:*:*:*:*:*
|
vers:unknown/2.0 | |
|
vers:unknown/2.0
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/2.0 | ||
|
vers:unknown/20.2
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/20.2 | ||
|
vers:unknown/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/23.1
Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/none
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/none | ||
|
vers:oracle/23.4.3
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.3:*:*:*:*:*:*:*
|
vers:oracle/23.4.3 | |
|
vers:oracle/24.3.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.3.0:*:*:*:*:*:*:*
|
vers:oracle/24.3.0 | |
|
vers:oracle/23.4.4
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.4:*:*:*:*:*:*:*
|
vers:oracle/23.4.4 | |
|
vers:oracle/24.4.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.4.0:*:*:*:*:*:*:*
|
vers:oracle/24.4.0 | |
|
vers:oracle/<=22.4.7
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=22.4.7 | |
|
vers:oracle/<=23.4.2
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=23.4.2 | |
|
vers:oracle/<=24.1.0
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=24.1.0 | |
|
vers:oracle/3.0.6
Oracle / Oracle Big Data Spatial and Graph
|
cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:*:*:*:*:*:*:*
|
vers:oracle/3.0.6 | |
|
vers:oracle/12.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.1 | |
|
vers:oracle/12.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.2 | |
|
vers:oracle/12.1.0.3
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.3:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.3 | |
|
vers:oracle/18.1.0.0
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.0 | |
|
vers:oracle/18.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.1 | |
|
vers:oracle/18.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.2 | |
|
vers:semver/12.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.1 | ||
|
vers:semver/12.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.2 | ||
|
vers:semver/12.1.0.3
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.3 | ||
|
vers:semver/18.1.0.0
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.0 | ||
|
vers:semver/18.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.1 | ||
|
vers:semver/18.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.2 |
7.4 (High)
Affected products
Known affected
59 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
vers:unknown/22.1
Oracle / Oracle / Database Server
|
vers:unknown/22.1 | ||
|
vers:unknown/13.5.0.0
Oracle / Oracle / Enterprise Manager for Oracle Database
|
vers:unknown/13.5.0.0 | ||
|
vers:oracle/>=19.3|<=19.22
Oracle / Oracle Database Server
|
vers:oracle/>=19.3|<=19.22 | ||
|
vers:oracle/>=19.3|<=19.26
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:*:*:*:*:*:*:*
|
vers:oracle/>=19.3|<=19.26 | |
|
vers:oracle/>=21.3|<=21.13
Oracle / Oracle Database Server
|
vers:oracle/>=21.3|<=21.13 | ||
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=21.4|<=21.16
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:*:*:*:*:*:*:*
|
vers:oracle/>=21.4|<=21.16 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle Database Server / Oracle Database Server
|
cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/13.5.0.0
Oracle / Oracle Enterprise Manager for Oracle Database
|
vers:oracle/13.5.0.0 | ||
|
vers:oracle/1.5.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*
|
vers:oracle/1.5.0 | |
|
vers:oracle/1.6.0
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.0:*:*:*:*:*:*:*
|
vers:oracle/1.6.0 | |
|
vers:oracle/1.6.1
Oracle / Oracle NoSQL Database / Oracle NoSQL Database
|
cpe:2.3:a:oracle:nosql_database:1.6.1:*:*:*:*:*:*:*
|
vers:oracle/1.6.1 | |
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0
Oracle / Oracle TimesTen In-Memory Database / Oracle TimesTen In-Memory Database
|
cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:*:*:*:*:*:*:*
|
vers:oracle/>=22.1.1.1.0|<=22.1.1.30.0 | |
|
vers:semver/19.3|<=19.26
Oracle Corporation / Oracle Database Server
|
vers:semver/19.3|<=19.26 | ||
|
vers:semver/21.3|<=21.17
Oracle Corporation / Oracle Database Server
|
vers:semver/21.3|<=21.17 | ||
|
vers:semver/23.4|<=23.7
Oracle Corporation / Oracle Database Server
|
vers:semver/23.4|<=23.7 | ||
|
vers:oracle/25.1.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:*:*:*:*:*:*:*
|
vers:oracle/25.1.0 | |
|
vers:oracle/25.2.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:*:*:*:*:*:*:*
|
vers:oracle/25.2.0 | |
|
vers:oracle/>=23.8.0|<=23.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=23.8.0|<=23.11.0 | |
|
vers:oracle/>=24.1.0|<=24.11.0
Oracle / Oracle Autonomous Health Framework / Autonomous Health Framework
|
cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:*:*:*:*:*:*:*
|
vers:oracle/>=24.1.0|<=24.11.0 | |
|
vers:oracle/21.7.1.0.0
Oracle / Oracle Essbase / Oracle Essbase
|
cpe:2.3:a:oracle:essbase:21.7.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/21.7.1.0.0 | |
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle / GoldenGate
|
vers:unknown/>=19.1.0.0.0|<=19.26.0.0.250219 | ||
|
vers:unknown/>=21.3|<=21.17
Oracle / Oracle / GoldenGate
|
vers:unknown/>=21.3|<=21.17 | ||
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10
Oracle / Oracle GoldenGate / GoldenGate Stream Analytics
|
cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.10 | |
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.26.0.0.250219 | |
|
vers:oracle/>=21.3|<=21.17
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:21.3-21.17:*:*:*:*:*:*:*
|
vers:oracle/>=21.3|<=21.17 | |
|
vers:oracle/>=23.4|<=23.7
Oracle / Oracle GoldenGate / Oracle GoldenGate
|
cpe:2.3:a:oracle:goldengate:23.4-23.7:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.7 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.18 | |
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:*:*:*:*:*:*:*
|
vers:oracle/>=21.3.0.0.0|<=21.16.0.0.0 | |
|
vers:oracle/>=23.4|<=23.6
Oracle / Oracle GoldenGate / Oracle GoldenGate Big Data and Application Adapters
|
cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:*:*:*:*:*:*:*
|
vers:oracle/>=23.4|<=23.6 | |
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7
Oracle / Oracle GoldenGate Stream Analytics
|
vers:oracle/>=19.1.0.0.0|<=19.1.0.0.7 | ||
|
vers:oracle/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:oracle/23.1 | ||
|
vers:oracle/<23.1
Oracle / Big Data Spatial and Graph
|
vers:oracle/<23.1 | ||
|
vers:unknown/2.0
Oracle / Big Data Spatial and Graph
|
cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:*:*:*:*:*:*:*
|
vers:unknown/2.0 | |
|
vers:unknown/2.0
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/2.0 | ||
|
vers:unknown/20.2
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/20.2 | ||
|
vers:unknown/23.1
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/23.1
Oracle / Big Data Spatial and Graph
|
vers:unknown/23.1 | ||
|
vers:unknown/none
Oracle / Oracle / Big Data Spatial and Graph
|
vers:unknown/none | ||
|
vers:oracle/23.4.3
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.3:*:*:*:*:*:*:*
|
vers:oracle/23.4.3 | |
|
vers:oracle/24.3.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.3.0:*:*:*:*:*:*:*
|
vers:oracle/24.3.0 | |
|
vers:oracle/23.4.4
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.4:*:*:*:*:*:*:*
|
vers:oracle/23.4.4 | |
|
vers:oracle/24.4.0
Oracle / Oracle Graph Server and Client / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.4.0:*:*:*:*:*:*:*
|
vers:oracle/24.4.0 | |
|
vers:oracle/<=22.4.7
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=22.4.7 | |
|
vers:oracle/<=23.4.2
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=23.4.2 | |
|
vers:oracle/<=24.1.0
Oracle / Graph Server and Client
|
cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:*:*:*:*:*:*:*
|
vers:oracle/<=24.1.0 | |
|
vers:oracle/3.0.6
Oracle / Oracle Big Data Spatial and Graph
|
cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:*:*:*:*:*:*:*
|
vers:oracle/3.0.6 | |
|
vers:oracle/12.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.1 | |
|
vers:oracle/12.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.2 | |
|
vers:oracle/12.1.0.3
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:12.1.0.3:*:*:*:*:*:*:*
|
vers:oracle/12.1.0.3 | |
|
vers:oracle/18.1.0.0
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.0:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.0 | |
|
vers:oracle/18.1.0.1
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.1:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.1 | |
|
vers:oracle/18.1.0.2
Oracle / Oracle Secure Backup / Oracle Secure Backup
|
cpe:2.3:a:oracle:secure_backup:18.1.0.2:*:*:*:*:*:*:*
|
vers:oracle/18.1.0.2 | |
|
vers:semver/12.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.1 | ||
|
vers:semver/12.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.2 | ||
|
vers:semver/12.1.0.3
Oracle Corporation / Oracle Secure Backup
|
vers:semver/12.1.0.3 | ||
|
vers:semver/18.1.0.0
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.0 | ||
|
vers:semver/18.1.0.1
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.1 | ||
|
vers:semver/18.1.0.2
Oracle Corporation / Oracle Secure Backup
|
vers:semver/18.1.0.2 |
References
58 references
{
"document": {
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE"
}
},
"lang": "nl",
"notes": [
{
"category": "legal_disclaimer",
"text": "The Netherlands Cyber Security Center (henceforth: NCSC-NL) maintains this page to enhance access to its information and security advisories. The use of this security advisory is subject to the following terms and conditions:\n\n NCSC-NL makes every reasonable effort to ensure that the content of this page is kept up to date, and that it is accurate and complete. Nevertheless, NCSC-NL cannot entirely rule out the possibility of errors, and therefore cannot give any warranty in respect of its completeness, accuracy or continuous keeping up-to-date. The information contained in this security advisory is intended solely for the purpose of providing general information to professional users. No rights can be derived from the information provided therein.\n\n NCSC-NL and the Kingdom of the Netherlands assume no legal liability or responsibility for any damage resulting from either the use or inability of use of this security advisory. This includes damage resulting from the inaccuracy of incompleteness of the information contained in the advisory.\n This security advisory is subject to Dutch law. All disputes related to or arising from the use of this advisory will be submitted to the competent court in The Hague. This choice of means also applies to the court in summary proceedings."
},
{
"category": "description",
"text": "Oracle heeft kwetsbaarheden verholpen in diverse Oracle Database Producten en subsystemen, zoals Oracle Server, NoSQL, TimesTen, Secure Backup en Essbase.",
"title": "Feiten"
},
{
"category": "description",
"text": "De kwetsbaarheden stellen ongeauthenticeerde kwaadwillenden in staat om een Denial-of-Service te veroorzaken of om ongeautoriseerde toegang te verkrijgen tot gevoelige gegevens en gegevens te manipuleren. Subcomponenten als de RDBMS Listener, Java VM, en andere componenten zijn specifiek kwetsbaar, met CVSS-scores vari\u00ebrend van 5.3 tot 7.5, wat duidt op een gematigd tot hoog risico.",
"title": "Interpretaties"
},
{
"category": "description",
"text": "Oracle heeft updates uitgebracht om de kwetsbaarheden te verhelpen. Zie bijgevoegde referenties voor meer informatie.",
"title": "Oplossingen"
},
{
"category": "general",
"text": "medium",
"title": "Kans"
},
{
"category": "general",
"text": "high",
"title": "Schade"
},
{
"category": "general",
"text": "Covert Timing Channel",
"title": "CWE-385"
},
{
"category": "general",
"text": "Improper Verification of Cryptographic Signature",
"title": "CWE-347"
},
{
"category": "general",
"text": "Improper Validation of Syntactic Correctness of Input",
"title": "CWE-1286"
},
{
"category": "general",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "general",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "general",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "general",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
},
{
"category": "general",
"text": "Server-Side Request Forgery (SSRF)",
"title": "CWE-918"
},
{
"category": "general",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "general",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "general",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
},
{
"category": "general",
"text": "Path Equivalence: \u0027file.name\u0027 (Internal Dot)",
"title": "CWE-44"
},
{
"category": "general",
"text": "Sensitive Information in Resource Not Removed Before Reuse",
"title": "CWE-226"
},
{
"category": "general",
"text": "Use of Incorrectly-Resolved Name or Reference",
"title": "CWE-706"
},
{
"category": "general",
"text": "Incorrect Resource Transfer Between Spheres",
"title": "CWE-669"
},
{
"category": "general",
"text": "Improper Handling of Exceptional Conditions",
"title": "CWE-755"
},
{
"category": "general",
"text": "Improper Handling of Case Sensitivity",
"title": "CWE-178"
},
{
"category": "general",
"text": "Off-by-one Error",
"title": "CWE-193"
},
{
"category": "general",
"text": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
"title": "CWE-601"
},
{
"category": "general",
"text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
"title": "CWE-444"
},
{
"category": "general",
"text": "Unprotected Transport of Credentials",
"title": "CWE-523"
},
{
"category": "general",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
},
{
"category": "general",
"text": "Sensitive Cookie in HTTPS Session Without \u0027Secure\u0027 Attribute",
"title": "CWE-614"
},
{
"category": "general",
"text": "Improper Authorization",
"title": "CWE-285"
},
{
"category": "general",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
},
{
"category": "general",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "general",
"text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"title": "CWE-1321"
},
{
"category": "general",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "general",
"text": "Incomplete Cleanup",
"title": "CWE-459"
},
{
"category": "general",
"text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"title": "CWE-94"
},
{
"category": "general",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
},
{
"category": "general",
"text": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
"title": "CWE-74"
},
{
"category": "general",
"text": "Uncontrolled Recursion",
"title": "CWE-674"
},
{
"category": "general",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
},
{
"category": "general",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "general",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "general",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
},
{
"category": "general",
"text": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"title": "CWE-120"
},
{
"category": "general",
"text": "Improper Privilege Management",
"title": "CWE-269"
},
{
"category": "general",
"text": "Improper Authentication",
"title": "CWE-287"
}
],
"publisher": {
"category": "coordinator",
"contact_details": "cert@ncsc.nl",
"name": "Nationaal Cyber Security Centrum",
"namespace": "https://www.ncsc.nl/"
},
"references": [
{
"category": "external",
"summary": "Reference - cveprojectv5; nvd; oracle",
"url": "https://www.oracle.com/security-alerts/cpuapr2025.html"
}
],
"title": "Kwetsbaarheden verholpen in Oracle Database Producten",
"tracking": {
"current_release_date": "2025-04-16T08:37:39.412900Z",
"generator": {
"date": "2025-02-25T15:15:00Z",
"engine": {
"name": "V.A.",
"version": "1.0"
}
},
"id": "NCSC-2025-0123",
"initial_release_date": "2025-04-16T08:37:39.412900Z",
"revision_history": [
{
"date": "2025-04-16T08:37:39.412900Z",
"number": "1.0.0",
"summary": "Initiele versie"
}
],
"status": "final",
"version": "1.0.0"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/22.1",
"product": {
"name": "vers:unknown/22.1",
"product_id": "CSAFPID-1304603"
}
}
],
"category": "product_name",
"name": "Database Server"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/13.5.0.0",
"product": {
"name": "vers:unknown/13.5.0.0",
"product_id": "CSAFPID-1201359"
}
}
],
"category": "product_name",
"name": "Enterprise Manager for Oracle Database"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:unknown/\u003e=19.1.0.0.0|\u003c=19.26.0.0.250219",
"product": {
"name": "vers:unknown/\u003e=19.1.0.0.0|\u003c=19.26.0.0.250219",
"product_id": "CSAFPID-2698376"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/\u003e=21.3|\u003c=21.17",
"product": {
"name": "vers:unknown/\u003e=21.3|\u003c=21.17",
"product_id": "CSAFPID-2698377"
}
}
],
"category": "product_name",
"name": "GoldenGate"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/23.1",
"product": {
"name": "vers:oracle/23.1",
"product_id": "CSAFPID-1238473"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/2.0",
"product": {
"name": "vers:unknown/2.0",
"product_id": "CSAFPID-1237753"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/20.2",
"product": {
"name": "vers:unknown/20.2",
"product_id": "CSAFPID-1238475"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/23.1",
"product": {
"name": "vers:unknown/23.1",
"product_id": "CSAFPID-1296375"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/none",
"product": {
"name": "vers:unknown/none",
"product_id": "CSAFPID-1237603"
}
}
],
"category": "product_name",
"name": "Big Data Spatial and Graph"
}
],
"category": "product_family",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/\u003e=19.3|\u003c=19.22",
"product": {
"name": "vers:oracle/\u003e=19.3|\u003c=19.22",
"product_id": "CSAFPID-1145825"
}
},
{
"category": "product_version_range",
"name": "vers:oracle/\u003e=21.3|\u003c=21.13",
"product": {
"name": "vers:oracle/\u003e=21.3|\u003c=21.13",
"product_id": "CSAFPID-1145826"
}
}
],
"category": "product_name",
"name": "Oracle Database Server"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/\u003e=19.3|\u003c=19.26",
"product": {
"name": "vers:oracle/\u003e=19.3|\u003c=19.26",
"product_id": "CSAFPID-2698969",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:database_-_java_vm:19.3-19.26:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/\u003e=21.3|\u003c=21.17",
"product": {
"name": "vers:oracle/\u003e=21.3|\u003c=21.17",
"product_id": "CSAFPID-2698968",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:database_-_java_vm:21.3-21.17:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/\u003e=21.4|\u003c=21.16",
"product": {
"name": "vers:oracle/\u003e=21.4|\u003c=21.16",
"product_id": "CSAFPID-1839905",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:database_-_workload_manager:21.4-21.16:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/\u003e=23.4|\u003c=23.7",
"product": {
"name": "vers:oracle/\u003e=23.4|\u003c=23.7",
"product_id": "CSAFPID-2698934",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:database_-_java_vm:23.4-23.7:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Database Server"
}
],
"category": "product_family",
"name": "Oracle Database Server"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/13.5.0.0",
"product": {
"name": "vers:oracle/13.5.0.0",
"product_id": "CSAFPID-1144644"
}
}
],
"category": "product_name",
"name": "Oracle Enterprise Manager for Oracle Database"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/1.5.0",
"product": {
"name": "vers:oracle/1.5.0",
"product_id": "CSAFPID-2699002",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:nosql_database:1.5.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/1.6.0",
"product": {
"name": "vers:oracle/1.6.0",
"product_id": "CSAFPID-2699003",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:nosql_database:1.6.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/1.6.1",
"product": {
"name": "vers:oracle/1.6.1",
"product_id": "CSAFPID-2699004",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:nosql_database:1.6.1:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle NoSQL Database"
}
],
"category": "product_family",
"name": "Oracle NoSQL Database"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/\u003e=22.1.1.1.0|\u003c=22.1.1.30.0",
"product": {
"name": "vers:oracle/\u003e=22.1.1.1.0|\u003c=22.1.1.30.0",
"product_id": "CSAFPID-2699053",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:timesten_in-memory_database:22.1.1.1.0-22.1.1.30.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle TimesTen In-Memory Database"
}
],
"category": "product_family",
"name": "Oracle TimesTen In-Memory Database"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/25.1.0",
"product": {
"name": "vers:oracle/25.1.0",
"product_id": "CSAFPID-2698932",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:autonomous_health_framework:25.1.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/25.2.0",
"product": {
"name": "vers:oracle/25.2.0",
"product_id": "CSAFPID-2698931",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:autonomous_health_framework:25.2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/\u003e=23.8.0|\u003c=23.11.0",
"product": {
"name": "vers:oracle/\u003e=23.8.0|\u003c=23.11.0",
"product_id": "CSAFPID-2698930",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:autonomous_health_framework:23.8.0-23.11.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/\u003e=24.1.0|\u003c=24.11.0",
"product": {
"name": "vers:oracle/\u003e=24.1.0|\u003c=24.11.0",
"product_id": "CSAFPID-2698933",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:autonomous_health_framework:24.1.0-24.11.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Autonomous Health Framework"
}
],
"category": "product_family",
"name": "Oracle Autonomous Health Framework"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/21.7.1.0.0",
"product": {
"name": "vers:oracle/21.7.1.0.0",
"product_id": "CSAFPID-2698943",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:essbase:21.7.1.0.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Essbase"
}
],
"category": "product_family",
"name": "Oracle Essbase"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/\u003e=19.1.0.0.0|\u003c=19.1.0.0.10",
"product": {
"name": "vers:oracle/\u003e=19.1.0.0.0|\u003c=19.1.0.0.10",
"product_id": "CSAFPID-2698949",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate_stream_analytics:19.1.0.0.0-19.1.0.0.10:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "GoldenGate Stream Analytics"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/\u003e=19.1.0.0.0|\u003c=19.26.0.0.250219",
"product": {
"name": "vers:oracle/\u003e=19.1.0.0.0|\u003c=19.26.0.0.250219",
"product_id": "CSAFPID-2698941",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate:19.1.0.0.0-19.26.0.0.250219:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/\u003e=21.3|\u003c=21.17",
"product": {
"name": "vers:oracle/\u003e=21.3|\u003c=21.17",
"product_id": "CSAFPID-2698942",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate:21.3-21.17:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/\u003e=23.4|\u003c=23.7",
"product": {
"name": "vers:oracle/\u003e=23.4|\u003c=23.7",
"product_id": "CSAFPID-2699022",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate:23.4-23.7:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle GoldenGate"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/\u003e=19.1.0.0.0|\u003c=19.1.0.0.18",
"product": {
"name": "vers:oracle/\u003e=19.1.0.0.0|\u003c=19.1.0.0.18",
"product_id": "CSAFPID-1839977",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:19.1.0.0.0-19.1.0.0.18:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/\u003e=21.3.0.0.0|\u003c=21.16.0.0.0",
"product": {
"name": "vers:oracle/\u003e=21.3.0.0.0|\u003c=21.16.0.0.0",
"product_id": "CSAFPID-1840034",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:21.3.0.0.0-21.16.0.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/\u003e=23.4|\u003c=23.6",
"product": {
"name": "vers:oracle/\u003e=23.4|\u003c=23.6",
"product_id": "CSAFPID-1840035",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:goldengate_big_data_and_application_adapters:23.4-23.6:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle GoldenGate Big Data and Application Adapters"
}
],
"category": "product_family",
"name": "Oracle GoldenGate"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/\u003e=19.1.0.0.0|\u003c=19.1.0.0.7",
"product": {
"name": "vers:oracle/\u003e=19.1.0.0.0|\u003c=19.1.0.0.7",
"product_id": "CSAFPID-1144602"
}
}
],
"category": "product_name",
"name": "Oracle GoldenGate Stream Analytics"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/\u003c23.1",
"product": {
"name": "vers:oracle/\u003c23.1",
"product_id": "CSAFPID-1145800"
}
},
{
"category": "product_version_range",
"name": "vers:unknown/2.0",
"product": {
"name": "vers:unknown/2.0",
"product_id": "CSAFPID-356315",
"product_identification_helper": {
"cpe": "cpe:2.3:a:ibm:oracle_big_data_spatial_and_graph:2.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:unknown/23.1",
"product": {
"name": "vers:unknown/23.1",
"product_id": "CSAFPID-356152"
}
}
],
"category": "product_name",
"name": "Big Data Spatial and Graph"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/23.4.3",
"product": {
"name": "vers:oracle/23.4.3",
"product_id": "CSAFPID-2699065",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:graph_server_and_client:23.4.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/24.3.0",
"product": {
"name": "vers:oracle/24.3.0",
"product_id": "CSAFPID-2699066",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:graph_server_and_client:24.3.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/23.4.4",
"product": {
"name": "vers:oracle/23.4.4",
"product_id": "CSAFPID-1840017",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:graph_server_and_client:23.4.4:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/24.4.0",
"product": {
"name": "vers:oracle/24.4.0",
"product_id": "CSAFPID-1840013",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:graph_server_and_client:24.4.0:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Graph Server and Client"
}
],
"category": "product_family",
"name": "Oracle Graph Server and Client"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/\u003c=22.4.7",
"product": {
"name": "vers:oracle/\u003c=22.4.7",
"product_id": "CSAFPID-1145419",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:graph_server_and_client:22.4.7_and_prior:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/\u003c=23.4.2",
"product": {
"name": "vers:oracle/\u003c=23.4.2",
"product_id": "CSAFPID-1145421",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:graph_server_and_client:23.4.2_and_prior:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/\u003c=24.1.0",
"product": {
"name": "vers:oracle/\u003c=24.1.0",
"product_id": "CSAFPID-1145422",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:graph_server_and_client:24.1.0_and_prior:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Graph Server and Client"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/3.0.6",
"product": {
"name": "vers:oracle/3.0.6",
"product_id": "CSAFPID-1145420",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:big_data_spatial_and_graph:3.0.6:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Big Data Spatial and Graph"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:oracle/12.1.0.1",
"product": {
"name": "vers:oracle/12.1.0.1",
"product_id": "CSAFPID-2699109",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:secure_backup:12.1.0.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/12.1.0.2",
"product": {
"name": "vers:oracle/12.1.0.2",
"product_id": "CSAFPID-2699107",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:secure_backup:12.1.0.2:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/12.1.0.3",
"product": {
"name": "vers:oracle/12.1.0.3",
"product_id": "CSAFPID-2699106",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:secure_backup:12.1.0.3:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/18.1.0.0",
"product": {
"name": "vers:oracle/18.1.0.0",
"product_id": "CSAFPID-2699110",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:secure_backup:18.1.0.0:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/18.1.0.1",
"product": {
"name": "vers:oracle/18.1.0.1",
"product_id": "CSAFPID-2698972",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:secure_backup:18.1.0.1:*:*:*:*:*:*:*"
}
}
},
{
"category": "product_version_range",
"name": "vers:oracle/18.1.0.2",
"product": {
"name": "vers:oracle/18.1.0.2",
"product_id": "CSAFPID-2699108",
"product_identification_helper": {
"cpe": "cpe:2.3:a:oracle:secure_backup:18.1.0.2:*:*:*:*:*:*:*"
}
}
}
],
"category": "product_name",
"name": "Oracle Secure Backup"
}
],
"category": "product_family",
"name": "Oracle Secure Backup"
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "vers:semver/19.3|\u003c=19.26",
"product": {
"name": "vers:semver/19.3|\u003c=19.26",
"product_id": "CSAFPID-2698485"
}
},
{
"category": "product_version_range",
"name": "vers:semver/21.3|\u003c=21.17",
"product": {
"name": "vers:semver/21.3|\u003c=21.17",
"product_id": "CSAFPID-2698486"
}
},
{
"category": "product_version_range",
"name": "vers:semver/23.4|\u003c=23.7",
"product": {
"name": "vers:semver/23.4|\u003c=23.7",
"product_id": "CSAFPID-2698487"
}
}
],
"category": "product_name",
"name": "Oracle Database Server"
},
{
"branches": [
{
"category": "product_version_range",
"name": "vers:semver/12.1.0.1",
"product": {
"name": "vers:semver/12.1.0.1",
"product_id": "CSAFPID-2698463"
}
},
{
"category": "product_version_range",
"name": "vers:semver/12.1.0.2",
"product": {
"name": "vers:semver/12.1.0.2",
"product_id": "CSAFPID-2698464"
}
},
{
"category": "product_version_range",
"name": "vers:semver/12.1.0.3",
"product": {
"name": "vers:semver/12.1.0.3",
"product_id": "CSAFPID-2698465"
}
},
{
"category": "product_version_range",
"name": "vers:semver/18.1.0.0",
"product": {
"name": "vers:semver/18.1.0.0",
"product_id": "CSAFPID-2698466"
}
},
{
"category": "product_version_range",
"name": "vers:semver/18.1.0.1",
"product": {
"name": "vers:semver/18.1.0.1",
"product_id": "CSAFPID-2698467"
}
},
{
"category": "product_version_range",
"name": "vers:semver/18.1.0.2",
"product": {
"name": "vers:semver/18.1.0.2",
"product_id": "CSAFPID-2698468"
}
}
],
"category": "product_name",
"name": "Oracle Secure Backup"
}
],
"category": "vendor",
"name": "Oracle Corporation"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-1935",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"notes": [
{
"category": "other",
"text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
"title": "CWE-444"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2020-1935",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-1935.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2020-1935"
},
{
"cve": "CVE-2020-1938",
"cwe": {
"id": "CWE-285",
"name": "Improper Authorization"
},
"notes": [
{
"category": "other",
"text": "Improper Authorization",
"title": "CWE-285"
},
{
"category": "other",
"text": "Improper Privilege Management",
"title": "CWE-269"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2020-1938",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-1938.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2020-1938"
},
{
"cve": "CVE-2020-9484",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"notes": [
{
"category": "other",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2020-9484",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-9484.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2020-9484"
},
{
"cve": "CVE-2020-11996",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2020-11996",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-11996.json"
}
],
"title": "CVE-2020-11996"
},
{
"cve": "CVE-2020-13935",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2020-13935",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-13935.json"
}
],
"title": "CVE-2020-13935"
},
{
"cve": "CVE-2020-13943",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2020-13943",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-13943.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2020-13943"
},
{
"cve": "CVE-2020-36843",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"notes": [
{
"category": "other",
"text": "Improper Verification of Cryptographic Signature",
"title": "CWE-347"
},
{
"category": "general",
"text": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2020-36843",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2020/CVE-2020-36843.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2020-36843"
},
{
"cve": "CVE-2021-24122",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2021-24122",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-24122.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2021-24122"
},
{
"cve": "CVE-2021-25122",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2021-25122",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-25122.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2021-25122"
},
{
"cve": "CVE-2021-25329",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"notes": [
{
"category": "other",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2021-25329",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-25329.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2021-25329"
},
{
"cve": "CVE-2021-30640",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"notes": [
{
"category": "other",
"text": "Improper Authentication",
"title": "CWE-287"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2021-30640",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-30640.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2021-30640"
},
{
"cve": "CVE-2021-33037",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"notes": [
{
"category": "other",
"text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
"title": "CWE-444"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2021-33037",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-33037.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2021-33037"
},
{
"cve": "CVE-2021-41079",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2021-41079",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-41079.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2021-41079"
},
{
"cve": "CVE-2021-41184",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2021-41184",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-41184.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2021-41184"
},
{
"cve": "CVE-2021-42575",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2021-42575",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-42575.json"
}
],
"title": "CVE-2021-42575"
},
{
"cve": "CVE-2021-43980",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "other",
"text": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"title": "CWE-362"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2021-43980",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2021/CVE-2021-43980.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2021-43980"
},
{
"cve": "CVE-2022-3786",
"cwe": {
"id": "CWE-193",
"name": "Off-by-one Error"
},
"notes": [
{
"category": "other",
"text": "Off-by-one Error",
"title": "CWE-193"
},
{
"category": "other",
"text": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"title": "CWE-120"
},
{
"category": "other",
"text": "NULL Pointer Dereference",
"title": "CWE-476"
},
{
"category": "other",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-3786",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-3786.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2022-3786"
},
{
"cve": "CVE-2022-25762",
"cwe": {
"id": "CWE-226",
"name": "Sensitive Information in Resource Not Removed Before Reuse"
},
"notes": [
{
"category": "other",
"text": "Sensitive Information in Resource Not Removed Before Reuse",
"title": "CWE-226"
},
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Improper Handling of Exceptional Conditions",
"title": "CWE-755"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-25762",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-25762.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2022-25762"
},
{
"cve": "CVE-2022-42252",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"notes": [
{
"category": "other",
"text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
"title": "CWE-444"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2022-42252",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2022/CVE-2022-42252.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2022-42252"
},
{
"cve": "CVE-2023-28708",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
},
{
"category": "other",
"text": "Unprotected Transport of Credentials",
"title": "CWE-523"
},
{
"category": "other",
"text": "Sensitive Cookie in HTTPS Session Without \u0027Secure\u0027 Attribute",
"title": "CWE-614"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-28708",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-28708.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2023-28708"
},
{
"cve": "CVE-2023-34053",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-34053",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-34053.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2023-34053"
},
{
"cve": "CVE-2023-41080",
"cwe": {
"id": "CWE-601",
"name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
},
"notes": [
{
"category": "other",
"text": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
"title": "CWE-601"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-41080",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-41080.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2023-41080"
},
{
"cve": "CVE-2023-42795",
"cwe": {
"id": "CWE-459",
"name": "Incomplete Cleanup"
},
"notes": [
{
"category": "other",
"text": "Incomplete Cleanup",
"title": "CWE-459"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-42795",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-42795.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2023-42795"
},
{
"cve": "CVE-2023-44487",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-44487",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-44487.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2023-44487"
},
{
"cve": "CVE-2023-45648",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
"title": "CWE-444"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-45648",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-45648.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2023-45648"
},
{
"cve": "CVE-2023-46589",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"notes": [
{
"category": "other",
"text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
"title": "CWE-444"
},
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2023-46589",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2023/CVE-2023-46589.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2023-46589"
},
{
"cve": "CVE-2024-6763",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"notes": [
{
"category": "other",
"text": "Improper Validation of Syntactic Correctness of Input",
"title": "CWE-1286"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-6763",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-6763.json"
}
],
"title": "CVE-2024-6763"
},
{
"cve": "CVE-2024-8176",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Stack-based Buffer Overflow",
"title": "CWE-121"
},
{
"category": "other",
"text": "Uncontrolled Recursion",
"title": "CWE-674"
},
{
"category": "general",
"text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-8176",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-8176.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2024-8176"
},
{
"cve": "CVE-2024-8184",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "other",
"text": "Allocation of Resources Without Limits or Throttling",
"title": "CWE-770"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-8184",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-8184.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2024-8184"
},
{
"cve": "CVE-2024-9143",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-9143",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-9143.json"
}
],
"title": "CVE-2024-9143"
},
{
"cve": "CVE-2024-11053",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "other",
"text": "Exposure of Sensitive Information to an Unauthorized Actor",
"title": "CWE-200"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-11053",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-11053.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2024-11053"
},
{
"cve": "CVE-2024-11233",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"notes": [
{
"category": "other",
"text": "Heap-based Buffer Overflow",
"title": "CWE-122"
},
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-11233",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-11233.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2024-11233"
},
{
"cve": "CVE-2024-11234",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
"title": "CWE-444"
},
{
"category": "other",
"text": "Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)",
"title": "CWE-74"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-11234",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-11234.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2024-11234"
},
{
"cve": "CVE-2024-11236",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
},
{
"category": "other",
"text": "Integer Overflow or Wraparound",
"title": "CWE-190"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-11236",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-11236.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2024-11236"
},
{
"cve": "CVE-2024-13176",
"cwe": {
"id": "CWE-385",
"name": "Covert Timing Channel"
},
"notes": [
{
"category": "other",
"text": "Covert Timing Channel",
"title": "CWE-385"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-13176",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-13176.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2024-13176"
},
{
"cve": "CVE-2024-23672",
"cwe": {
"id": "CWE-459",
"name": "Incomplete Cleanup"
},
"notes": [
{
"category": "other",
"text": "Incomplete Cleanup",
"title": "CWE-459"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-23672",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-23672.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2024-23672"
},
{
"cve": "CVE-2024-24549",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-24549",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-24549.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2024-24549"
},
{
"cve": "CVE-2024-36114",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "other",
"text": "Out-of-bounds Read",
"title": "CWE-125"
},
{
"category": "other",
"text": "Out-of-bounds Write",
"title": "CWE-787"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-36114",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-36114.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2024-36114"
},
{
"cve": "CVE-2024-37891",
"cwe": {
"id": "CWE-669",
"name": "Incorrect Resource Transfer Between Spheres"
},
"notes": [
{
"category": "other",
"text": "Incorrect Resource Transfer Between Spheres",
"title": "CWE-669"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-37891",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-37891.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2024-37891"
},
{
"cve": "CVE-2024-38819",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"title": "CWE-22"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38819",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38819.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2024-38819"
},
{
"cve": "CVE-2024-38820",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"category": "other",
"text": "Improper Access Control",
"title": "CWE-284"
},
{
"category": "other",
"text": "Improper Handling of Case Sensitivity",
"title": "CWE-178"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38820",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38820.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2024-38820"
},
{
"cve": "CVE-2024-38999",
"cwe": {
"id": "CWE-1321",
"name": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improperly Controlled Modification of Object Prototype Attributes (\u0027Prototype Pollution\u0027)",
"title": "CWE-1321"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-38999",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-38999.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 10.0,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2024-38999"
},
{
"cve": "CVE-2024-39338",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"notes": [
{
"category": "other",
"text": "Server-Side Request Forgery (SSRF)",
"title": "CWE-918"
},
{
"category": "general",
"text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-39338",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-39338.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.6,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2024-39338"
},
{
"cve": "CVE-2024-47554",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-47554",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47554.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2024-47554"
},
{
"cve": "CVE-2024-47561",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"notes": [
{
"category": "other",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-47561",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-47561.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2024-47561"
},
{
"cve": "CVE-2024-53382",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"title": "CWE-94"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-53382",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-53382.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2024-53382"
},
{
"cve": "CVE-2024-57699",
"cwe": {
"id": "CWE-404",
"name": "Improper Resource Shutdown or Release"
},
"notes": [
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "other",
"text": "Uncontrolled Recursion",
"title": "CWE-674"
},
{
"category": "general",
"text": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-57699",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2024/CVE-2024-57699.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2024-57699"
},
{
"cve": "CVE-2025-21578",
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-21578",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-21578.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2025-21578"
},
{
"cve": "CVE-2025-24813",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"notes": [
{
"category": "other",
"text": "Deserialization of Untrusted Data",
"title": "CWE-502"
},
{
"category": "other",
"text": "Path Equivalence: \u0027file.name\u0027 (Internal Dot)",
"title": "CWE-44"
},
{
"category": "other",
"text": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
"title": "CWE-444"
},
{
"category": "other",
"text": "Use of Incorrectly-Resolved Name or Reference",
"title": "CWE-706"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-24813",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24813.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2025-24813"
},
{
"cve": "CVE-2025-24970",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "other",
"text": "Improper Input Validation",
"title": "CWE-20"
},
{
"category": "other",
"text": "Improper Resource Shutdown or Release",
"title": "CWE-404"
},
{
"category": "general",
"text": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-24970",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-24970.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2025-24970"
},
{
"cve": "CVE-2025-25193",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "other",
"text": "Uncontrolled Resource Consumption",
"title": "CWE-400"
},
{
"category": "general",
"text": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"title": "CVSSV4"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-25193",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-25193.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2025-25193"
},
{
"cve": "CVE-2025-26791",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"notes": [
{
"category": "other",
"text": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"title": "CWE-79"
}
],
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-26791",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-26791.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2025-26791"
},
{
"cve": "CVE-2025-30694",
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-30694",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30694.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2025-30694"
},
{
"cve": "CVE-2025-30701",
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-30701",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30701.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2025-30701"
},
{
"cve": "CVE-2025-30702",
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-30702",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30702.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2025-30702"
},
{
"cve": "CVE-2025-30733",
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-30733",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30733.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2025-30733"
},
{
"cve": "CVE-2025-30736",
"product_status": {
"known_affected": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-30736",
"url": "https://api.ncsc.nl/velma/v1/vulnerabilities/2025/CVE-2025-30736.json"
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-1304603",
"CSAFPID-1201359",
"CSAFPID-1145825",
"CSAFPID-2698969",
"CSAFPID-1145826",
"CSAFPID-2698968",
"CSAFPID-1839905",
"CSAFPID-2698934",
"CSAFPID-1144644",
"CSAFPID-2699002",
"CSAFPID-2699003",
"CSAFPID-2699004",
"CSAFPID-2699053",
"CSAFPID-2698485",
"CSAFPID-2698486",
"CSAFPID-2698487",
"CSAFPID-2698932",
"CSAFPID-2698931",
"CSAFPID-2698930",
"CSAFPID-2698933",
"CSAFPID-2698943",
"CSAFPID-2698376",
"CSAFPID-2698377",
"CSAFPID-2698949",
"CSAFPID-2698941",
"CSAFPID-2698942",
"CSAFPID-2699022",
"CSAFPID-1839977",
"CSAFPID-1840034",
"CSAFPID-1840035",
"CSAFPID-1144602",
"CSAFPID-1238473",
"CSAFPID-1145800",
"CSAFPID-356315",
"CSAFPID-1237753",
"CSAFPID-1238475",
"CSAFPID-1296375",
"CSAFPID-356152",
"CSAFPID-1237603",
"CSAFPID-2699065",
"CSAFPID-2699066",
"CSAFPID-1840017",
"CSAFPID-1840013",
"CSAFPID-1145419",
"CSAFPID-1145421",
"CSAFPID-1145422",
"CSAFPID-1145420",
"CSAFPID-2699109",
"CSAFPID-2699107",
"CSAFPID-2699106",
"CSAFPID-2699110",
"CSAFPID-2698972",
"CSAFPID-2699108",
"CSAFPID-2698463",
"CSAFPID-2698464",
"CSAFPID-2698465",
"CSAFPID-2698466",
"CSAFPID-2698467",
"CSAFPID-2698468"
]
}
],
"title": "CVE-2025-30736"
}
]
}
OPENSUSE-SU-2024:14282-1
Vulnerability from csaf_opensuse - Published: 2024-08-20 00:00 - Updated: 2024-08-20 00:00Summary
velociraptor-0.7.0.4.git97.675e45f9-12.1 on GA media
Severity
Moderate
Notes
Title of the patch: velociraptor-0.7.0.4.git97.675e45f9-12.1 on GA media
Description of the patch: These are all security issues fixed in the velociraptor-0.7.0.4.git97.675e45f9-12.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-14282
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.4 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:velociraptor-0.7.0.4.git97.675e45f9-12.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:velociraptor-0.7.0.4.git97.675e45f9-12.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:velociraptor-0.7.0.4.git97.675e45f9-12.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:velociraptor-0.7.0.4.git97.675e45f9-12.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
critical
References
5 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "velociraptor-0.7.0.4.git97.675e45f9-12.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the velociraptor-0.7.0.4.git97.675e45f9-12.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-14282",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_14282-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39338 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39338/"
}
],
"title": "velociraptor-0.7.0.4.git97.675e45f9-12.1 on GA media",
"tracking": {
"current_release_date": "2024-08-20T00:00:00Z",
"generator": {
"date": "2024-08-20T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:14282-1",
"initial_release_date": "2024-08-20T00:00:00Z",
"revision_history": [
{
"date": "2024-08-20T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "velociraptor-0.7.0.4.git97.675e45f9-12.1.aarch64",
"product": {
"name": "velociraptor-0.7.0.4.git97.675e45f9-12.1.aarch64",
"product_id": "velociraptor-0.7.0.4.git97.675e45f9-12.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "velociraptor-0.7.0.4.git97.675e45f9-12.1.ppc64le",
"product": {
"name": "velociraptor-0.7.0.4.git97.675e45f9-12.1.ppc64le",
"product_id": "velociraptor-0.7.0.4.git97.675e45f9-12.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "velociraptor-0.7.0.4.git97.675e45f9-12.1.s390x",
"product": {
"name": "velociraptor-0.7.0.4.git97.675e45f9-12.1.s390x",
"product_id": "velociraptor-0.7.0.4.git97.675e45f9-12.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "velociraptor-0.7.0.4.git97.675e45f9-12.1.x86_64",
"product": {
"name": "velociraptor-0.7.0.4.git97.675e45f9-12.1.x86_64",
"product_id": "velociraptor-0.7.0.4.git97.675e45f9-12.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "velociraptor-0.7.0.4.git97.675e45f9-12.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:velociraptor-0.7.0.4.git97.675e45f9-12.1.aarch64"
},
"product_reference": "velociraptor-0.7.0.4.git97.675e45f9-12.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "velociraptor-0.7.0.4.git97.675e45f9-12.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:velociraptor-0.7.0.4.git97.675e45f9-12.1.ppc64le"
},
"product_reference": "velociraptor-0.7.0.4.git97.675e45f9-12.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "velociraptor-0.7.0.4.git97.675e45f9-12.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:velociraptor-0.7.0.4.git97.675e45f9-12.1.s390x"
},
"product_reference": "velociraptor-0.7.0.4.git97.675e45f9-12.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "velociraptor-0.7.0.4.git97.675e45f9-12.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:velociraptor-0.7.0.4.git97.675e45f9-12.1.x86_64"
},
"product_reference": "velociraptor-0.7.0.4.git97.675e45f9-12.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-39338",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-39338"
}
],
"notes": [
{
"category": "general",
"text": "axios 1.7.2 allows SSRF via unexpected behavior where requests for path relative URLs get processed as protocol relative URLs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:velociraptor-0.7.0.4.git97.675e45f9-12.1.aarch64",
"openSUSE Tumbleweed:velociraptor-0.7.0.4.git97.675e45f9-12.1.ppc64le",
"openSUSE Tumbleweed:velociraptor-0.7.0.4.git97.675e45f9-12.1.s390x",
"openSUSE Tumbleweed:velociraptor-0.7.0.4.git97.675e45f9-12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-39338",
"url": "https://www.suse.com/security/cve/CVE-2024-39338"
},
{
"category": "external",
"summary": "SUSE Bug 1229421 for CVE-2024-39338",
"url": "https://bugzilla.suse.com/1229421"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:velociraptor-0.7.0.4.git97.675e45f9-12.1.aarch64",
"openSUSE Tumbleweed:velociraptor-0.7.0.4.git97.675e45f9-12.1.ppc64le",
"openSUSE Tumbleweed:velociraptor-0.7.0.4.git97.675e45f9-12.1.s390x",
"openSUSE Tumbleweed:velociraptor-0.7.0.4.git97.675e45f9-12.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:velociraptor-0.7.0.4.git97.675e45f9-12.1.aarch64",
"openSUSE Tumbleweed:velociraptor-0.7.0.4.git97.675e45f9-12.1.ppc64le",
"openSUSE Tumbleweed:velociraptor-0.7.0.4.git97.675e45f9-12.1.s390x",
"openSUSE Tumbleweed:velociraptor-0.7.0.4.git97.675e45f9-12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-08-20T00:00:00Z",
"details": "critical"
}
],
"title": "CVE-2024-39338"
}
]
}
RHEA-2024:7870
Vulnerability from csaf_redhat - Published: 2024-10-09 14:44 - Updated: 2026-06-02 17:36Summary
Red Hat Enhancement Advisory: Red Hat OpenShift Pipelines Operator Bundle 1.16.0 release
Severity
Important
Notes
Topic: Red Hat OpenShift Pipelines 1.16.0 has been released.
Details: Red Hat OpenShift Pipelines is a cloud-native continuous integration and delivery (CI/CD) solution for building pipelines using Tekton. Tekton is a flexible, Kubernetes-native, open-source CI/CD framework which enables automating deployments across multiple platforms such as Kubernetes, Serverless, and VMs by abstracting away the underlying details.
Red Hat OpenShift Pipelines consists of:
- Tekton Operator 0.73.x
- Tekton Pipelines 0.62.x
- Tekton Triggers 0.29.x
- Tekton tkn CLI 0.38.x
- Tekton Chains 0.22.x (GA)
- Pipelines-as-Code 0.28.x (GA)
- ClusterTasks based on Tekton Catalog
- Tekton Hub 1.18.x (TP)
- Tekton Result 0.11.x (TP)
- Manual-Approval-Gate 0.3.x (TP)
## Features
- Standard CI/CD pipelines definition
- Easy to extend and integrate with existing tools
- Portable across any Kubernetes platform
- Designed for microservices and decentralized teams
- Integrated with OpenShift Developer Console
- Build images with Kubernetes tools such as S2I, Buildah, Buildpacks, Kaniko, etc.
- Deploy applications to multiple platforms such as Kubernetes, Serverless, and VMs
- Scale pipelines on-demand
- Enhance supply chain security with Tekton Chains (Technology Preview)
- Install and deploy Tekton Hub (Technology Preview) with custom catalog on enterprise cluster
- Maintain pipelines definitions as parts of an application repository with Pipelines-as-Code (PAC) (General Availability)
For more information, see the Release Notes on any one of the following platforms:
- Customer Portal: https://access.redhat.com/documentation/en-us/red_hat_openshift_pipelines/1.14/html/about_openshift_pipelines/op-release-notes#op-release-notes-1-14_op-release-notes
- OpenShift documentation: https://docs.openshift.com/pipelines/1.14/about/op-release-notes.html#op-release-notes-1-14_op-release-notes
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in ISAACS's node-tar, where it is vulnerable to a denial of service, caused by the lack of folder count validation. The vulnerability exists due to the application not properly controlling the consumption of internal resources while parsing a tar file. By sending a specially crafted request, a remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.
6.5 (Medium)
Affected products
Fixed
112 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:6b3e1fb2d534596e811290912f44adc7e802f0b9221fdf99c040804741be51f4_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:97f4b5fe34f39729a6e5b0dae6992788e707e400bf5e0c7f6ef9e0a1751ffd81_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:abb7268ee2ce62b94b4dba0fc65207bcc7ac64338b10d15ccc57a0b077c56d5e_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d0e21023ff258a92b2b899089ac8245f6a7aaedf72596dd952bc6bc2072f07eb_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:5fcd0a7266ebb30fcb6522de7d46185f3c4effcf7aed2bdff9133180d8092e81_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:a9308b73e38d1784e7e0e85530494811a3a936581b0b15406a831cbca6b51d4d_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:d740f317b2fd15a7fdb8b5461bc3ee13d8eed50c29536fe4217b89340103f07f_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:ec8e4322d9d75fbaf2bbdf87d80f890af7e59b111a03138e2ea9e8e21a9841fc_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:458ff95d3645b3904d6ff93b5a2da1759a27e9d0d775c8adf598ab6886eba175_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:5cc1a8b7a7d6af4681e93dbcf378bc0b1cac853aa37172dd2e64950e33b0d390_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:6730b6c5d63b9fbd7e10150fcc5e62c0145320a949f0dda56ae0864561651729_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:ed1ecc41d06d040907ac59e0c39ddd6429770cba6628fb532228f3b1b4b1233d_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:5da6397f22e3ebd8a8d363f39d8cba2fdf15b13a2f8955488ac2b047a2ee3b90_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:93e0a7bcbef2432c645a0f7295035776950ff2018452b6a63bdd3af9312746c3_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a0c347a5c888baedebaa32eecf9cf6f625fcf37ade2f42702ff6bbfb306e68f8_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a1e781866d3c356f38e89a3937d6b96a3c15b7b880f1a5c35fe7e106f81213fe_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:43dc6d413eab18ba5fa27c8acbbc437dbb21294b47be41cb4e77bfa49ee6776e_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:60c70453cdda43c61fe75aac3e95ffde9b1c8cc06dae9749017020586dc334ef_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:72c17887a35bc880045ea9ef7d2fcdf5fda106f563853102582661698d71af74_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:c77bfce0abaac800970937b5348cf16b631a101f6e96c743d5782f6b420d191a_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:3dd3c388b1acf33c0d651b32bc0510395926e5e5444f6c3fd2e72c4ac00cb64d_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:72d9112a32a3e0598883a679cd2937fee73dffd502ddb2e44350e7e6625175e7_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:81994abd500fe05fa9ebc1bb6ccfde573ca1e2acafa3a943f31dc2a5dc5599fd_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:acc4cacbb79098e2430a51abec6667bcd401591b9d8c250978328360e947caec_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:4f8fe30627b138387849db8b9e027c6600b4d8e8a9fb60898dd087ac04a3fd10_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:5fc0894cf8677cf0b4540dd45001085a1c6283666757196191311276ff1f52f7_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:bc596235b5108185241212de4315eb2fd1d520586041704fe6ea0f0556682f9c_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:d1ef4d43c288a2e2be270932d8bee2ebabe08d1c05eaedf408e8d3f08bc37d3d_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:38df2ee7b5531f7d2539a9b43cb4dee79c9afc3c47a9acd7a53352381bc77e0c_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:9eeb9e5ad290a62fd14bbe09d9214a123a3eb790f05b80a6bb94c7e9f55ec865_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:bee7a94b145bb0ef379093ccfa0eb0305b849c38d3974a0e45a32f8df7e0ed25_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:dd34a7c660015f0b0e85cf29bf768b873c8ffd10b4f30551dd4b761d6e2f93b6_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4fa64c0356d5de6ba506f6e5fe0af5112a071407f7882a4b69624d77e20014f5_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:6827a3aaadf146c58909950974c674e8ada6b408ce5055d146ba9cc504a3d38a_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:81170bd47e3f6d2ff25a1862e59c6b115858aa77254fe938034651e41d063f7e_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:b694393f429516351f376b8083d292f47ed203c147d6c80d2368543c95ea8169_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:2bbbef20cf7cd9e25fdf2c85f8ee0d85456ecea9f6fe63e316e82d6aa458fd65_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:331d6aa12b6dbe31110d4df4167150dc113b5915be1ffbbd8b606070c487b5ad_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:940208d4dd7b2d9700afde7071d4a17a428c1986b25294e4795f15ff90155cfb_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:99d598d0da818321501ab77ffd36dfb56af3ce815cd16c99bfe66fcc6be2bac6_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:63abdb4c0068a84e59a3317ecff1357f022d2666e6471d2ebd54a877c528ea3a_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:b9be5c3803e158f1fc6f9c2ddc0a1dc23a9d58a44ba9a3d70c869482af3f339a_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:d85da0482a93a9ee65d55ae033f61e26fb9a6b8ce8f7c855bbd670c69ad20fa2_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:e1d319b4eba5225519607ad30ee4dd56756ab5e76c403f1dcc8b98b0ab6cb416_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:21fe3eae3fc1fe8c338d41746943152c972087c5bba0f8af1445af1d77ce27fb_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:5e5f0d91736d097226d32257d77e8efeffb52e6e0616c52d93ac066d7fbe3b03_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:8700e66a3fcd395fe9b7a6e1171568356edcc022d9ff721f995f40a78f320ca8_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:c47d0280add20fe510e2c74334b905363b16b04491198af0fe8ca54ff063929e_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:321705a23de2319617f327718c625682d0a9ca7499f056c2d0d1e2239a7533da_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:9db5800892c9c9d70a73ed369832711be57d34fb9deb801537d50df9bf1741d0_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:a46b7990c0ad07dae78f43334c9bd5e6cba7b50ca60d3f880099b71e77bed214_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:be660e120bdda9b702ba6367c75c6eefa6c89ae6adfd7bd703bda0778b5c1060_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:089e54bad6d4cf04a40bef07321331364335e9b94f2895799dc20cc3b1d15b4f_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:6b79cc81807a4ba2eb1170d4c4341d4b3ec92b4e94c5de9837596bb082cc5628_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:799e7cb98798ab5c91f87dcce0817a3af253b038aeafd76eaf480f29e9009c92_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:d01bf0b31ad411e386a095817cd4b903613bfd2325040e91b92021b30be64c75_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:14ebd0e2b72184fd3cd064d464a66ff63dde432e4ec3297ab159ee46aa566da1_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:53ee7c53f046aeec9dc6250b776b5655758fe9d7b8028c43e36de2b82c7db4a5_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a1301dad903784986ba1940a67ef6cc5f6b9f2864fb290ac7a8f785a5d7ffb30_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a410ab1652167801e86452e024b30f9e3910a277c83a2111fac67fa4c05a8260_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:29f6ea3c582bb0a38e00988b1dcfff1a11697f2975454761812de03074855a77_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:42c8035b31fe78ed39d7fc4fcd344f02318ac3fa11b9bfa136412f44fd30c448_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:8e38fd058d78053b1a0dbe2bfb24e0dbef332e6fe1a53fef20d23c832088e20c_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:9da79600ffaf0fb23cd1222f3fb6de88e7c4d245b6cafc60a2806b8c5db66ac8_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:57a58a355f9f9cac3fcad5c30b6580cd445b5da23674895724308ce37609d245_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:6ab6080fe409b7a365d73923e4d5f3ec3e98a5a20dd7497be1d8dae78fec1532_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:832dc5f1fb97dcdd6b4d4734a3bdc922292807d555ea3c46b551440b82b3b024_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:d67ae06f23f7325531799ccef39d69c2967d0dae7bf7be560e65b02f0e1632a0_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:035e9b78ad832f30f15d9b75f7ae2faf220fe7d54b0cafcb184e242f77148a7b_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:074a8a5f28c8518daee6887b783046a0895ed65ddef29f1332f66598011695c1_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:1526233c99e74ac377c7c4c0b632a3755e468c9566b868330860ecf7bebac73c_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:bfbbccf02f9dbcbb0504188ba88605391e5e1ff5f09a8ba254867f74cf2385ff_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:4358bd5264994f7e2fefce583da0714fb9d4fb085eb1ab51b8309f0d94b9f153_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:a07c342c2e0cb85ab07527dd943cabfaac076ca3d541a94046fdaea882a1c627_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:cfec93f99516e4d29a0e3f4096a8063bce44f585b654582a189d41771cbd3f88_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:de6ec17ca6e1e523a0def395050a67592748b152af19ce957ffa992fd872124d_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26c4927f2c88031e4607387679416592eaf74466493a0421294b6e00a256add2_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:31f797b35537f16b4da2dabcc6fa8403540f2fa4fd2fb4756cc761db7d835eae_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:6966da8cb3686cd191d60224d93f74b5dfcfba4ccb398e5801614dd7d36f9c58_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:f7716e6bc3ce510d9c59818b189127b746ee9756c47e84b0005af0142c733279_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:819208b38462cb051ad4c758fe4abb083284969f9f31810d3ddaed0db03e5a18_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:aeb87311c1172e40165244e95f2a844f7079c39a65ac5edf23d1be31493193b9_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:bfe8d2e997c20941c14a88bc7b9ed630bbbfd639f094c651e63726dbfe432d53_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:d477979961e8bc28199454312d5147eb837fb17a193d3ea3f356fc6eb1881fa6_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:17ae245d343ebf0387352486690a78d351e66c9c4927f4b652173d70f6edf879_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:4d0584573dc88a4432e95ecd2e64dd92c1fc1c5a945939b47f0874a8704bd353_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:d0923360f8d0b918fe45fd89a0bccfb5066daa40a898aee8e5848cbfbab3a168_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:e79452acf8d3b269fbdc6e958cc0689afc7cedb90d871df1728f391bd4be2931_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:1b59e9e1281f15ac2c571b4b3accd841864161f23afb493cb8fee427b5e2a04f_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f9fa2c6058da4836d92fea2405296de1ed900179a60fd07ed14b9ae1705fdea_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:5bb94a87c3ac594474f1190bb157c8e6a79be4f73515d29b60b005a208c83543_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ec72a0e8654072f757fd9a1ca5385428d08cfd024e7bf59c59d78e5df3dce053_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:1629e75e8d18e5af47c71f6d156496a0ea9addeb476de6e79deb8ace47281e22_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:20ed8c365c2a3b3015b695c56eb091c9edfa1997e505694e19befbf96ab54417_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:27913ab5c9182e3345ddd4b2515fb80b94748d8b36b4902bdef0efd840e14604_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:731a38900bff389d0c3ff45d2b2326e390c40d09ad2bec0fa78b7fa4bd4dedf7_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:0f610489ea55b796b0973d3b80878975a542b61c63b7a0848bbca256fe60bf30_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:2804679d3b6cc59d33e0ada55aab9689bf97f73d89b63f9f155eb62bb2f22ebf_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:b9a1f7c7625bfbf00137ad61d9995f3530fc8a513558370b4b7a3e37b22fc9c0_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:c677f6574fd701f9dfce7cd73e939525a4c62c92868323f7876296865ff1ebe2_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:38d1eb001acb51af95e7f4a1878ae55818b1b9863a94c8e4b03e88ea4db2c5a0_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54b01953ef2fe569136c577c4387eb405d246c452c35130063e810995ca1ff2f_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54e88e3d33688d3b36cc8fb93db865fd788fe1e8f2ae7300e6c3d4afd08fd7f0_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:86c090b24787fd0ffd1a17317743dcda4c7a5f37e62bc4772b1db7d71b547ff8_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:6182fc24309fa292404727e561a89ecc62a3e317874964e4c94b0ec1bc5088c3_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:7f49ad936046118702cef20ae073ede28c5ba8578f90cd70804942bd5c211c03_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:8eae4223d0f3f5439f3e0618eff6110eef4e4eb2f61df47c09ef2e4979086658_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:ea12410a2594e802d0c3a39b2353ffd79e1ea04aa4d128dc191502326ca33bb5_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:41312496ceeeb4d588f5cf67fd0bcfbebd819b9035315685ca6e66bf2f22c4d9_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:9bebc321f3a61a497f1e7b7543a49f5a679fec7c98326754dd85c2a27506fef6_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:c2fb5eb246becd8037834ee5a0e39f4e023767be59655771a545d9d7105e11cd_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:ee5529540a69ba43ea5c8fe703228242f1b36736cb3f99c4a0650cd9b6e91d29_arm64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the Express.js minimalist web framework for node. Upstream versions of Express.js before 4.19.0 and all pre-release alpha and beta versions of 5.0 are affected by an open redirect vulnerability using malformed URLs. When a user of Express performs a redirect using a user-provided URL, Express performs an encode [using `encodeurl`](https://github.com/pillarjs/encodeurl) on the contents before passing it to the `location` header. This issue can cause malformed URLs to be evaluated in unexpected ways by common redirect allow list implementations in Express applications, leading to an Open Redirect via bypass of a properly implemented allow list. The main method impacted is `res.location()`, but this is also called from within `res.redirect()`. The vulnerability is fixed in upstream version 4.19.2 and 5.0.0-beta.3.
6.1 (Medium)
Affected products
Fixed
112 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:6b3e1fb2d534596e811290912f44adc7e802f0b9221fdf99c040804741be51f4_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:97f4b5fe34f39729a6e5b0dae6992788e707e400bf5e0c7f6ef9e0a1751ffd81_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:abb7268ee2ce62b94b4dba0fc65207bcc7ac64338b10d15ccc57a0b077c56d5e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d0e21023ff258a92b2b899089ac8245f6a7aaedf72596dd952bc6bc2072f07eb_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:5fcd0a7266ebb30fcb6522de7d46185f3c4effcf7aed2bdff9133180d8092e81_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:a9308b73e38d1784e7e0e85530494811a3a936581b0b15406a831cbca6b51d4d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:d740f317b2fd15a7fdb8b5461bc3ee13d8eed50c29536fe4217b89340103f07f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:ec8e4322d9d75fbaf2bbdf87d80f890af7e59b111a03138e2ea9e8e21a9841fc_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:458ff95d3645b3904d6ff93b5a2da1759a27e9d0d775c8adf598ab6886eba175_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:5cc1a8b7a7d6af4681e93dbcf378bc0b1cac853aa37172dd2e64950e33b0d390_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:6730b6c5d63b9fbd7e10150fcc5e62c0145320a949f0dda56ae0864561651729_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:ed1ecc41d06d040907ac59e0c39ddd6429770cba6628fb532228f3b1b4b1233d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:5da6397f22e3ebd8a8d363f39d8cba2fdf15b13a2f8955488ac2b047a2ee3b90_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:93e0a7bcbef2432c645a0f7295035776950ff2018452b6a63bdd3af9312746c3_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a0c347a5c888baedebaa32eecf9cf6f625fcf37ade2f42702ff6bbfb306e68f8_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a1e781866d3c356f38e89a3937d6b96a3c15b7b880f1a5c35fe7e106f81213fe_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:43dc6d413eab18ba5fa27c8acbbc437dbb21294b47be41cb4e77bfa49ee6776e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:60c70453cdda43c61fe75aac3e95ffde9b1c8cc06dae9749017020586dc334ef_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:72c17887a35bc880045ea9ef7d2fcdf5fda106f563853102582661698d71af74_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:c77bfce0abaac800970937b5348cf16b631a101f6e96c743d5782f6b420d191a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:3dd3c388b1acf33c0d651b32bc0510395926e5e5444f6c3fd2e72c4ac00cb64d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:72d9112a32a3e0598883a679cd2937fee73dffd502ddb2e44350e7e6625175e7_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:81994abd500fe05fa9ebc1bb6ccfde573ca1e2acafa3a943f31dc2a5dc5599fd_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:acc4cacbb79098e2430a51abec6667bcd401591b9d8c250978328360e947caec_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:4f8fe30627b138387849db8b9e027c6600b4d8e8a9fb60898dd087ac04a3fd10_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:5fc0894cf8677cf0b4540dd45001085a1c6283666757196191311276ff1f52f7_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:bc596235b5108185241212de4315eb2fd1d520586041704fe6ea0f0556682f9c_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:d1ef4d43c288a2e2be270932d8bee2ebabe08d1c05eaedf408e8d3f08bc37d3d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:38df2ee7b5531f7d2539a9b43cb4dee79c9afc3c47a9acd7a53352381bc77e0c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:9eeb9e5ad290a62fd14bbe09d9214a123a3eb790f05b80a6bb94c7e9f55ec865_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:bee7a94b145bb0ef379093ccfa0eb0305b849c38d3974a0e45a32f8df7e0ed25_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:dd34a7c660015f0b0e85cf29bf768b873c8ffd10b4f30551dd4b761d6e2f93b6_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4fa64c0356d5de6ba506f6e5fe0af5112a071407f7882a4b69624d77e20014f5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:6827a3aaadf146c58909950974c674e8ada6b408ce5055d146ba9cc504a3d38a_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:81170bd47e3f6d2ff25a1862e59c6b115858aa77254fe938034651e41d063f7e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:b694393f429516351f376b8083d292f47ed203c147d6c80d2368543c95ea8169_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:2bbbef20cf7cd9e25fdf2c85f8ee0d85456ecea9f6fe63e316e82d6aa458fd65_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:331d6aa12b6dbe31110d4df4167150dc113b5915be1ffbbd8b606070c487b5ad_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:940208d4dd7b2d9700afde7071d4a17a428c1986b25294e4795f15ff90155cfb_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:99d598d0da818321501ab77ffd36dfb56af3ce815cd16c99bfe66fcc6be2bac6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:63abdb4c0068a84e59a3317ecff1357f022d2666e6471d2ebd54a877c528ea3a_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:b9be5c3803e158f1fc6f9c2ddc0a1dc23a9d58a44ba9a3d70c869482af3f339a_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:d85da0482a93a9ee65d55ae033f61e26fb9a6b8ce8f7c855bbd670c69ad20fa2_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:e1d319b4eba5225519607ad30ee4dd56756ab5e76c403f1dcc8b98b0ab6cb416_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:21fe3eae3fc1fe8c338d41746943152c972087c5bba0f8af1445af1d77ce27fb_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:5e5f0d91736d097226d32257d77e8efeffb52e6e0616c52d93ac066d7fbe3b03_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:8700e66a3fcd395fe9b7a6e1171568356edcc022d9ff721f995f40a78f320ca8_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:c47d0280add20fe510e2c74334b905363b16b04491198af0fe8ca54ff063929e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:321705a23de2319617f327718c625682d0a9ca7499f056c2d0d1e2239a7533da_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:9db5800892c9c9d70a73ed369832711be57d34fb9deb801537d50df9bf1741d0_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:a46b7990c0ad07dae78f43334c9bd5e6cba7b50ca60d3f880099b71e77bed214_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:be660e120bdda9b702ba6367c75c6eefa6c89ae6adfd7bd703bda0778b5c1060_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:089e54bad6d4cf04a40bef07321331364335e9b94f2895799dc20cc3b1d15b4f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:6b79cc81807a4ba2eb1170d4c4341d4b3ec92b4e94c5de9837596bb082cc5628_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:799e7cb98798ab5c91f87dcce0817a3af253b038aeafd76eaf480f29e9009c92_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:d01bf0b31ad411e386a095817cd4b903613bfd2325040e91b92021b30be64c75_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:14ebd0e2b72184fd3cd064d464a66ff63dde432e4ec3297ab159ee46aa566da1_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:53ee7c53f046aeec9dc6250b776b5655758fe9d7b8028c43e36de2b82c7db4a5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a1301dad903784986ba1940a67ef6cc5f6b9f2864fb290ac7a8f785a5d7ffb30_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a410ab1652167801e86452e024b30f9e3910a277c83a2111fac67fa4c05a8260_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:29f6ea3c582bb0a38e00988b1dcfff1a11697f2975454761812de03074855a77_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:42c8035b31fe78ed39d7fc4fcd344f02318ac3fa11b9bfa136412f44fd30c448_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:8e38fd058d78053b1a0dbe2bfb24e0dbef332e6fe1a53fef20d23c832088e20c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:9da79600ffaf0fb23cd1222f3fb6de88e7c4d245b6cafc60a2806b8c5db66ac8_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:57a58a355f9f9cac3fcad5c30b6580cd445b5da23674895724308ce37609d245_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:6ab6080fe409b7a365d73923e4d5f3ec3e98a5a20dd7497be1d8dae78fec1532_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:832dc5f1fb97dcdd6b4d4734a3bdc922292807d555ea3c46b551440b82b3b024_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:d67ae06f23f7325531799ccef39d69c2967d0dae7bf7be560e65b02f0e1632a0_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:035e9b78ad832f30f15d9b75f7ae2faf220fe7d54b0cafcb184e242f77148a7b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:074a8a5f28c8518daee6887b783046a0895ed65ddef29f1332f66598011695c1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:1526233c99e74ac377c7c4c0b632a3755e468c9566b868330860ecf7bebac73c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:bfbbccf02f9dbcbb0504188ba88605391e5e1ff5f09a8ba254867f74cf2385ff_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:4358bd5264994f7e2fefce583da0714fb9d4fb085eb1ab51b8309f0d94b9f153_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:a07c342c2e0cb85ab07527dd943cabfaac076ca3d541a94046fdaea882a1c627_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:cfec93f99516e4d29a0e3f4096a8063bce44f585b654582a189d41771cbd3f88_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:de6ec17ca6e1e523a0def395050a67592748b152af19ce957ffa992fd872124d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26c4927f2c88031e4607387679416592eaf74466493a0421294b6e00a256add2_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:31f797b35537f16b4da2dabcc6fa8403540f2fa4fd2fb4756cc761db7d835eae_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:6966da8cb3686cd191d60224d93f74b5dfcfba4ccb398e5801614dd7d36f9c58_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:f7716e6bc3ce510d9c59818b189127b746ee9756c47e84b0005af0142c733279_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:819208b38462cb051ad4c758fe4abb083284969f9f31810d3ddaed0db03e5a18_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:aeb87311c1172e40165244e95f2a844f7079c39a65ac5edf23d1be31493193b9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:bfe8d2e997c20941c14a88bc7b9ed630bbbfd639f094c651e63726dbfe432d53_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:d477979961e8bc28199454312d5147eb837fb17a193d3ea3f356fc6eb1881fa6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:17ae245d343ebf0387352486690a78d351e66c9c4927f4b652173d70f6edf879_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:4d0584573dc88a4432e95ecd2e64dd92c1fc1c5a945939b47f0874a8704bd353_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:d0923360f8d0b918fe45fd89a0bccfb5066daa40a898aee8e5848cbfbab3a168_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:e79452acf8d3b269fbdc6e958cc0689afc7cedb90d871df1728f391bd4be2931_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:1b59e9e1281f15ac2c571b4b3accd841864161f23afb493cb8fee427b5e2a04f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f9fa2c6058da4836d92fea2405296de1ed900179a60fd07ed14b9ae1705fdea_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:5bb94a87c3ac594474f1190bb157c8e6a79be4f73515d29b60b005a208c83543_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ec72a0e8654072f757fd9a1ca5385428d08cfd024e7bf59c59d78e5df3dce053_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:1629e75e8d18e5af47c71f6d156496a0ea9addeb476de6e79deb8ace47281e22_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:20ed8c365c2a3b3015b695c56eb091c9edfa1997e505694e19befbf96ab54417_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:27913ab5c9182e3345ddd4b2515fb80b94748d8b36b4902bdef0efd840e14604_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:731a38900bff389d0c3ff45d2b2326e390c40d09ad2bec0fa78b7fa4bd4dedf7_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:0f610489ea55b796b0973d3b80878975a542b61c63b7a0848bbca256fe60bf30_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:2804679d3b6cc59d33e0ada55aab9689bf97f73d89b63f9f155eb62bb2f22ebf_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:b9a1f7c7625bfbf00137ad61d9995f3530fc8a513558370b4b7a3e37b22fc9c0_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:c677f6574fd701f9dfce7cd73e939525a4c62c92868323f7876296865ff1ebe2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:38d1eb001acb51af95e7f4a1878ae55818b1b9863a94c8e4b03e88ea4db2c5a0_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54b01953ef2fe569136c577c4387eb405d246c452c35130063e810995ca1ff2f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54e88e3d33688d3b36cc8fb93db865fd788fe1e8f2ae7300e6c3d4afd08fd7f0_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:86c090b24787fd0ffd1a17317743dcda4c7a5f37e62bc4772b1db7d71b547ff8_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:6182fc24309fa292404727e561a89ecc62a3e317874964e4c94b0ec1bc5088c3_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:7f49ad936046118702cef20ae073ede28c5ba8578f90cd70804942bd5c211c03_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:8eae4223d0f3f5439f3e0618eff6110eef4e4eb2f61df47c09ef2e4979086658_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:ea12410a2594e802d0c3a39b2353ffd79e1ea04aa4d128dc191502326ca33bb5_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:41312496ceeeb4d588f5cf67fd0bcfbebd819b9035315685ca6e66bf2f22c4d9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:9bebc321f3a61a497f1e7b7543a49f5a679fec7c98326754dd85c2a27506fef6_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:c2fb5eb246becd8037834ee5a0e39f4e023767be59655771a545d9d7105e11cd_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:ee5529540a69ba43ea5c8fe703228242f1b36736cb3f99c4a0650cd9b6e91d29_arm64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in the webpack-dev-middleware package, where it failed to validate the supplied URL address sufficiently before returning local files. This flaw allows an attacker to craft URLs to return arbitrary local files from the developer's machine. The lack of normalization before calling the middleware also allows the attacker to perform path traversal attacks on the target environment.
7.4 (High)
Affected products
Fixed
112 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:6b3e1fb2d534596e811290912f44adc7e802f0b9221fdf99c040804741be51f4_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:97f4b5fe34f39729a6e5b0dae6992788e707e400bf5e0c7f6ef9e0a1751ffd81_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:abb7268ee2ce62b94b4dba0fc65207bcc7ac64338b10d15ccc57a0b077c56d5e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d0e21023ff258a92b2b899089ac8245f6a7aaedf72596dd952bc6bc2072f07eb_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:5fcd0a7266ebb30fcb6522de7d46185f3c4effcf7aed2bdff9133180d8092e81_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:a9308b73e38d1784e7e0e85530494811a3a936581b0b15406a831cbca6b51d4d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:d740f317b2fd15a7fdb8b5461bc3ee13d8eed50c29536fe4217b89340103f07f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:ec8e4322d9d75fbaf2bbdf87d80f890af7e59b111a03138e2ea9e8e21a9841fc_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:458ff95d3645b3904d6ff93b5a2da1759a27e9d0d775c8adf598ab6886eba175_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:5cc1a8b7a7d6af4681e93dbcf378bc0b1cac853aa37172dd2e64950e33b0d390_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:6730b6c5d63b9fbd7e10150fcc5e62c0145320a949f0dda56ae0864561651729_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:ed1ecc41d06d040907ac59e0c39ddd6429770cba6628fb532228f3b1b4b1233d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:5da6397f22e3ebd8a8d363f39d8cba2fdf15b13a2f8955488ac2b047a2ee3b90_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:93e0a7bcbef2432c645a0f7295035776950ff2018452b6a63bdd3af9312746c3_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a0c347a5c888baedebaa32eecf9cf6f625fcf37ade2f42702ff6bbfb306e68f8_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a1e781866d3c356f38e89a3937d6b96a3c15b7b880f1a5c35fe7e106f81213fe_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:43dc6d413eab18ba5fa27c8acbbc437dbb21294b47be41cb4e77bfa49ee6776e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:60c70453cdda43c61fe75aac3e95ffde9b1c8cc06dae9749017020586dc334ef_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:72c17887a35bc880045ea9ef7d2fcdf5fda106f563853102582661698d71af74_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:c77bfce0abaac800970937b5348cf16b631a101f6e96c743d5782f6b420d191a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:3dd3c388b1acf33c0d651b32bc0510395926e5e5444f6c3fd2e72c4ac00cb64d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:72d9112a32a3e0598883a679cd2937fee73dffd502ddb2e44350e7e6625175e7_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:81994abd500fe05fa9ebc1bb6ccfde573ca1e2acafa3a943f31dc2a5dc5599fd_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:acc4cacbb79098e2430a51abec6667bcd401591b9d8c250978328360e947caec_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:4f8fe30627b138387849db8b9e027c6600b4d8e8a9fb60898dd087ac04a3fd10_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:5fc0894cf8677cf0b4540dd45001085a1c6283666757196191311276ff1f52f7_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:bc596235b5108185241212de4315eb2fd1d520586041704fe6ea0f0556682f9c_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:d1ef4d43c288a2e2be270932d8bee2ebabe08d1c05eaedf408e8d3f08bc37d3d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:38df2ee7b5531f7d2539a9b43cb4dee79c9afc3c47a9acd7a53352381bc77e0c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:9eeb9e5ad290a62fd14bbe09d9214a123a3eb790f05b80a6bb94c7e9f55ec865_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:bee7a94b145bb0ef379093ccfa0eb0305b849c38d3974a0e45a32f8df7e0ed25_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:dd34a7c660015f0b0e85cf29bf768b873c8ffd10b4f30551dd4b761d6e2f93b6_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4fa64c0356d5de6ba506f6e5fe0af5112a071407f7882a4b69624d77e20014f5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:6827a3aaadf146c58909950974c674e8ada6b408ce5055d146ba9cc504a3d38a_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:81170bd47e3f6d2ff25a1862e59c6b115858aa77254fe938034651e41d063f7e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:b694393f429516351f376b8083d292f47ed203c147d6c80d2368543c95ea8169_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:2bbbef20cf7cd9e25fdf2c85f8ee0d85456ecea9f6fe63e316e82d6aa458fd65_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:331d6aa12b6dbe31110d4df4167150dc113b5915be1ffbbd8b606070c487b5ad_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:940208d4dd7b2d9700afde7071d4a17a428c1986b25294e4795f15ff90155cfb_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:99d598d0da818321501ab77ffd36dfb56af3ce815cd16c99bfe66fcc6be2bac6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:63abdb4c0068a84e59a3317ecff1357f022d2666e6471d2ebd54a877c528ea3a_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:b9be5c3803e158f1fc6f9c2ddc0a1dc23a9d58a44ba9a3d70c869482af3f339a_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:d85da0482a93a9ee65d55ae033f61e26fb9a6b8ce8f7c855bbd670c69ad20fa2_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:e1d319b4eba5225519607ad30ee4dd56756ab5e76c403f1dcc8b98b0ab6cb416_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:21fe3eae3fc1fe8c338d41746943152c972087c5bba0f8af1445af1d77ce27fb_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:5e5f0d91736d097226d32257d77e8efeffb52e6e0616c52d93ac066d7fbe3b03_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:8700e66a3fcd395fe9b7a6e1171568356edcc022d9ff721f995f40a78f320ca8_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:c47d0280add20fe510e2c74334b905363b16b04491198af0fe8ca54ff063929e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:321705a23de2319617f327718c625682d0a9ca7499f056c2d0d1e2239a7533da_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:9db5800892c9c9d70a73ed369832711be57d34fb9deb801537d50df9bf1741d0_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:a46b7990c0ad07dae78f43334c9bd5e6cba7b50ca60d3f880099b71e77bed214_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:be660e120bdda9b702ba6367c75c6eefa6c89ae6adfd7bd703bda0778b5c1060_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:089e54bad6d4cf04a40bef07321331364335e9b94f2895799dc20cc3b1d15b4f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:6b79cc81807a4ba2eb1170d4c4341d4b3ec92b4e94c5de9837596bb082cc5628_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:799e7cb98798ab5c91f87dcce0817a3af253b038aeafd76eaf480f29e9009c92_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:d01bf0b31ad411e386a095817cd4b903613bfd2325040e91b92021b30be64c75_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:14ebd0e2b72184fd3cd064d464a66ff63dde432e4ec3297ab159ee46aa566da1_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:53ee7c53f046aeec9dc6250b776b5655758fe9d7b8028c43e36de2b82c7db4a5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a1301dad903784986ba1940a67ef6cc5f6b9f2864fb290ac7a8f785a5d7ffb30_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a410ab1652167801e86452e024b30f9e3910a277c83a2111fac67fa4c05a8260_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:29f6ea3c582bb0a38e00988b1dcfff1a11697f2975454761812de03074855a77_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:42c8035b31fe78ed39d7fc4fcd344f02318ac3fa11b9bfa136412f44fd30c448_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:8e38fd058d78053b1a0dbe2bfb24e0dbef332e6fe1a53fef20d23c832088e20c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:9da79600ffaf0fb23cd1222f3fb6de88e7c4d245b6cafc60a2806b8c5db66ac8_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:57a58a355f9f9cac3fcad5c30b6580cd445b5da23674895724308ce37609d245_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:6ab6080fe409b7a365d73923e4d5f3ec3e98a5a20dd7497be1d8dae78fec1532_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:832dc5f1fb97dcdd6b4d4734a3bdc922292807d555ea3c46b551440b82b3b024_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:d67ae06f23f7325531799ccef39d69c2967d0dae7bf7be560e65b02f0e1632a0_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:035e9b78ad832f30f15d9b75f7ae2faf220fe7d54b0cafcb184e242f77148a7b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:074a8a5f28c8518daee6887b783046a0895ed65ddef29f1332f66598011695c1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:1526233c99e74ac377c7c4c0b632a3755e468c9566b868330860ecf7bebac73c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:bfbbccf02f9dbcbb0504188ba88605391e5e1ff5f09a8ba254867f74cf2385ff_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:4358bd5264994f7e2fefce583da0714fb9d4fb085eb1ab51b8309f0d94b9f153_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:a07c342c2e0cb85ab07527dd943cabfaac076ca3d541a94046fdaea882a1c627_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:cfec93f99516e4d29a0e3f4096a8063bce44f585b654582a189d41771cbd3f88_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:de6ec17ca6e1e523a0def395050a67592748b152af19ce957ffa992fd872124d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26c4927f2c88031e4607387679416592eaf74466493a0421294b6e00a256add2_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:31f797b35537f16b4da2dabcc6fa8403540f2fa4fd2fb4756cc761db7d835eae_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:6966da8cb3686cd191d60224d93f74b5dfcfba4ccb398e5801614dd7d36f9c58_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:f7716e6bc3ce510d9c59818b189127b746ee9756c47e84b0005af0142c733279_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:819208b38462cb051ad4c758fe4abb083284969f9f31810d3ddaed0db03e5a18_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:aeb87311c1172e40165244e95f2a844f7079c39a65ac5edf23d1be31493193b9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:bfe8d2e997c20941c14a88bc7b9ed630bbbfd639f094c651e63726dbfe432d53_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:d477979961e8bc28199454312d5147eb837fb17a193d3ea3f356fc6eb1881fa6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:17ae245d343ebf0387352486690a78d351e66c9c4927f4b652173d70f6edf879_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:4d0584573dc88a4432e95ecd2e64dd92c1fc1c5a945939b47f0874a8704bd353_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:d0923360f8d0b918fe45fd89a0bccfb5066daa40a898aee8e5848cbfbab3a168_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:e79452acf8d3b269fbdc6e958cc0689afc7cedb90d871df1728f391bd4be2931_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:1b59e9e1281f15ac2c571b4b3accd841864161f23afb493cb8fee427b5e2a04f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f9fa2c6058da4836d92fea2405296de1ed900179a60fd07ed14b9ae1705fdea_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:5bb94a87c3ac594474f1190bb157c8e6a79be4f73515d29b60b005a208c83543_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ec72a0e8654072f757fd9a1ca5385428d08cfd024e7bf59c59d78e5df3dce053_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:1629e75e8d18e5af47c71f6d156496a0ea9addeb476de6e79deb8ace47281e22_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:20ed8c365c2a3b3015b695c56eb091c9edfa1997e505694e19befbf96ab54417_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:27913ab5c9182e3345ddd4b2515fb80b94748d8b36b4902bdef0efd840e14604_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:731a38900bff389d0c3ff45d2b2326e390c40d09ad2bec0fa78b7fa4bd4dedf7_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:0f610489ea55b796b0973d3b80878975a542b61c63b7a0848bbca256fe60bf30_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:2804679d3b6cc59d33e0ada55aab9689bf97f73d89b63f9f155eb62bb2f22ebf_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:b9a1f7c7625bfbf00137ad61d9995f3530fc8a513558370b4b7a3e37b22fc9c0_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:c677f6574fd701f9dfce7cd73e939525a4c62c92868323f7876296865ff1ebe2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:38d1eb001acb51af95e7f4a1878ae55818b1b9863a94c8e4b03e88ea4db2c5a0_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54b01953ef2fe569136c577c4387eb405d246c452c35130063e810995ca1ff2f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54e88e3d33688d3b36cc8fb93db865fd788fe1e8f2ae7300e6c3d4afd08fd7f0_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:86c090b24787fd0ffd1a17317743dcda4c7a5f37e62bc4772b1db7d71b547ff8_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:6182fc24309fa292404727e561a89ecc62a3e317874964e4c94b0ec1bc5088c3_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:7f49ad936046118702cef20ae073ede28c5ba8578f90cd70804942bd5c211c03_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:8eae4223d0f3f5439f3e0618eff6110eef4e4eb2f61df47c09ef2e4979086658_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:ea12410a2594e802d0c3a39b2353ffd79e1ea04aa4d128dc191502326ca33bb5_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:41312496ceeeb4d588f5cf67fd0bcfbebd819b9035315685ca6e66bf2f22c4d9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:9bebc321f3a61a497f1e7b7543a49f5a679fec7c98326754dd85c2a27506fef6_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:c2fb5eb246becd8037834ee5a0e39f4e023767be59655771a545d9d7105e11cd_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:ee5529540a69ba43ea5c8fe703228242f1b36736cb3f99c4a0650cd9b6e91d29_arm64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A vulnerability was found in the Axios HTTP Client. It is vulnerable to a server-side request forgery attack (SSRF) caused by unexpected behavior where requests for path-relative URLs get processed as protocol-relative URLs. This flaw allows an attacker to perform arbitrary requests from the server, potentially accessing internal systems or exfiltrating sensitive data.
7.5 (High)
Affected products
Fixed
112 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:6b3e1fb2d534596e811290912f44adc7e802f0b9221fdf99c040804741be51f4_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:97f4b5fe34f39729a6e5b0dae6992788e707e400bf5e0c7f6ef9e0a1751ffd81_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:abb7268ee2ce62b94b4dba0fc65207bcc7ac64338b10d15ccc57a0b077c56d5e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d0e21023ff258a92b2b899089ac8245f6a7aaedf72596dd952bc6bc2072f07eb_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:5fcd0a7266ebb30fcb6522de7d46185f3c4effcf7aed2bdff9133180d8092e81_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:a9308b73e38d1784e7e0e85530494811a3a936581b0b15406a831cbca6b51d4d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:d740f317b2fd15a7fdb8b5461bc3ee13d8eed50c29536fe4217b89340103f07f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:ec8e4322d9d75fbaf2bbdf87d80f890af7e59b111a03138e2ea9e8e21a9841fc_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:458ff95d3645b3904d6ff93b5a2da1759a27e9d0d775c8adf598ab6886eba175_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:5cc1a8b7a7d6af4681e93dbcf378bc0b1cac853aa37172dd2e64950e33b0d390_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:6730b6c5d63b9fbd7e10150fcc5e62c0145320a949f0dda56ae0864561651729_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:ed1ecc41d06d040907ac59e0c39ddd6429770cba6628fb532228f3b1b4b1233d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:5da6397f22e3ebd8a8d363f39d8cba2fdf15b13a2f8955488ac2b047a2ee3b90_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:93e0a7bcbef2432c645a0f7295035776950ff2018452b6a63bdd3af9312746c3_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a0c347a5c888baedebaa32eecf9cf6f625fcf37ade2f42702ff6bbfb306e68f8_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a1e781866d3c356f38e89a3937d6b96a3c15b7b880f1a5c35fe7e106f81213fe_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:43dc6d413eab18ba5fa27c8acbbc437dbb21294b47be41cb4e77bfa49ee6776e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:60c70453cdda43c61fe75aac3e95ffde9b1c8cc06dae9749017020586dc334ef_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:72c17887a35bc880045ea9ef7d2fcdf5fda106f563853102582661698d71af74_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:c77bfce0abaac800970937b5348cf16b631a101f6e96c743d5782f6b420d191a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:3dd3c388b1acf33c0d651b32bc0510395926e5e5444f6c3fd2e72c4ac00cb64d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:72d9112a32a3e0598883a679cd2937fee73dffd502ddb2e44350e7e6625175e7_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:81994abd500fe05fa9ebc1bb6ccfde573ca1e2acafa3a943f31dc2a5dc5599fd_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:acc4cacbb79098e2430a51abec6667bcd401591b9d8c250978328360e947caec_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:4f8fe30627b138387849db8b9e027c6600b4d8e8a9fb60898dd087ac04a3fd10_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:5fc0894cf8677cf0b4540dd45001085a1c6283666757196191311276ff1f52f7_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:bc596235b5108185241212de4315eb2fd1d520586041704fe6ea0f0556682f9c_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:d1ef4d43c288a2e2be270932d8bee2ebabe08d1c05eaedf408e8d3f08bc37d3d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:38df2ee7b5531f7d2539a9b43cb4dee79c9afc3c47a9acd7a53352381bc77e0c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:9eeb9e5ad290a62fd14bbe09d9214a123a3eb790f05b80a6bb94c7e9f55ec865_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:bee7a94b145bb0ef379093ccfa0eb0305b849c38d3974a0e45a32f8df7e0ed25_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:dd34a7c660015f0b0e85cf29bf768b873c8ffd10b4f30551dd4b761d6e2f93b6_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4fa64c0356d5de6ba506f6e5fe0af5112a071407f7882a4b69624d77e20014f5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:6827a3aaadf146c58909950974c674e8ada6b408ce5055d146ba9cc504a3d38a_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:81170bd47e3f6d2ff25a1862e59c6b115858aa77254fe938034651e41d063f7e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:b694393f429516351f376b8083d292f47ed203c147d6c80d2368543c95ea8169_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:2bbbef20cf7cd9e25fdf2c85f8ee0d85456ecea9f6fe63e316e82d6aa458fd65_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:331d6aa12b6dbe31110d4df4167150dc113b5915be1ffbbd8b606070c487b5ad_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:940208d4dd7b2d9700afde7071d4a17a428c1986b25294e4795f15ff90155cfb_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:99d598d0da818321501ab77ffd36dfb56af3ce815cd16c99bfe66fcc6be2bac6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:63abdb4c0068a84e59a3317ecff1357f022d2666e6471d2ebd54a877c528ea3a_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:b9be5c3803e158f1fc6f9c2ddc0a1dc23a9d58a44ba9a3d70c869482af3f339a_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:d85da0482a93a9ee65d55ae033f61e26fb9a6b8ce8f7c855bbd670c69ad20fa2_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:e1d319b4eba5225519607ad30ee4dd56756ab5e76c403f1dcc8b98b0ab6cb416_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:21fe3eae3fc1fe8c338d41746943152c972087c5bba0f8af1445af1d77ce27fb_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:5e5f0d91736d097226d32257d77e8efeffb52e6e0616c52d93ac066d7fbe3b03_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:8700e66a3fcd395fe9b7a6e1171568356edcc022d9ff721f995f40a78f320ca8_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:c47d0280add20fe510e2c74334b905363b16b04491198af0fe8ca54ff063929e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:321705a23de2319617f327718c625682d0a9ca7499f056c2d0d1e2239a7533da_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:9db5800892c9c9d70a73ed369832711be57d34fb9deb801537d50df9bf1741d0_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:a46b7990c0ad07dae78f43334c9bd5e6cba7b50ca60d3f880099b71e77bed214_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:be660e120bdda9b702ba6367c75c6eefa6c89ae6adfd7bd703bda0778b5c1060_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:089e54bad6d4cf04a40bef07321331364335e9b94f2895799dc20cc3b1d15b4f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:6b79cc81807a4ba2eb1170d4c4341d4b3ec92b4e94c5de9837596bb082cc5628_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:799e7cb98798ab5c91f87dcce0817a3af253b038aeafd76eaf480f29e9009c92_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:d01bf0b31ad411e386a095817cd4b903613bfd2325040e91b92021b30be64c75_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:14ebd0e2b72184fd3cd064d464a66ff63dde432e4ec3297ab159ee46aa566da1_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:53ee7c53f046aeec9dc6250b776b5655758fe9d7b8028c43e36de2b82c7db4a5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a1301dad903784986ba1940a67ef6cc5f6b9f2864fb290ac7a8f785a5d7ffb30_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a410ab1652167801e86452e024b30f9e3910a277c83a2111fac67fa4c05a8260_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:29f6ea3c582bb0a38e00988b1dcfff1a11697f2975454761812de03074855a77_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:42c8035b31fe78ed39d7fc4fcd344f02318ac3fa11b9bfa136412f44fd30c448_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:8e38fd058d78053b1a0dbe2bfb24e0dbef332e6fe1a53fef20d23c832088e20c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:9da79600ffaf0fb23cd1222f3fb6de88e7c4d245b6cafc60a2806b8c5db66ac8_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:57a58a355f9f9cac3fcad5c30b6580cd445b5da23674895724308ce37609d245_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:6ab6080fe409b7a365d73923e4d5f3ec3e98a5a20dd7497be1d8dae78fec1532_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:832dc5f1fb97dcdd6b4d4734a3bdc922292807d555ea3c46b551440b82b3b024_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:d67ae06f23f7325531799ccef39d69c2967d0dae7bf7be560e65b02f0e1632a0_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:035e9b78ad832f30f15d9b75f7ae2faf220fe7d54b0cafcb184e242f77148a7b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:074a8a5f28c8518daee6887b783046a0895ed65ddef29f1332f66598011695c1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:1526233c99e74ac377c7c4c0b632a3755e468c9566b868330860ecf7bebac73c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:bfbbccf02f9dbcbb0504188ba88605391e5e1ff5f09a8ba254867f74cf2385ff_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:4358bd5264994f7e2fefce583da0714fb9d4fb085eb1ab51b8309f0d94b9f153_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:a07c342c2e0cb85ab07527dd943cabfaac076ca3d541a94046fdaea882a1c627_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:cfec93f99516e4d29a0e3f4096a8063bce44f585b654582a189d41771cbd3f88_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:de6ec17ca6e1e523a0def395050a67592748b152af19ce957ffa992fd872124d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26c4927f2c88031e4607387679416592eaf74466493a0421294b6e00a256add2_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:31f797b35537f16b4da2dabcc6fa8403540f2fa4fd2fb4756cc761db7d835eae_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:6966da8cb3686cd191d60224d93f74b5dfcfba4ccb398e5801614dd7d36f9c58_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:f7716e6bc3ce510d9c59818b189127b746ee9756c47e84b0005af0142c733279_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:819208b38462cb051ad4c758fe4abb083284969f9f31810d3ddaed0db03e5a18_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:aeb87311c1172e40165244e95f2a844f7079c39a65ac5edf23d1be31493193b9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:bfe8d2e997c20941c14a88bc7b9ed630bbbfd639f094c651e63726dbfe432d53_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:d477979961e8bc28199454312d5147eb837fb17a193d3ea3f356fc6eb1881fa6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:17ae245d343ebf0387352486690a78d351e66c9c4927f4b652173d70f6edf879_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:4d0584573dc88a4432e95ecd2e64dd92c1fc1c5a945939b47f0874a8704bd353_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:d0923360f8d0b918fe45fd89a0bccfb5066daa40a898aee8e5848cbfbab3a168_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:e79452acf8d3b269fbdc6e958cc0689afc7cedb90d871df1728f391bd4be2931_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:1b59e9e1281f15ac2c571b4b3accd841864161f23afb493cb8fee427b5e2a04f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f9fa2c6058da4836d92fea2405296de1ed900179a60fd07ed14b9ae1705fdea_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:5bb94a87c3ac594474f1190bb157c8e6a79be4f73515d29b60b005a208c83543_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ec72a0e8654072f757fd9a1ca5385428d08cfd024e7bf59c59d78e5df3dce053_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:1629e75e8d18e5af47c71f6d156496a0ea9addeb476de6e79deb8ace47281e22_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:20ed8c365c2a3b3015b695c56eb091c9edfa1997e505694e19befbf96ab54417_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:27913ab5c9182e3345ddd4b2515fb80b94748d8b36b4902bdef0efd840e14604_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:731a38900bff389d0c3ff45d2b2326e390c40d09ad2bec0fa78b7fa4bd4dedf7_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:0f610489ea55b796b0973d3b80878975a542b61c63b7a0848bbca256fe60bf30_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:2804679d3b6cc59d33e0ada55aab9689bf97f73d89b63f9f155eb62bb2f22ebf_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:b9a1f7c7625bfbf00137ad61d9995f3530fc8a513558370b4b7a3e37b22fc9c0_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:c677f6574fd701f9dfce7cd73e939525a4c62c92868323f7876296865ff1ebe2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:38d1eb001acb51af95e7f4a1878ae55818b1b9863a94c8e4b03e88ea4db2c5a0_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54b01953ef2fe569136c577c4387eb405d246c452c35130063e810995ca1ff2f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54e88e3d33688d3b36cc8fb93db865fd788fe1e8f2ae7300e6c3d4afd08fd7f0_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:86c090b24787fd0ffd1a17317743dcda4c7a5f37e62bc4772b1db7d71b547ff8_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:6182fc24309fa292404727e561a89ecc62a3e317874964e4c94b0ec1bc5088c3_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:7f49ad936046118702cef20ae073ede28c5ba8578f90cd70804942bd5c211c03_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:8eae4223d0f3f5439f3e0618eff6110eef4e4eb2f61df47c09ef2e4979086658_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:ea12410a2594e802d0c3a39b2353ffd79e1ea04aa4d128dc191502326ca33bb5_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:41312496ceeeb4d588f5cf67fd0bcfbebd819b9035315685ca6e66bf2f22c4d9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:9bebc321f3a61a497f1e7b7543a49f5a679fec7c98326754dd85c2a27506fef6_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:c2fb5eb246becd8037834ee5a0e39f4e023767be59655771a545d9d7105e11cd_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:ee5529540a69ba43ea5c8fe703228242f1b36736cb3f99c4a0650cd9b6e91d29_arm64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
References
31 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Pipelines 1.16.0 has been released.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Pipelines is a cloud-native continuous integration and delivery (CI/CD) solution for building pipelines using Tekton. Tekton is a flexible, Kubernetes-native, open-source CI/CD framework which enables automating deployments across multiple platforms such as Kubernetes, Serverless, and VMs by abstracting away the underlying details.\n\nRed Hat OpenShift Pipelines consists of:\n\n- Tekton Operator 0.73.x\n- Tekton Pipelines 0.62.x\n- Tekton Triggers 0.29.x\n- Tekton tkn CLI 0.38.x\n- Tekton Chains 0.22.x (GA)\n- Pipelines-as-Code 0.28.x (GA)\n- ClusterTasks based on Tekton Catalog\n- Tekton Hub 1.18.x (TP)\n- Tekton Result 0.11.x (TP)\n- Manual-Approval-Gate 0.3.x (TP)\n\n## Features\n\n- Standard CI/CD pipelines definition\n\n- Easy to extend and integrate with existing tools\n\n- Portable across any Kubernetes platform\n\n- Designed for microservices and decentralized teams\n\n- Integrated with OpenShift Developer Console\n\n- Build images with Kubernetes tools such as S2I, Buildah, Buildpacks, Kaniko, etc.\n\n- Deploy applications to multiple platforms such as Kubernetes, Serverless, and VMs\n\n- Scale pipelines on-demand\n\n- Enhance supply chain security with Tekton Chains (Technology Preview)\n\n- Install and deploy Tekton Hub (Technology Preview) with custom catalog on enterprise cluster\n\n- Maintain pipelines definitions as parts of an application repository with Pipelines-as-Code (PAC) (General Availability)\n\nFor more information, see the Release Notes on any one of the following platforms:\n\n- Customer Portal: https://access.redhat.com/documentation/en-us/red_hat_openshift_pipelines/1.14/html/about_openshift_pipelines/op-release-notes#op-release-notes-1-14_op-release-notes\n\n- OpenShift documentation: https://docs.openshift.com/pipelines/1.14/about/op-release-notes.html#op-release-notes-1-14_op-release-notes",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHEA-2024:7870",
"url": "https://access.redhat.com/errata/RHEA-2024:7870"
},
{
"category": "external",
"summary": "https://docs.openshift.com/container-platform/4.14/cicd/pipelines/understanding-openshift-pipelines.html",
"url": "https://docs.openshift.com/container-platform/4.14/cicd/pipelines/understanding-openshift-pipelines.html"
},
{
"category": "external",
"summary": "SRVKP-3933",
"url": "https://issues.redhat.com/browse/SRVKP-3933"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhea-2024_7870.json"
}
],
"title": "Red Hat Enhancement Advisory: Red Hat OpenShift Pipelines Operator Bundle 1.16.0 release",
"tracking": {
"current_release_date": "2026-06-02T17:36:52+00:00",
"generator": {
"date": "2026-06-02T17:36:52+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHEA-2024:7870",
"initial_release_date": "2024-10-09T14:44:53+00:00",
"revision_history": [
{
"date": "2024-10-09T14:44:53+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-10-09T14:44:53+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-02T17:36:52+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenShift Pipelines version 1.16 for RHEL 8",
"product": {
"name": "OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_pipelines:1.16::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Pipelines"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:6b3e1fb2d534596e811290912f44adc7e802f0b9221fdf99c040804741be51f4_s390x",
"product": {
"name": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:6b3e1fb2d534596e811290912f44adc7e802f0b9221fdf99c040804741be51f4_s390x",
"product_id": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:6b3e1fb2d534596e811290912f44adc7e802f0b9221fdf99c040804741be51f4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-chains-controller-rhel8@sha256:6b3e1fb2d534596e811290912f44adc7e802f0b9221fdf99c040804741be51f4?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8\u0026tag=v1.16.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:d740f317b2fd15a7fdb8b5461bc3ee13d8eed50c29536fe4217b89340103f07f_s390x",
"product": {
"name": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:d740f317b2fd15a7fdb8b5461bc3ee13d8eed50c29536fe4217b89340103f07f_s390x",
"product_id": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:d740f317b2fd15a7fdb8b5461bc3ee13d8eed50c29536fe4217b89340103f07f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-cli-tkn-rhel8@sha256:d740f317b2fd15a7fdb8b5461bc3ee13d8eed50c29536fe4217b89340103f07f?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel8\u0026tag=v1.16.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-console-plugin-rhel8@sha256:458ff95d3645b3904d6ff93b5a2da1759a27e9d0d775c8adf598ab6886eba175_s390x",
"product": {
"name": "openshift-pipelines/pipelines-console-plugin-rhel8@sha256:458ff95d3645b3904d6ff93b5a2da1759a27e9d0d775c8adf598ab6886eba175_s390x",
"product_id": "openshift-pipelines/pipelines-console-plugin-rhel8@sha256:458ff95d3645b3904d6ff93b5a2da1759a27e9d0d775c8adf598ab6886eba175_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-console-plugin-rhel8@sha256:458ff95d3645b3904d6ff93b5a2da1759a27e9d0d775c8adf598ab6886eba175?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8\u0026tag=v1.16.0-52"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-controller-rhel8@sha256:5da6397f22e3ebd8a8d363f39d8cba2fdf15b13a2f8955488ac2b047a2ee3b90_s390x",
"product": {
"name": "openshift-pipelines/pipelines-controller-rhel8@sha256:5da6397f22e3ebd8a8d363f39d8cba2fdf15b13a2f8955488ac2b047a2ee3b90_s390x",
"product_id": "openshift-pipelines/pipelines-controller-rhel8@sha256:5da6397f22e3ebd8a8d363f39d8cba2fdf15b13a2f8955488ac2b047a2ee3b90_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-controller-rhel8@sha256:5da6397f22e3ebd8a8d363f39d8cba2fdf15b13a2f8955488ac2b047a2ee3b90?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8\u0026tag=v1.16.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:c77bfce0abaac800970937b5348cf16b631a101f6e96c743d5782f6b420d191a_s390x",
"product": {
"name": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:c77bfce0abaac800970937b5348cf16b631a101f6e96c743d5782f6b420d191a_s390x",
"product_id": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:c77bfce0abaac800970937b5348cf16b631a101f6e96c743d5782f6b420d191a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-entrypoint-rhel8@sha256:c77bfce0abaac800970937b5348cf16b631a101f6e96c743d5782f6b420d191a?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8\u0026tag=v1.16.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-events-rhel8@sha256:3dd3c388b1acf33c0d651b32bc0510395926e5e5444f6c3fd2e72c4ac00cb64d_s390x",
"product": {
"name": "openshift-pipelines/pipelines-events-rhel8@sha256:3dd3c388b1acf33c0d651b32bc0510395926e5e5444f6c3fd2e72c4ac00cb64d_s390x",
"product_id": "openshift-pipelines/pipelines-events-rhel8@sha256:3dd3c388b1acf33c0d651b32bc0510395926e5e5444f6c3fd2e72c4ac00cb64d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-events-rhel8@sha256:3dd3c388b1acf33c0d651b32bc0510395926e5e5444f6c3fd2e72c4ac00cb64d?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-events-rhel8\u0026tag=v1.16.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-git-init-rhel8@sha256:4f8fe30627b138387849db8b9e027c6600b4d8e8a9fb60898dd087ac04a3fd10_s390x",
"product": {
"name": "openshift-pipelines/pipelines-git-init-rhel8@sha256:4f8fe30627b138387849db8b9e027c6600b4d8e8a9fb60898dd087ac04a3fd10_s390x",
"product_id": "openshift-pipelines/pipelines-git-init-rhel8@sha256:4f8fe30627b138387849db8b9e027c6600b4d8e8a9fb60898dd087ac04a3fd10_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-git-init-rhel8@sha256:4f8fe30627b138387849db8b9e027c6600b4d8e8a9fb60898dd087ac04a3fd10?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8\u0026tag=v1.16.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:dd34a7c660015f0b0e85cf29bf768b873c8ffd10b4f30551dd4b761d6e2f93b6_s390x",
"product": {
"name": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:dd34a7c660015f0b0e85cf29bf768b873c8ffd10b4f30551dd4b761d6e2f93b6_s390x",
"product_id": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:dd34a7c660015f0b0e85cf29bf768b873c8ffd10b4f30551dd4b761d6e2f93b6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-api-rhel8@sha256:dd34a7c660015f0b0e85cf29bf768b873c8ffd10b4f30551dd4b761d6e2f93b6?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8\u0026tag=v1.16.0-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:b694393f429516351f376b8083d292f47ed203c147d6c80d2368543c95ea8169_s390x",
"product": {
"name": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:b694393f429516351f376b8083d292f47ed203c147d6c80d2368543c95ea8169_s390x",
"product_id": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:b694393f429516351f376b8083d292f47ed203c147d6c80d2368543c95ea8169_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-db-migration-rhel8@sha256:b694393f429516351f376b8083d292f47ed203c147d6c80d2368543c95ea8169?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8\u0026tag=v1.16.0-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:2bbbef20cf7cd9e25fdf2c85f8ee0d85456ecea9f6fe63e316e82d6aa458fd65_s390x",
"product": {
"name": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:2bbbef20cf7cd9e25fdf2c85f8ee0d85456ecea9f6fe63e316e82d6aa458fd65_s390x",
"product_id": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:2bbbef20cf7cd9e25fdf2c85f8ee0d85456ecea9f6fe63e316e82d6aa458fd65_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-ui-rhel8@sha256:2bbbef20cf7cd9e25fdf2c85f8ee0d85456ecea9f6fe63e316e82d6aa458fd65?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8\u0026tag=v1.16.0-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:e1d319b4eba5225519607ad30ee4dd56756ab5e76c403f1dcc8b98b0ab6cb416_s390x",
"product": {
"name": "openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:e1d319b4eba5225519607ad30ee4dd56756ab5e76c403f1dcc8b98b0ab6cb416_s390x",
"product_id": "openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:e1d319b4eba5225519607ad30ee4dd56756ab5e76c403f1dcc8b98b0ab6cb416_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-manual-approval-gate-rhel8@sha256:e1d319b4eba5225519607ad30ee4dd56756ab5e76c403f1dcc8b98b0ab6cb416?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-rhel8\u0026tag=v1.16.0-2"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-nop-rhel8@sha256:8700e66a3fcd395fe9b7a6e1171568356edcc022d9ff721f995f40a78f320ca8_s390x",
"product": {
"name": "openshift-pipelines/pipelines-nop-rhel8@sha256:8700e66a3fcd395fe9b7a6e1171568356edcc022d9ff721f995f40a78f320ca8_s390x",
"product_id": "openshift-pipelines/pipelines-nop-rhel8@sha256:8700e66a3fcd395fe9b7a6e1171568356edcc022d9ff721f995f40a78f320ca8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-nop-rhel8@sha256:8700e66a3fcd395fe9b7a6e1171568356edcc022d9ff721f995f40a78f320ca8?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8\u0026tag=v1.16.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-operator-bundle@sha256:9db5800892c9c9d70a73ed369832711be57d34fb9deb801537d50df9bf1741d0_s390x",
"product": {
"name": "openshift-pipelines/pipelines-operator-bundle@sha256:9db5800892c9c9d70a73ed369832711be57d34fb9deb801537d50df9bf1741d0_s390x",
"product_id": "openshift-pipelines/pipelines-operator-bundle@sha256:9db5800892c9c9d70a73ed369832711be57d34fb9deb801537d50df9bf1741d0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-operator-bundle@sha256:9db5800892c9c9d70a73ed369832711be57d34fb9deb801537d50df9bf1741d0?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-operator-bundle\u0026tag=v1.16.0-42"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:d01bf0b31ad411e386a095817cd4b903613bfd2325040e91b92021b30be64c75_s390x",
"product": {
"name": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:d01bf0b31ad411e386a095817cd4b903613bfd2325040e91b92021b30be64c75_s390x",
"product_id": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:d01bf0b31ad411e386a095817cd4b903613bfd2325040e91b92021b30be64c75_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-operator-proxy-rhel8@sha256:d01bf0b31ad411e386a095817cd4b903613bfd2325040e91b92021b30be64c75?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-operator-proxy-rhel8\u0026tag=v1.16.0-28"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:14ebd0e2b72184fd3cd064d464a66ff63dde432e4ec3297ab159ee46aa566da1_s390x",
"product": {
"name": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:14ebd0e2b72184fd3cd064d464a66ff63dde432e4ec3297ab159ee46aa566da1_s390x",
"product_id": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:14ebd0e2b72184fd3cd064d464a66ff63dde432e4ec3297ab159ee46aa566da1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-operator-webhook-rhel8@sha256:14ebd0e2b72184fd3cd064d464a66ff63dde432e4ec3297ab159ee46aa566da1?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-operator-webhook-rhel8\u0026tag=v1.16.0-28"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:29f6ea3c582bb0a38e00988b1dcfff1a11697f2975454761812de03074855a77_s390x",
"product": {
"name": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:29f6ea3c582bb0a38e00988b1dcfff1a11697f2975454761812de03074855a77_s390x",
"product_id": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:29f6ea3c582bb0a38e00988b1dcfff1a11697f2975454761812de03074855a77_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-pipelines-as-code-rhel8@sha256:29f6ea3c582bb0a38e00988b1dcfff1a11697f2975454761812de03074855a77?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-rhel8\u0026tag=v1.16.0-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:832dc5f1fb97dcdd6b4d4734a3bdc922292807d555ea3c46b551440b82b3b024_s390x",
"product": {
"name": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:832dc5f1fb97dcdd6b4d4734a3bdc922292807d555ea3c46b551440b82b3b024_s390x",
"product_id": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:832dc5f1fb97dcdd6b4d4734a3bdc922292807d555ea3c46b551440b82b3b024_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-resolvers-rhel8@sha256:832dc5f1fb97dcdd6b4d4734a3bdc922292807d555ea3c46b551440b82b3b024?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8\u0026tag=v1.16.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-results-api-rhel8@sha256:035e9b78ad832f30f15d9b75f7ae2faf220fe7d54b0cafcb184e242f77148a7b_s390x",
"product": {
"name": "openshift-pipelines/pipelines-results-api-rhel8@sha256:035e9b78ad832f30f15d9b75f7ae2faf220fe7d54b0cafcb184e242f77148a7b_s390x",
"product_id": "openshift-pipelines/pipelines-results-api-rhel8@sha256:035e9b78ad832f30f15d9b75f7ae2faf220fe7d54b0cafcb184e242f77148a7b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-results-api-rhel8@sha256:035e9b78ad832f30f15d9b75f7ae2faf220fe7d54b0cafcb184e242f77148a7b?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8\u0026tag=v1.16.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:4358bd5264994f7e2fefce583da0714fb9d4fb085eb1ab51b8309f0d94b9f153_s390x",
"product": {
"name": "openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:4358bd5264994f7e2fefce583da0714fb9d4fb085eb1ab51b8309f0d94b9f153_s390x",
"product_id": "openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:4358bd5264994f7e2fefce583da0714fb9d4fb085eb1ab51b8309f0d94b9f153_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-results-retention-policy-agent-rhel8@sha256:4358bd5264994f7e2fefce583da0714fb9d4fb085eb1ab51b8309f0d94b9f153?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-results-retention-policy-agent-rhel8\u0026tag=v1.16.0-4"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:6966da8cb3686cd191d60224d93f74b5dfcfba4ccb398e5801614dd7d36f9c58_s390x",
"product": {
"name": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:6966da8cb3686cd191d60224d93f74b5dfcfba4ccb398e5801614dd7d36f9c58_s390x",
"product_id": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:6966da8cb3686cd191d60224d93f74b5dfcfba4ccb398e5801614dd7d36f9c58_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-results-watcher-rhel8@sha256:6966da8cb3686cd191d60224d93f74b5dfcfba4ccb398e5801614dd7d36f9c58?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8\u0026tag=v1.16.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-rhel8-operator@sha256:bfe8d2e997c20941c14a88bc7b9ed630bbbfd639f094c651e63726dbfe432d53_s390x",
"product": {
"name": "openshift-pipelines/pipelines-rhel8-operator@sha256:bfe8d2e997c20941c14a88bc7b9ed630bbbfd639f094c651e63726dbfe432d53_s390x",
"product_id": "openshift-pipelines/pipelines-rhel8-operator@sha256:bfe8d2e997c20941c14a88bc7b9ed630bbbfd639f094c651e63726dbfe432d53_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-rhel8-operator@sha256:bfe8d2e997c20941c14a88bc7b9ed630bbbfd639f094c651e63726dbfe432d53?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-rhel8-operator\u0026tag=v1.16.0-28"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:17ae245d343ebf0387352486690a78d351e66c9c4927f4b652173d70f6edf879_s390x",
"product": {
"name": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:17ae245d343ebf0387352486690a78d351e66c9c4927f4b652173d70f6edf879_s390x",
"product_id": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:17ae245d343ebf0387352486690a78d351e66c9c4927f4b652173d70f6edf879_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-serve-tkn-cli-rhel8@sha256:17ae245d343ebf0387352486690a78d351e66c9c4927f4b652173d70f6edf879?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-serve-tkn-cli-rhel8\u0026tag=v1.16.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:1b59e9e1281f15ac2c571b4b3accd841864161f23afb493cb8fee427b5e2a04f_s390x",
"product": {
"name": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:1b59e9e1281f15ac2c571b4b3accd841864161f23afb493cb8fee427b5e2a04f_s390x",
"product_id": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:1b59e9e1281f15ac2c571b4b3accd841864161f23afb493cb8fee427b5e2a04f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-controller-rhel8@sha256:1b59e9e1281f15ac2c571b4b3accd841864161f23afb493cb8fee427b5e2a04f?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8\u0026tag=v1.16.0-4"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:27913ab5c9182e3345ddd4b2515fb80b94748d8b36b4902bdef0efd840e14604_s390x",
"product": {
"name": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:27913ab5c9182e3345ddd4b2515fb80b94748d8b36b4902bdef0efd840e14604_s390x",
"product_id": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:27913ab5c9182e3345ddd4b2515fb80b94748d8b36b4902bdef0efd840e14604_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-core-interceptors-rhel8@sha256:27913ab5c9182e3345ddd4b2515fb80b94748d8b36b4902bdef0efd840e14604?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8\u0026tag=v1.16.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:b9a1f7c7625bfbf00137ad61d9995f3530fc8a513558370b4b7a3e37b22fc9c0_s390x",
"product": {
"name": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:b9a1f7c7625bfbf00137ad61d9995f3530fc8a513558370b4b7a3e37b22fc9c0_s390x",
"product_id": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:b9a1f7c7625bfbf00137ad61d9995f3530fc8a513558370b4b7a3e37b22fc9c0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-eventlistenersink-rhel8@sha256:b9a1f7c7625bfbf00137ad61d9995f3530fc8a513558370b4b7a3e37b22fc9c0?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8\u0026tag=v1.16.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:38d1eb001acb51af95e7f4a1878ae55818b1b9863a94c8e4b03e88ea4db2c5a0_s390x",
"product": {
"name": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:38d1eb001acb51af95e7f4a1878ae55818b1b9863a94c8e4b03e88ea4db2c5a0_s390x",
"product_id": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:38d1eb001acb51af95e7f4a1878ae55818b1b9863a94c8e4b03e88ea4db2c5a0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-webhook-rhel8@sha256:38d1eb001acb51af95e7f4a1878ae55818b1b9863a94c8e4b03e88ea4db2c5a0?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8\u0026tag=v1.16.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-webhook-rhel8@sha256:8eae4223d0f3f5439f3e0618eff6110eef4e4eb2f61df47c09ef2e4979086658_s390x",
"product": {
"name": "openshift-pipelines/pipelines-webhook-rhel8@sha256:8eae4223d0f3f5439f3e0618eff6110eef4e4eb2f61df47c09ef2e4979086658_s390x",
"product_id": "openshift-pipelines/pipelines-webhook-rhel8@sha256:8eae4223d0f3f5439f3e0618eff6110eef4e4eb2f61df47c09ef2e4979086658_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-webhook-rhel8@sha256:8eae4223d0f3f5439f3e0618eff6110eef4e4eb2f61df47c09ef2e4979086658?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8\u0026tag=v1.16.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:9bebc321f3a61a497f1e7b7543a49f5a679fec7c98326754dd85c2a27506fef6_s390x",
"product": {
"name": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:9bebc321f3a61a497f1e7b7543a49f5a679fec7c98326754dd85c2a27506fef6_s390x",
"product_id": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:9bebc321f3a61a497f1e7b7543a49f5a679fec7c98326754dd85c2a27506fef6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-workingdirinit-rhel8@sha256:9bebc321f3a61a497f1e7b7543a49f5a679fec7c98326754dd85c2a27506fef6?arch=s390x\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8\u0026tag=v1.16.0-7"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:97f4b5fe34f39729a6e5b0dae6992788e707e400bf5e0c7f6ef9e0a1751ffd81_amd64",
"product": {
"name": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:97f4b5fe34f39729a6e5b0dae6992788e707e400bf5e0c7f6ef9e0a1751ffd81_amd64",
"product_id": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:97f4b5fe34f39729a6e5b0dae6992788e707e400bf5e0c7f6ef9e0a1751ffd81_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-chains-controller-rhel8@sha256:97f4b5fe34f39729a6e5b0dae6992788e707e400bf5e0c7f6ef9e0a1751ffd81?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8\u0026tag=v1.16.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:5fcd0a7266ebb30fcb6522de7d46185f3c4effcf7aed2bdff9133180d8092e81_amd64",
"product": {
"name": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:5fcd0a7266ebb30fcb6522de7d46185f3c4effcf7aed2bdff9133180d8092e81_amd64",
"product_id": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:5fcd0a7266ebb30fcb6522de7d46185f3c4effcf7aed2bdff9133180d8092e81_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-cli-tkn-rhel8@sha256:5fcd0a7266ebb30fcb6522de7d46185f3c4effcf7aed2bdff9133180d8092e81?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel8\u0026tag=v1.16.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-console-plugin-rhel8@sha256:6730b6c5d63b9fbd7e10150fcc5e62c0145320a949f0dda56ae0864561651729_amd64",
"product": {
"name": "openshift-pipelines/pipelines-console-plugin-rhel8@sha256:6730b6c5d63b9fbd7e10150fcc5e62c0145320a949f0dda56ae0864561651729_amd64",
"product_id": "openshift-pipelines/pipelines-console-plugin-rhel8@sha256:6730b6c5d63b9fbd7e10150fcc5e62c0145320a949f0dda56ae0864561651729_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-console-plugin-rhel8@sha256:6730b6c5d63b9fbd7e10150fcc5e62c0145320a949f0dda56ae0864561651729?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8\u0026tag=v1.16.0-52"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-controller-rhel8@sha256:a1e781866d3c356f38e89a3937d6b96a3c15b7b880f1a5c35fe7e106f81213fe_amd64",
"product": {
"name": "openshift-pipelines/pipelines-controller-rhel8@sha256:a1e781866d3c356f38e89a3937d6b96a3c15b7b880f1a5c35fe7e106f81213fe_amd64",
"product_id": "openshift-pipelines/pipelines-controller-rhel8@sha256:a1e781866d3c356f38e89a3937d6b96a3c15b7b880f1a5c35fe7e106f81213fe_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-controller-rhel8@sha256:a1e781866d3c356f38e89a3937d6b96a3c15b7b880f1a5c35fe7e106f81213fe?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8\u0026tag=v1.16.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:60c70453cdda43c61fe75aac3e95ffde9b1c8cc06dae9749017020586dc334ef_amd64",
"product": {
"name": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:60c70453cdda43c61fe75aac3e95ffde9b1c8cc06dae9749017020586dc334ef_amd64",
"product_id": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:60c70453cdda43c61fe75aac3e95ffde9b1c8cc06dae9749017020586dc334ef_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-entrypoint-rhel8@sha256:60c70453cdda43c61fe75aac3e95ffde9b1c8cc06dae9749017020586dc334ef?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8\u0026tag=v1.16.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-events-rhel8@sha256:81994abd500fe05fa9ebc1bb6ccfde573ca1e2acafa3a943f31dc2a5dc5599fd_amd64",
"product": {
"name": "openshift-pipelines/pipelines-events-rhel8@sha256:81994abd500fe05fa9ebc1bb6ccfde573ca1e2acafa3a943f31dc2a5dc5599fd_amd64",
"product_id": "openshift-pipelines/pipelines-events-rhel8@sha256:81994abd500fe05fa9ebc1bb6ccfde573ca1e2acafa3a943f31dc2a5dc5599fd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-events-rhel8@sha256:81994abd500fe05fa9ebc1bb6ccfde573ca1e2acafa3a943f31dc2a5dc5599fd?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-events-rhel8\u0026tag=v1.16.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-git-init-rhel8@sha256:d1ef4d43c288a2e2be270932d8bee2ebabe08d1c05eaedf408e8d3f08bc37d3d_amd64",
"product": {
"name": "openshift-pipelines/pipelines-git-init-rhel8@sha256:d1ef4d43c288a2e2be270932d8bee2ebabe08d1c05eaedf408e8d3f08bc37d3d_amd64",
"product_id": "openshift-pipelines/pipelines-git-init-rhel8@sha256:d1ef4d43c288a2e2be270932d8bee2ebabe08d1c05eaedf408e8d3f08bc37d3d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-git-init-rhel8@sha256:d1ef4d43c288a2e2be270932d8bee2ebabe08d1c05eaedf408e8d3f08bc37d3d?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8\u0026tag=v1.16.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:38df2ee7b5531f7d2539a9b43cb4dee79c9afc3c47a9acd7a53352381bc77e0c_amd64",
"product": {
"name": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:38df2ee7b5531f7d2539a9b43cb4dee79c9afc3c47a9acd7a53352381bc77e0c_amd64",
"product_id": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:38df2ee7b5531f7d2539a9b43cb4dee79c9afc3c47a9acd7a53352381bc77e0c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-api-rhel8@sha256:38df2ee7b5531f7d2539a9b43cb4dee79c9afc3c47a9acd7a53352381bc77e0c?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8\u0026tag=v1.16.0-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4fa64c0356d5de6ba506f6e5fe0af5112a071407f7882a4b69624d77e20014f5_amd64",
"product": {
"name": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4fa64c0356d5de6ba506f6e5fe0af5112a071407f7882a4b69624d77e20014f5_amd64",
"product_id": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4fa64c0356d5de6ba506f6e5fe0af5112a071407f7882a4b69624d77e20014f5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-db-migration-rhel8@sha256:4fa64c0356d5de6ba506f6e5fe0af5112a071407f7882a4b69624d77e20014f5?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8\u0026tag=v1.16.0-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:99d598d0da818321501ab77ffd36dfb56af3ce815cd16c99bfe66fcc6be2bac6_amd64",
"product": {
"name": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:99d598d0da818321501ab77ffd36dfb56af3ce815cd16c99bfe66fcc6be2bac6_amd64",
"product_id": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:99d598d0da818321501ab77ffd36dfb56af3ce815cd16c99bfe66fcc6be2bac6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-ui-rhel8@sha256:99d598d0da818321501ab77ffd36dfb56af3ce815cd16c99bfe66fcc6be2bac6?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8\u0026tag=v1.16.0-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:b9be5c3803e158f1fc6f9c2ddc0a1dc23a9d58a44ba9a3d70c869482af3f339a_amd64",
"product": {
"name": "openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:b9be5c3803e158f1fc6f9c2ddc0a1dc23a9d58a44ba9a3d70c869482af3f339a_amd64",
"product_id": "openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:b9be5c3803e158f1fc6f9c2ddc0a1dc23a9d58a44ba9a3d70c869482af3f339a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-manual-approval-gate-rhel8@sha256:b9be5c3803e158f1fc6f9c2ddc0a1dc23a9d58a44ba9a3d70c869482af3f339a?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-rhel8\u0026tag=v1.16.0-2"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-nop-rhel8@sha256:5e5f0d91736d097226d32257d77e8efeffb52e6e0616c52d93ac066d7fbe3b03_amd64",
"product": {
"name": "openshift-pipelines/pipelines-nop-rhel8@sha256:5e5f0d91736d097226d32257d77e8efeffb52e6e0616c52d93ac066d7fbe3b03_amd64",
"product_id": "openshift-pipelines/pipelines-nop-rhel8@sha256:5e5f0d91736d097226d32257d77e8efeffb52e6e0616c52d93ac066d7fbe3b03_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-nop-rhel8@sha256:5e5f0d91736d097226d32257d77e8efeffb52e6e0616c52d93ac066d7fbe3b03?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8\u0026tag=v1.16.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-operator-bundle@sha256:a46b7990c0ad07dae78f43334c9bd5e6cba7b50ca60d3f880099b71e77bed214_amd64",
"product": {
"name": "openshift-pipelines/pipelines-operator-bundle@sha256:a46b7990c0ad07dae78f43334c9bd5e6cba7b50ca60d3f880099b71e77bed214_amd64",
"product_id": "openshift-pipelines/pipelines-operator-bundle@sha256:a46b7990c0ad07dae78f43334c9bd5e6cba7b50ca60d3f880099b71e77bed214_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-operator-bundle@sha256:a46b7990c0ad07dae78f43334c9bd5e6cba7b50ca60d3f880099b71e77bed214?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-operator-bundle\u0026tag=v1.16.0-42"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:6b79cc81807a4ba2eb1170d4c4341d4b3ec92b4e94c5de9837596bb082cc5628_amd64",
"product": {
"name": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:6b79cc81807a4ba2eb1170d4c4341d4b3ec92b4e94c5de9837596bb082cc5628_amd64",
"product_id": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:6b79cc81807a4ba2eb1170d4c4341d4b3ec92b4e94c5de9837596bb082cc5628_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-operator-proxy-rhel8@sha256:6b79cc81807a4ba2eb1170d4c4341d4b3ec92b4e94c5de9837596bb082cc5628?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-operator-proxy-rhel8\u0026tag=v1.16.0-28"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:53ee7c53f046aeec9dc6250b776b5655758fe9d7b8028c43e36de2b82c7db4a5_amd64",
"product": {
"name": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:53ee7c53f046aeec9dc6250b776b5655758fe9d7b8028c43e36de2b82c7db4a5_amd64",
"product_id": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:53ee7c53f046aeec9dc6250b776b5655758fe9d7b8028c43e36de2b82c7db4a5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-operator-webhook-rhel8@sha256:53ee7c53f046aeec9dc6250b776b5655758fe9d7b8028c43e36de2b82c7db4a5?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-operator-webhook-rhel8\u0026tag=v1.16.0-28"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:9da79600ffaf0fb23cd1222f3fb6de88e7c4d245b6cafc60a2806b8c5db66ac8_amd64",
"product": {
"name": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:9da79600ffaf0fb23cd1222f3fb6de88e7c4d245b6cafc60a2806b8c5db66ac8_amd64",
"product_id": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:9da79600ffaf0fb23cd1222f3fb6de88e7c4d245b6cafc60a2806b8c5db66ac8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-pipelines-as-code-rhel8@sha256:9da79600ffaf0fb23cd1222f3fb6de88e7c4d245b6cafc60a2806b8c5db66ac8?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-rhel8\u0026tag=v1.16.0-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:6ab6080fe409b7a365d73923e4d5f3ec3e98a5a20dd7497be1d8dae78fec1532_amd64",
"product": {
"name": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:6ab6080fe409b7a365d73923e4d5f3ec3e98a5a20dd7497be1d8dae78fec1532_amd64",
"product_id": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:6ab6080fe409b7a365d73923e4d5f3ec3e98a5a20dd7497be1d8dae78fec1532_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-resolvers-rhel8@sha256:6ab6080fe409b7a365d73923e4d5f3ec3e98a5a20dd7497be1d8dae78fec1532?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8\u0026tag=v1.16.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-results-api-rhel8@sha256:074a8a5f28c8518daee6887b783046a0895ed65ddef29f1332f66598011695c1_amd64",
"product": {
"name": "openshift-pipelines/pipelines-results-api-rhel8@sha256:074a8a5f28c8518daee6887b783046a0895ed65ddef29f1332f66598011695c1_amd64",
"product_id": "openshift-pipelines/pipelines-results-api-rhel8@sha256:074a8a5f28c8518daee6887b783046a0895ed65ddef29f1332f66598011695c1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-results-api-rhel8@sha256:074a8a5f28c8518daee6887b783046a0895ed65ddef29f1332f66598011695c1?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8\u0026tag=v1.16.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:de6ec17ca6e1e523a0def395050a67592748b152af19ce957ffa992fd872124d_amd64",
"product": {
"name": "openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:de6ec17ca6e1e523a0def395050a67592748b152af19ce957ffa992fd872124d_amd64",
"product_id": "openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:de6ec17ca6e1e523a0def395050a67592748b152af19ce957ffa992fd872124d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-results-retention-policy-agent-rhel8@sha256:de6ec17ca6e1e523a0def395050a67592748b152af19ce957ffa992fd872124d?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-results-retention-policy-agent-rhel8\u0026tag=v1.16.0-4"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:f7716e6bc3ce510d9c59818b189127b746ee9756c47e84b0005af0142c733279_amd64",
"product": {
"name": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:f7716e6bc3ce510d9c59818b189127b746ee9756c47e84b0005af0142c733279_amd64",
"product_id": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:f7716e6bc3ce510d9c59818b189127b746ee9756c47e84b0005af0142c733279_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-results-watcher-rhel8@sha256:f7716e6bc3ce510d9c59818b189127b746ee9756c47e84b0005af0142c733279?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8\u0026tag=v1.16.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-rhel8-operator@sha256:d477979961e8bc28199454312d5147eb837fb17a193d3ea3f356fc6eb1881fa6_amd64",
"product": {
"name": "openshift-pipelines/pipelines-rhel8-operator@sha256:d477979961e8bc28199454312d5147eb837fb17a193d3ea3f356fc6eb1881fa6_amd64",
"product_id": "openshift-pipelines/pipelines-rhel8-operator@sha256:d477979961e8bc28199454312d5147eb837fb17a193d3ea3f356fc6eb1881fa6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-rhel8-operator@sha256:d477979961e8bc28199454312d5147eb837fb17a193d3ea3f356fc6eb1881fa6?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-rhel8-operator\u0026tag=v1.16.0-28"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:d0923360f8d0b918fe45fd89a0bccfb5066daa40a898aee8e5848cbfbab3a168_amd64",
"product": {
"name": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:d0923360f8d0b918fe45fd89a0bccfb5066daa40a898aee8e5848cbfbab3a168_amd64",
"product_id": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:d0923360f8d0b918fe45fd89a0bccfb5066daa40a898aee8e5848cbfbab3a168_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-serve-tkn-cli-rhel8@sha256:d0923360f8d0b918fe45fd89a0bccfb5066daa40a898aee8e5848cbfbab3a168?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-serve-tkn-cli-rhel8\u0026tag=v1.16.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f9fa2c6058da4836d92fea2405296de1ed900179a60fd07ed14b9ae1705fdea_amd64",
"product": {
"name": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f9fa2c6058da4836d92fea2405296de1ed900179a60fd07ed14b9ae1705fdea_amd64",
"product_id": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f9fa2c6058da4836d92fea2405296de1ed900179a60fd07ed14b9ae1705fdea_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-controller-rhel8@sha256:3f9fa2c6058da4836d92fea2405296de1ed900179a60fd07ed14b9ae1705fdea?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8\u0026tag=v1.16.0-4"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:1629e75e8d18e5af47c71f6d156496a0ea9addeb476de6e79deb8ace47281e22_amd64",
"product": {
"name": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:1629e75e8d18e5af47c71f6d156496a0ea9addeb476de6e79deb8ace47281e22_amd64",
"product_id": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:1629e75e8d18e5af47c71f6d156496a0ea9addeb476de6e79deb8ace47281e22_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-core-interceptors-rhel8@sha256:1629e75e8d18e5af47c71f6d156496a0ea9addeb476de6e79deb8ace47281e22?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8\u0026tag=v1.16.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:c677f6574fd701f9dfce7cd73e939525a4c62c92868323f7876296865ff1ebe2_amd64",
"product": {
"name": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:c677f6574fd701f9dfce7cd73e939525a4c62c92868323f7876296865ff1ebe2_amd64",
"product_id": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:c677f6574fd701f9dfce7cd73e939525a4c62c92868323f7876296865ff1ebe2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-eventlistenersink-rhel8@sha256:c677f6574fd701f9dfce7cd73e939525a4c62c92868323f7876296865ff1ebe2?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8\u0026tag=v1.16.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54b01953ef2fe569136c577c4387eb405d246c452c35130063e810995ca1ff2f_amd64",
"product": {
"name": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54b01953ef2fe569136c577c4387eb405d246c452c35130063e810995ca1ff2f_amd64",
"product_id": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54b01953ef2fe569136c577c4387eb405d246c452c35130063e810995ca1ff2f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-webhook-rhel8@sha256:54b01953ef2fe569136c577c4387eb405d246c452c35130063e810995ca1ff2f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8\u0026tag=v1.16.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-webhook-rhel8@sha256:7f49ad936046118702cef20ae073ede28c5ba8578f90cd70804942bd5c211c03_amd64",
"product": {
"name": "openshift-pipelines/pipelines-webhook-rhel8@sha256:7f49ad936046118702cef20ae073ede28c5ba8578f90cd70804942bd5c211c03_amd64",
"product_id": "openshift-pipelines/pipelines-webhook-rhel8@sha256:7f49ad936046118702cef20ae073ede28c5ba8578f90cd70804942bd5c211c03_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-webhook-rhel8@sha256:7f49ad936046118702cef20ae073ede28c5ba8578f90cd70804942bd5c211c03?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8\u0026tag=v1.16.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:c2fb5eb246becd8037834ee5a0e39f4e023767be59655771a545d9d7105e11cd_amd64",
"product": {
"name": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:c2fb5eb246becd8037834ee5a0e39f4e023767be59655771a545d9d7105e11cd_amd64",
"product_id": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:c2fb5eb246becd8037834ee5a0e39f4e023767be59655771a545d9d7105e11cd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-workingdirinit-rhel8@sha256:c2fb5eb246becd8037834ee5a0e39f4e023767be59655771a545d9d7105e11cd?arch=amd64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8\u0026tag=v1.16.0-7"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:abb7268ee2ce62b94b4dba0fc65207bcc7ac64338b10d15ccc57a0b077c56d5e_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:abb7268ee2ce62b94b4dba0fc65207bcc7ac64338b10d15ccc57a0b077c56d5e_ppc64le",
"product_id": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:abb7268ee2ce62b94b4dba0fc65207bcc7ac64338b10d15ccc57a0b077c56d5e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-chains-controller-rhel8@sha256:abb7268ee2ce62b94b4dba0fc65207bcc7ac64338b10d15ccc57a0b077c56d5e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8\u0026tag=v1.16.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:a9308b73e38d1784e7e0e85530494811a3a936581b0b15406a831cbca6b51d4d_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:a9308b73e38d1784e7e0e85530494811a3a936581b0b15406a831cbca6b51d4d_ppc64le",
"product_id": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:a9308b73e38d1784e7e0e85530494811a3a936581b0b15406a831cbca6b51d4d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-cli-tkn-rhel8@sha256:a9308b73e38d1784e7e0e85530494811a3a936581b0b15406a831cbca6b51d4d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel8\u0026tag=v1.16.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-console-plugin-rhel8@sha256:ed1ecc41d06d040907ac59e0c39ddd6429770cba6628fb532228f3b1b4b1233d_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-console-plugin-rhel8@sha256:ed1ecc41d06d040907ac59e0c39ddd6429770cba6628fb532228f3b1b4b1233d_ppc64le",
"product_id": "openshift-pipelines/pipelines-console-plugin-rhel8@sha256:ed1ecc41d06d040907ac59e0c39ddd6429770cba6628fb532228f3b1b4b1233d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-console-plugin-rhel8@sha256:ed1ecc41d06d040907ac59e0c39ddd6429770cba6628fb532228f3b1b4b1233d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8\u0026tag=v1.16.0-52"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-controller-rhel8@sha256:a0c347a5c888baedebaa32eecf9cf6f625fcf37ade2f42702ff6bbfb306e68f8_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-controller-rhel8@sha256:a0c347a5c888baedebaa32eecf9cf6f625fcf37ade2f42702ff6bbfb306e68f8_ppc64le",
"product_id": "openshift-pipelines/pipelines-controller-rhel8@sha256:a0c347a5c888baedebaa32eecf9cf6f625fcf37ade2f42702ff6bbfb306e68f8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-controller-rhel8@sha256:a0c347a5c888baedebaa32eecf9cf6f625fcf37ade2f42702ff6bbfb306e68f8?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8\u0026tag=v1.16.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:43dc6d413eab18ba5fa27c8acbbc437dbb21294b47be41cb4e77bfa49ee6776e_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:43dc6d413eab18ba5fa27c8acbbc437dbb21294b47be41cb4e77bfa49ee6776e_ppc64le",
"product_id": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:43dc6d413eab18ba5fa27c8acbbc437dbb21294b47be41cb4e77bfa49ee6776e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-entrypoint-rhel8@sha256:43dc6d413eab18ba5fa27c8acbbc437dbb21294b47be41cb4e77bfa49ee6776e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8\u0026tag=v1.16.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-events-rhel8@sha256:72d9112a32a3e0598883a679cd2937fee73dffd502ddb2e44350e7e6625175e7_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-events-rhel8@sha256:72d9112a32a3e0598883a679cd2937fee73dffd502ddb2e44350e7e6625175e7_ppc64le",
"product_id": "openshift-pipelines/pipelines-events-rhel8@sha256:72d9112a32a3e0598883a679cd2937fee73dffd502ddb2e44350e7e6625175e7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-events-rhel8@sha256:72d9112a32a3e0598883a679cd2937fee73dffd502ddb2e44350e7e6625175e7?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-events-rhel8\u0026tag=v1.16.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-git-init-rhel8@sha256:5fc0894cf8677cf0b4540dd45001085a1c6283666757196191311276ff1f52f7_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-git-init-rhel8@sha256:5fc0894cf8677cf0b4540dd45001085a1c6283666757196191311276ff1f52f7_ppc64le",
"product_id": "openshift-pipelines/pipelines-git-init-rhel8@sha256:5fc0894cf8677cf0b4540dd45001085a1c6283666757196191311276ff1f52f7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-git-init-rhel8@sha256:5fc0894cf8677cf0b4540dd45001085a1c6283666757196191311276ff1f52f7?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8\u0026tag=v1.16.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:bee7a94b145bb0ef379093ccfa0eb0305b849c38d3974a0e45a32f8df7e0ed25_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:bee7a94b145bb0ef379093ccfa0eb0305b849c38d3974a0e45a32f8df7e0ed25_ppc64le",
"product_id": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:bee7a94b145bb0ef379093ccfa0eb0305b849c38d3974a0e45a32f8df7e0ed25_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-api-rhel8@sha256:bee7a94b145bb0ef379093ccfa0eb0305b849c38d3974a0e45a32f8df7e0ed25?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8\u0026tag=v1.16.0-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:6827a3aaadf146c58909950974c674e8ada6b408ce5055d146ba9cc504a3d38a_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:6827a3aaadf146c58909950974c674e8ada6b408ce5055d146ba9cc504a3d38a_ppc64le",
"product_id": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:6827a3aaadf146c58909950974c674e8ada6b408ce5055d146ba9cc504a3d38a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-db-migration-rhel8@sha256:6827a3aaadf146c58909950974c674e8ada6b408ce5055d146ba9cc504a3d38a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8\u0026tag=v1.16.0-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:331d6aa12b6dbe31110d4df4167150dc113b5915be1ffbbd8b606070c487b5ad_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:331d6aa12b6dbe31110d4df4167150dc113b5915be1ffbbd8b606070c487b5ad_ppc64le",
"product_id": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:331d6aa12b6dbe31110d4df4167150dc113b5915be1ffbbd8b606070c487b5ad_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-ui-rhel8@sha256:331d6aa12b6dbe31110d4df4167150dc113b5915be1ffbbd8b606070c487b5ad?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8\u0026tag=v1.16.0-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:63abdb4c0068a84e59a3317ecff1357f022d2666e6471d2ebd54a877c528ea3a_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:63abdb4c0068a84e59a3317ecff1357f022d2666e6471d2ebd54a877c528ea3a_ppc64le",
"product_id": "openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:63abdb4c0068a84e59a3317ecff1357f022d2666e6471d2ebd54a877c528ea3a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-manual-approval-gate-rhel8@sha256:63abdb4c0068a84e59a3317ecff1357f022d2666e6471d2ebd54a877c528ea3a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-rhel8\u0026tag=v1.16.0-2"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-nop-rhel8@sha256:21fe3eae3fc1fe8c338d41746943152c972087c5bba0f8af1445af1d77ce27fb_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-nop-rhel8@sha256:21fe3eae3fc1fe8c338d41746943152c972087c5bba0f8af1445af1d77ce27fb_ppc64le",
"product_id": "openshift-pipelines/pipelines-nop-rhel8@sha256:21fe3eae3fc1fe8c338d41746943152c972087c5bba0f8af1445af1d77ce27fb_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-nop-rhel8@sha256:21fe3eae3fc1fe8c338d41746943152c972087c5bba0f8af1445af1d77ce27fb?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8\u0026tag=v1.16.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-operator-bundle@sha256:be660e120bdda9b702ba6367c75c6eefa6c89ae6adfd7bd703bda0778b5c1060_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-operator-bundle@sha256:be660e120bdda9b702ba6367c75c6eefa6c89ae6adfd7bd703bda0778b5c1060_ppc64le",
"product_id": "openshift-pipelines/pipelines-operator-bundle@sha256:be660e120bdda9b702ba6367c75c6eefa6c89ae6adfd7bd703bda0778b5c1060_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-operator-bundle@sha256:be660e120bdda9b702ba6367c75c6eefa6c89ae6adfd7bd703bda0778b5c1060?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-operator-bundle\u0026tag=v1.16.0-42"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:089e54bad6d4cf04a40bef07321331364335e9b94f2895799dc20cc3b1d15b4f_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:089e54bad6d4cf04a40bef07321331364335e9b94f2895799dc20cc3b1d15b4f_ppc64le",
"product_id": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:089e54bad6d4cf04a40bef07321331364335e9b94f2895799dc20cc3b1d15b4f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-operator-proxy-rhel8@sha256:089e54bad6d4cf04a40bef07321331364335e9b94f2895799dc20cc3b1d15b4f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-operator-proxy-rhel8\u0026tag=v1.16.0-28"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a1301dad903784986ba1940a67ef6cc5f6b9f2864fb290ac7a8f785a5d7ffb30_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a1301dad903784986ba1940a67ef6cc5f6b9f2864fb290ac7a8f785a5d7ffb30_ppc64le",
"product_id": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a1301dad903784986ba1940a67ef6cc5f6b9f2864fb290ac7a8f785a5d7ffb30_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-operator-webhook-rhel8@sha256:a1301dad903784986ba1940a67ef6cc5f6b9f2864fb290ac7a8f785a5d7ffb30?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-operator-webhook-rhel8\u0026tag=v1.16.0-28"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:8e38fd058d78053b1a0dbe2bfb24e0dbef332e6fe1a53fef20d23c832088e20c_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:8e38fd058d78053b1a0dbe2bfb24e0dbef332e6fe1a53fef20d23c832088e20c_ppc64le",
"product_id": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:8e38fd058d78053b1a0dbe2bfb24e0dbef332e6fe1a53fef20d23c832088e20c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-pipelines-as-code-rhel8@sha256:8e38fd058d78053b1a0dbe2bfb24e0dbef332e6fe1a53fef20d23c832088e20c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-rhel8\u0026tag=v1.16.0-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:d67ae06f23f7325531799ccef39d69c2967d0dae7bf7be560e65b02f0e1632a0_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:d67ae06f23f7325531799ccef39d69c2967d0dae7bf7be560e65b02f0e1632a0_ppc64le",
"product_id": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:d67ae06f23f7325531799ccef39d69c2967d0dae7bf7be560e65b02f0e1632a0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-resolvers-rhel8@sha256:d67ae06f23f7325531799ccef39d69c2967d0dae7bf7be560e65b02f0e1632a0?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8\u0026tag=v1.16.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-results-api-rhel8@sha256:1526233c99e74ac377c7c4c0b632a3755e468c9566b868330860ecf7bebac73c_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-results-api-rhel8@sha256:1526233c99e74ac377c7c4c0b632a3755e468c9566b868330860ecf7bebac73c_ppc64le",
"product_id": "openshift-pipelines/pipelines-results-api-rhel8@sha256:1526233c99e74ac377c7c4c0b632a3755e468c9566b868330860ecf7bebac73c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-results-api-rhel8@sha256:1526233c99e74ac377c7c4c0b632a3755e468c9566b868330860ecf7bebac73c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8\u0026tag=v1.16.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:a07c342c2e0cb85ab07527dd943cabfaac076ca3d541a94046fdaea882a1c627_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:a07c342c2e0cb85ab07527dd943cabfaac076ca3d541a94046fdaea882a1c627_ppc64le",
"product_id": "openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:a07c342c2e0cb85ab07527dd943cabfaac076ca3d541a94046fdaea882a1c627_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-results-retention-policy-agent-rhel8@sha256:a07c342c2e0cb85ab07527dd943cabfaac076ca3d541a94046fdaea882a1c627?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-results-retention-policy-agent-rhel8\u0026tag=v1.16.0-4"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:31f797b35537f16b4da2dabcc6fa8403540f2fa4fd2fb4756cc761db7d835eae_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:31f797b35537f16b4da2dabcc6fa8403540f2fa4fd2fb4756cc761db7d835eae_ppc64le",
"product_id": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:31f797b35537f16b4da2dabcc6fa8403540f2fa4fd2fb4756cc761db7d835eae_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-results-watcher-rhel8@sha256:31f797b35537f16b4da2dabcc6fa8403540f2fa4fd2fb4756cc761db7d835eae?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8\u0026tag=v1.16.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-rhel8-operator@sha256:aeb87311c1172e40165244e95f2a844f7079c39a65ac5edf23d1be31493193b9_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-rhel8-operator@sha256:aeb87311c1172e40165244e95f2a844f7079c39a65ac5edf23d1be31493193b9_ppc64le",
"product_id": "openshift-pipelines/pipelines-rhel8-operator@sha256:aeb87311c1172e40165244e95f2a844f7079c39a65ac5edf23d1be31493193b9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-rhel8-operator@sha256:aeb87311c1172e40165244e95f2a844f7079c39a65ac5edf23d1be31493193b9?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-rhel8-operator\u0026tag=v1.16.0-28"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:e79452acf8d3b269fbdc6e958cc0689afc7cedb90d871df1728f391bd4be2931_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:e79452acf8d3b269fbdc6e958cc0689afc7cedb90d871df1728f391bd4be2931_ppc64le",
"product_id": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:e79452acf8d3b269fbdc6e958cc0689afc7cedb90d871df1728f391bd4be2931_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-serve-tkn-cli-rhel8@sha256:e79452acf8d3b269fbdc6e958cc0689afc7cedb90d871df1728f391bd4be2931?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-serve-tkn-cli-rhel8\u0026tag=v1.16.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ec72a0e8654072f757fd9a1ca5385428d08cfd024e7bf59c59d78e5df3dce053_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ec72a0e8654072f757fd9a1ca5385428d08cfd024e7bf59c59d78e5df3dce053_ppc64le",
"product_id": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ec72a0e8654072f757fd9a1ca5385428d08cfd024e7bf59c59d78e5df3dce053_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-controller-rhel8@sha256:ec72a0e8654072f757fd9a1ca5385428d08cfd024e7bf59c59d78e5df3dce053?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8\u0026tag=v1.16.0-4"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:731a38900bff389d0c3ff45d2b2326e390c40d09ad2bec0fa78b7fa4bd4dedf7_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:731a38900bff389d0c3ff45d2b2326e390c40d09ad2bec0fa78b7fa4bd4dedf7_ppc64le",
"product_id": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:731a38900bff389d0c3ff45d2b2326e390c40d09ad2bec0fa78b7fa4bd4dedf7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-core-interceptors-rhel8@sha256:731a38900bff389d0c3ff45d2b2326e390c40d09ad2bec0fa78b7fa4bd4dedf7?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8\u0026tag=v1.16.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:2804679d3b6cc59d33e0ada55aab9689bf97f73d89b63f9f155eb62bb2f22ebf_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:2804679d3b6cc59d33e0ada55aab9689bf97f73d89b63f9f155eb62bb2f22ebf_ppc64le",
"product_id": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:2804679d3b6cc59d33e0ada55aab9689bf97f73d89b63f9f155eb62bb2f22ebf_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-eventlistenersink-rhel8@sha256:2804679d3b6cc59d33e0ada55aab9689bf97f73d89b63f9f155eb62bb2f22ebf?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8\u0026tag=v1.16.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:86c090b24787fd0ffd1a17317743dcda4c7a5f37e62bc4772b1db7d71b547ff8_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:86c090b24787fd0ffd1a17317743dcda4c7a5f37e62bc4772b1db7d71b547ff8_ppc64le",
"product_id": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:86c090b24787fd0ffd1a17317743dcda4c7a5f37e62bc4772b1db7d71b547ff8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-webhook-rhel8@sha256:86c090b24787fd0ffd1a17317743dcda4c7a5f37e62bc4772b1db7d71b547ff8?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8\u0026tag=v1.16.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-webhook-rhel8@sha256:ea12410a2594e802d0c3a39b2353ffd79e1ea04aa4d128dc191502326ca33bb5_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-webhook-rhel8@sha256:ea12410a2594e802d0c3a39b2353ffd79e1ea04aa4d128dc191502326ca33bb5_ppc64le",
"product_id": "openshift-pipelines/pipelines-webhook-rhel8@sha256:ea12410a2594e802d0c3a39b2353ffd79e1ea04aa4d128dc191502326ca33bb5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-webhook-rhel8@sha256:ea12410a2594e802d0c3a39b2353ffd79e1ea04aa4d128dc191502326ca33bb5?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8\u0026tag=v1.16.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:41312496ceeeb4d588f5cf67fd0bcfbebd819b9035315685ca6e66bf2f22c4d9_ppc64le",
"product": {
"name": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:41312496ceeeb4d588f5cf67fd0bcfbebd819b9035315685ca6e66bf2f22c4d9_ppc64le",
"product_id": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:41312496ceeeb4d588f5cf67fd0bcfbebd819b9035315685ca6e66bf2f22c4d9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-workingdirinit-rhel8@sha256:41312496ceeeb4d588f5cf67fd0bcfbebd819b9035315685ca6e66bf2f22c4d9?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8\u0026tag=v1.16.0-7"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d0e21023ff258a92b2b899089ac8245f6a7aaedf72596dd952bc6bc2072f07eb_arm64",
"product": {
"name": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d0e21023ff258a92b2b899089ac8245f6a7aaedf72596dd952bc6bc2072f07eb_arm64",
"product_id": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d0e21023ff258a92b2b899089ac8245f6a7aaedf72596dd952bc6bc2072f07eb_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-chains-controller-rhel8@sha256:d0e21023ff258a92b2b899089ac8245f6a7aaedf72596dd952bc6bc2072f07eb?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-chains-controller-rhel8\u0026tag=v1.16.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:ec8e4322d9d75fbaf2bbdf87d80f890af7e59b111a03138e2ea9e8e21a9841fc_arm64",
"product": {
"name": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:ec8e4322d9d75fbaf2bbdf87d80f890af7e59b111a03138e2ea9e8e21a9841fc_arm64",
"product_id": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:ec8e4322d9d75fbaf2bbdf87d80f890af7e59b111a03138e2ea9e8e21a9841fc_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-cli-tkn-rhel8@sha256:ec8e4322d9d75fbaf2bbdf87d80f890af7e59b111a03138e2ea9e8e21a9841fc?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-cli-tkn-rhel8\u0026tag=v1.16.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-console-plugin-rhel8@sha256:5cc1a8b7a7d6af4681e93dbcf378bc0b1cac853aa37172dd2e64950e33b0d390_arm64",
"product": {
"name": "openshift-pipelines/pipelines-console-plugin-rhel8@sha256:5cc1a8b7a7d6af4681e93dbcf378bc0b1cac853aa37172dd2e64950e33b0d390_arm64",
"product_id": "openshift-pipelines/pipelines-console-plugin-rhel8@sha256:5cc1a8b7a7d6af4681e93dbcf378bc0b1cac853aa37172dd2e64950e33b0d390_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-console-plugin-rhel8@sha256:5cc1a8b7a7d6af4681e93dbcf378bc0b1cac853aa37172dd2e64950e33b0d390?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-console-plugin-rhel8\u0026tag=v1.16.0-52"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-controller-rhel8@sha256:93e0a7bcbef2432c645a0f7295035776950ff2018452b6a63bdd3af9312746c3_arm64",
"product": {
"name": "openshift-pipelines/pipelines-controller-rhel8@sha256:93e0a7bcbef2432c645a0f7295035776950ff2018452b6a63bdd3af9312746c3_arm64",
"product_id": "openshift-pipelines/pipelines-controller-rhel8@sha256:93e0a7bcbef2432c645a0f7295035776950ff2018452b6a63bdd3af9312746c3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-controller-rhel8@sha256:93e0a7bcbef2432c645a0f7295035776950ff2018452b6a63bdd3af9312746c3?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-controller-rhel8\u0026tag=v1.16.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:72c17887a35bc880045ea9ef7d2fcdf5fda106f563853102582661698d71af74_arm64",
"product": {
"name": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:72c17887a35bc880045ea9ef7d2fcdf5fda106f563853102582661698d71af74_arm64",
"product_id": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:72c17887a35bc880045ea9ef7d2fcdf5fda106f563853102582661698d71af74_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-entrypoint-rhel8@sha256:72c17887a35bc880045ea9ef7d2fcdf5fda106f563853102582661698d71af74?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-entrypoint-rhel8\u0026tag=v1.16.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-events-rhel8@sha256:acc4cacbb79098e2430a51abec6667bcd401591b9d8c250978328360e947caec_arm64",
"product": {
"name": "openshift-pipelines/pipelines-events-rhel8@sha256:acc4cacbb79098e2430a51abec6667bcd401591b9d8c250978328360e947caec_arm64",
"product_id": "openshift-pipelines/pipelines-events-rhel8@sha256:acc4cacbb79098e2430a51abec6667bcd401591b9d8c250978328360e947caec_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-events-rhel8@sha256:acc4cacbb79098e2430a51abec6667bcd401591b9d8c250978328360e947caec?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-events-rhel8\u0026tag=v1.16.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-git-init-rhel8@sha256:bc596235b5108185241212de4315eb2fd1d520586041704fe6ea0f0556682f9c_arm64",
"product": {
"name": "openshift-pipelines/pipelines-git-init-rhel8@sha256:bc596235b5108185241212de4315eb2fd1d520586041704fe6ea0f0556682f9c_arm64",
"product_id": "openshift-pipelines/pipelines-git-init-rhel8@sha256:bc596235b5108185241212de4315eb2fd1d520586041704fe6ea0f0556682f9c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-git-init-rhel8@sha256:bc596235b5108185241212de4315eb2fd1d520586041704fe6ea0f0556682f9c?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-git-init-rhel8\u0026tag=v1.16.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:9eeb9e5ad290a62fd14bbe09d9214a123a3eb790f05b80a6bb94c7e9f55ec865_arm64",
"product": {
"name": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:9eeb9e5ad290a62fd14bbe09d9214a123a3eb790f05b80a6bb94c7e9f55ec865_arm64",
"product_id": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:9eeb9e5ad290a62fd14bbe09d9214a123a3eb790f05b80a6bb94c7e9f55ec865_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-api-rhel8@sha256:9eeb9e5ad290a62fd14bbe09d9214a123a3eb790f05b80a6bb94c7e9f55ec865?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-hub-api-rhel8\u0026tag=v1.16.0-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:81170bd47e3f6d2ff25a1862e59c6b115858aa77254fe938034651e41d063f7e_arm64",
"product": {
"name": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:81170bd47e3f6d2ff25a1862e59c6b115858aa77254fe938034651e41d063f7e_arm64",
"product_id": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:81170bd47e3f6d2ff25a1862e59c6b115858aa77254fe938034651e41d063f7e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-db-migration-rhel8@sha256:81170bd47e3f6d2ff25a1862e59c6b115858aa77254fe938034651e41d063f7e?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-hub-db-migration-rhel8\u0026tag=v1.16.0-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:940208d4dd7b2d9700afde7071d4a17a428c1986b25294e4795f15ff90155cfb_arm64",
"product": {
"name": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:940208d4dd7b2d9700afde7071d4a17a428c1986b25294e4795f15ff90155cfb_arm64",
"product_id": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:940208d4dd7b2d9700afde7071d4a17a428c1986b25294e4795f15ff90155cfb_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-hub-ui-rhel8@sha256:940208d4dd7b2d9700afde7071d4a17a428c1986b25294e4795f15ff90155cfb?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-hub-ui-rhel8\u0026tag=v1.16.0-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:d85da0482a93a9ee65d55ae033f61e26fb9a6b8ce8f7c855bbd670c69ad20fa2_arm64",
"product": {
"name": "openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:d85da0482a93a9ee65d55ae033f61e26fb9a6b8ce8f7c855bbd670c69ad20fa2_arm64",
"product_id": "openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:d85da0482a93a9ee65d55ae033f61e26fb9a6b8ce8f7c855bbd670c69ad20fa2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-manual-approval-gate-rhel8@sha256:d85da0482a93a9ee65d55ae033f61e26fb9a6b8ce8f7c855bbd670c69ad20fa2?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-manual-approval-gate-rhel8\u0026tag=v1.16.0-2"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-nop-rhel8@sha256:c47d0280add20fe510e2c74334b905363b16b04491198af0fe8ca54ff063929e_arm64",
"product": {
"name": "openshift-pipelines/pipelines-nop-rhel8@sha256:c47d0280add20fe510e2c74334b905363b16b04491198af0fe8ca54ff063929e_arm64",
"product_id": "openshift-pipelines/pipelines-nop-rhel8@sha256:c47d0280add20fe510e2c74334b905363b16b04491198af0fe8ca54ff063929e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-nop-rhel8@sha256:c47d0280add20fe510e2c74334b905363b16b04491198af0fe8ca54ff063929e?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-nop-rhel8\u0026tag=v1.16.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-operator-bundle@sha256:321705a23de2319617f327718c625682d0a9ca7499f056c2d0d1e2239a7533da_arm64",
"product": {
"name": "openshift-pipelines/pipelines-operator-bundle@sha256:321705a23de2319617f327718c625682d0a9ca7499f056c2d0d1e2239a7533da_arm64",
"product_id": "openshift-pipelines/pipelines-operator-bundle@sha256:321705a23de2319617f327718c625682d0a9ca7499f056c2d0d1e2239a7533da_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-operator-bundle@sha256:321705a23de2319617f327718c625682d0a9ca7499f056c2d0d1e2239a7533da?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-operator-bundle\u0026tag=v1.16.0-42"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:799e7cb98798ab5c91f87dcce0817a3af253b038aeafd76eaf480f29e9009c92_arm64",
"product": {
"name": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:799e7cb98798ab5c91f87dcce0817a3af253b038aeafd76eaf480f29e9009c92_arm64",
"product_id": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:799e7cb98798ab5c91f87dcce0817a3af253b038aeafd76eaf480f29e9009c92_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-operator-proxy-rhel8@sha256:799e7cb98798ab5c91f87dcce0817a3af253b038aeafd76eaf480f29e9009c92?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-operator-proxy-rhel8\u0026tag=v1.16.0-28"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a410ab1652167801e86452e024b30f9e3910a277c83a2111fac67fa4c05a8260_arm64",
"product": {
"name": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a410ab1652167801e86452e024b30f9e3910a277c83a2111fac67fa4c05a8260_arm64",
"product_id": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a410ab1652167801e86452e024b30f9e3910a277c83a2111fac67fa4c05a8260_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-operator-webhook-rhel8@sha256:a410ab1652167801e86452e024b30f9e3910a277c83a2111fac67fa4c05a8260?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-operator-webhook-rhel8\u0026tag=v1.16.0-28"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:42c8035b31fe78ed39d7fc4fcd344f02318ac3fa11b9bfa136412f44fd30c448_arm64",
"product": {
"name": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:42c8035b31fe78ed39d7fc4fcd344f02318ac3fa11b9bfa136412f44fd30c448_arm64",
"product_id": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:42c8035b31fe78ed39d7fc4fcd344f02318ac3fa11b9bfa136412f44fd30c448_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-pipelines-as-code-rhel8@sha256:42c8035b31fe78ed39d7fc4fcd344f02318ac3fa11b9bfa136412f44fd30c448?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-pipelines-as-code-rhel8\u0026tag=v1.16.0-3"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:57a58a355f9f9cac3fcad5c30b6580cd445b5da23674895724308ce37609d245_arm64",
"product": {
"name": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:57a58a355f9f9cac3fcad5c30b6580cd445b5da23674895724308ce37609d245_arm64",
"product_id": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:57a58a355f9f9cac3fcad5c30b6580cd445b5da23674895724308ce37609d245_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-resolvers-rhel8@sha256:57a58a355f9f9cac3fcad5c30b6580cd445b5da23674895724308ce37609d245?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-resolvers-rhel8\u0026tag=v1.16.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-results-api-rhel8@sha256:bfbbccf02f9dbcbb0504188ba88605391e5e1ff5f09a8ba254867f74cf2385ff_arm64",
"product": {
"name": "openshift-pipelines/pipelines-results-api-rhel8@sha256:bfbbccf02f9dbcbb0504188ba88605391e5e1ff5f09a8ba254867f74cf2385ff_arm64",
"product_id": "openshift-pipelines/pipelines-results-api-rhel8@sha256:bfbbccf02f9dbcbb0504188ba88605391e5e1ff5f09a8ba254867f74cf2385ff_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-results-api-rhel8@sha256:bfbbccf02f9dbcbb0504188ba88605391e5e1ff5f09a8ba254867f74cf2385ff?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-results-api-rhel8\u0026tag=v1.16.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:cfec93f99516e4d29a0e3f4096a8063bce44f585b654582a189d41771cbd3f88_arm64",
"product": {
"name": "openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:cfec93f99516e4d29a0e3f4096a8063bce44f585b654582a189d41771cbd3f88_arm64",
"product_id": "openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:cfec93f99516e4d29a0e3f4096a8063bce44f585b654582a189d41771cbd3f88_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-results-retention-policy-agent-rhel8@sha256:cfec93f99516e4d29a0e3f4096a8063bce44f585b654582a189d41771cbd3f88?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-results-retention-policy-agent-rhel8\u0026tag=v1.16.0-4"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26c4927f2c88031e4607387679416592eaf74466493a0421294b6e00a256add2_arm64",
"product": {
"name": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26c4927f2c88031e4607387679416592eaf74466493a0421294b6e00a256add2_arm64",
"product_id": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26c4927f2c88031e4607387679416592eaf74466493a0421294b6e00a256add2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-results-watcher-rhel8@sha256:26c4927f2c88031e4607387679416592eaf74466493a0421294b6e00a256add2?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-results-watcher-rhel8\u0026tag=v1.16.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-rhel8-operator@sha256:819208b38462cb051ad4c758fe4abb083284969f9f31810d3ddaed0db03e5a18_arm64",
"product": {
"name": "openshift-pipelines/pipelines-rhel8-operator@sha256:819208b38462cb051ad4c758fe4abb083284969f9f31810d3ddaed0db03e5a18_arm64",
"product_id": "openshift-pipelines/pipelines-rhel8-operator@sha256:819208b38462cb051ad4c758fe4abb083284969f9f31810d3ddaed0db03e5a18_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-rhel8-operator@sha256:819208b38462cb051ad4c758fe4abb083284969f9f31810d3ddaed0db03e5a18?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-rhel8-operator\u0026tag=v1.16.0-28"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:4d0584573dc88a4432e95ecd2e64dd92c1fc1c5a945939b47f0874a8704bd353_arm64",
"product": {
"name": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:4d0584573dc88a4432e95ecd2e64dd92c1fc1c5a945939b47f0874a8704bd353_arm64",
"product_id": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:4d0584573dc88a4432e95ecd2e64dd92c1fc1c5a945939b47f0874a8704bd353_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-serve-tkn-cli-rhel8@sha256:4d0584573dc88a4432e95ecd2e64dd92c1fc1c5a945939b47f0874a8704bd353?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-serve-tkn-cli-rhel8\u0026tag=v1.16.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:5bb94a87c3ac594474f1190bb157c8e6a79be4f73515d29b60b005a208c83543_arm64",
"product": {
"name": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:5bb94a87c3ac594474f1190bb157c8e6a79be4f73515d29b60b005a208c83543_arm64",
"product_id": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:5bb94a87c3ac594474f1190bb157c8e6a79be4f73515d29b60b005a208c83543_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-controller-rhel8@sha256:5bb94a87c3ac594474f1190bb157c8e6a79be4f73515d29b60b005a208c83543?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-triggers-controller-rhel8\u0026tag=v1.16.0-4"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:20ed8c365c2a3b3015b695c56eb091c9edfa1997e505694e19befbf96ab54417_arm64",
"product": {
"name": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:20ed8c365c2a3b3015b695c56eb091c9edfa1997e505694e19befbf96ab54417_arm64",
"product_id": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:20ed8c365c2a3b3015b695c56eb091c9edfa1997e505694e19befbf96ab54417_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-core-interceptors-rhel8@sha256:20ed8c365c2a3b3015b695c56eb091c9edfa1997e505694e19befbf96ab54417?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-triggers-core-interceptors-rhel8\u0026tag=v1.16.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:0f610489ea55b796b0973d3b80878975a542b61c63b7a0848bbca256fe60bf30_arm64",
"product": {
"name": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:0f610489ea55b796b0973d3b80878975a542b61c63b7a0848bbca256fe60bf30_arm64",
"product_id": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:0f610489ea55b796b0973d3b80878975a542b61c63b7a0848bbca256fe60bf30_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-eventlistenersink-rhel8@sha256:0f610489ea55b796b0973d3b80878975a542b61c63b7a0848bbca256fe60bf30?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8\u0026tag=v1.16.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54e88e3d33688d3b36cc8fb93db865fd788fe1e8f2ae7300e6c3d4afd08fd7f0_arm64",
"product": {
"name": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54e88e3d33688d3b36cc8fb93db865fd788fe1e8f2ae7300e6c3d4afd08fd7f0_arm64",
"product_id": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54e88e3d33688d3b36cc8fb93db865fd788fe1e8f2ae7300e6c3d4afd08fd7f0_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-triggers-webhook-rhel8@sha256:54e88e3d33688d3b36cc8fb93db865fd788fe1e8f2ae7300e6c3d4afd08fd7f0?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-triggers-webhook-rhel8\u0026tag=v1.16.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-webhook-rhel8@sha256:6182fc24309fa292404727e561a89ecc62a3e317874964e4c94b0ec1bc5088c3_arm64",
"product": {
"name": "openshift-pipelines/pipelines-webhook-rhel8@sha256:6182fc24309fa292404727e561a89ecc62a3e317874964e4c94b0ec1bc5088c3_arm64",
"product_id": "openshift-pipelines/pipelines-webhook-rhel8@sha256:6182fc24309fa292404727e561a89ecc62a3e317874964e4c94b0ec1bc5088c3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-webhook-rhel8@sha256:6182fc24309fa292404727e561a89ecc62a3e317874964e4c94b0ec1bc5088c3?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-webhook-rhel8\u0026tag=v1.16.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:ee5529540a69ba43ea5c8fe703228242f1b36736cb3f99c4a0650cd9b6e91d29_arm64",
"product": {
"name": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:ee5529540a69ba43ea5c8fe703228242f1b36736cb3f99c4a0650cd9b6e91d29_arm64",
"product_id": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:ee5529540a69ba43ea5c8fe703228242f1b36736cb3f99c4a0650cd9b6e91d29_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pipelines-workingdirinit-rhel8@sha256:ee5529540a69ba43ea5c8fe703228242f1b36736cb3f99c4a0650cd9b6e91d29?arch=arm64\u0026repository_url=registry.redhat.io/openshift-pipelines/pipelines-workingdirinit-rhel8\u0026tag=v1.16.0-7"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:6b3e1fb2d534596e811290912f44adc7e802f0b9221fdf99c040804741be51f4_s390x as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:6b3e1fb2d534596e811290912f44adc7e802f0b9221fdf99c040804741be51f4_s390x"
},
"product_reference": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:6b3e1fb2d534596e811290912f44adc7e802f0b9221fdf99c040804741be51f4_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:97f4b5fe34f39729a6e5b0dae6992788e707e400bf5e0c7f6ef9e0a1751ffd81_amd64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:97f4b5fe34f39729a6e5b0dae6992788e707e400bf5e0c7f6ef9e0a1751ffd81_amd64"
},
"product_reference": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:97f4b5fe34f39729a6e5b0dae6992788e707e400bf5e0c7f6ef9e0a1751ffd81_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:abb7268ee2ce62b94b4dba0fc65207bcc7ac64338b10d15ccc57a0b077c56d5e_ppc64le as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:abb7268ee2ce62b94b4dba0fc65207bcc7ac64338b10d15ccc57a0b077c56d5e_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:abb7268ee2ce62b94b4dba0fc65207bcc7ac64338b10d15ccc57a0b077c56d5e_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d0e21023ff258a92b2b899089ac8245f6a7aaedf72596dd952bc6bc2072f07eb_arm64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d0e21023ff258a92b2b899089ac8245f6a7aaedf72596dd952bc6bc2072f07eb_arm64"
},
"product_reference": "openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d0e21023ff258a92b2b899089ac8245f6a7aaedf72596dd952bc6bc2072f07eb_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:5fcd0a7266ebb30fcb6522de7d46185f3c4effcf7aed2bdff9133180d8092e81_amd64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:5fcd0a7266ebb30fcb6522de7d46185f3c4effcf7aed2bdff9133180d8092e81_amd64"
},
"product_reference": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:5fcd0a7266ebb30fcb6522de7d46185f3c4effcf7aed2bdff9133180d8092e81_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:a9308b73e38d1784e7e0e85530494811a3a936581b0b15406a831cbca6b51d4d_ppc64le as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:a9308b73e38d1784e7e0e85530494811a3a936581b0b15406a831cbca6b51d4d_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:a9308b73e38d1784e7e0e85530494811a3a936581b0b15406a831cbca6b51d4d_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:d740f317b2fd15a7fdb8b5461bc3ee13d8eed50c29536fe4217b89340103f07f_s390x as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:d740f317b2fd15a7fdb8b5461bc3ee13d8eed50c29536fe4217b89340103f07f_s390x"
},
"product_reference": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:d740f317b2fd15a7fdb8b5461bc3ee13d8eed50c29536fe4217b89340103f07f_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:ec8e4322d9d75fbaf2bbdf87d80f890af7e59b111a03138e2ea9e8e21a9841fc_arm64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:ec8e4322d9d75fbaf2bbdf87d80f890af7e59b111a03138e2ea9e8e21a9841fc_arm64"
},
"product_reference": "openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:ec8e4322d9d75fbaf2bbdf87d80f890af7e59b111a03138e2ea9e8e21a9841fc_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-console-plugin-rhel8@sha256:458ff95d3645b3904d6ff93b5a2da1759a27e9d0d775c8adf598ab6886eba175_s390x as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:458ff95d3645b3904d6ff93b5a2da1759a27e9d0d775c8adf598ab6886eba175_s390x"
},
"product_reference": "openshift-pipelines/pipelines-console-plugin-rhel8@sha256:458ff95d3645b3904d6ff93b5a2da1759a27e9d0d775c8adf598ab6886eba175_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-console-plugin-rhel8@sha256:5cc1a8b7a7d6af4681e93dbcf378bc0b1cac853aa37172dd2e64950e33b0d390_arm64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:5cc1a8b7a7d6af4681e93dbcf378bc0b1cac853aa37172dd2e64950e33b0d390_arm64"
},
"product_reference": "openshift-pipelines/pipelines-console-plugin-rhel8@sha256:5cc1a8b7a7d6af4681e93dbcf378bc0b1cac853aa37172dd2e64950e33b0d390_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-console-plugin-rhel8@sha256:6730b6c5d63b9fbd7e10150fcc5e62c0145320a949f0dda56ae0864561651729_amd64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:6730b6c5d63b9fbd7e10150fcc5e62c0145320a949f0dda56ae0864561651729_amd64"
},
"product_reference": "openshift-pipelines/pipelines-console-plugin-rhel8@sha256:6730b6c5d63b9fbd7e10150fcc5e62c0145320a949f0dda56ae0864561651729_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-console-plugin-rhel8@sha256:ed1ecc41d06d040907ac59e0c39ddd6429770cba6628fb532228f3b1b4b1233d_ppc64le as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:ed1ecc41d06d040907ac59e0c39ddd6429770cba6628fb532228f3b1b4b1233d_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-console-plugin-rhel8@sha256:ed1ecc41d06d040907ac59e0c39ddd6429770cba6628fb532228f3b1b4b1233d_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-controller-rhel8@sha256:5da6397f22e3ebd8a8d363f39d8cba2fdf15b13a2f8955488ac2b047a2ee3b90_s390x as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:5da6397f22e3ebd8a8d363f39d8cba2fdf15b13a2f8955488ac2b047a2ee3b90_s390x"
},
"product_reference": "openshift-pipelines/pipelines-controller-rhel8@sha256:5da6397f22e3ebd8a8d363f39d8cba2fdf15b13a2f8955488ac2b047a2ee3b90_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-controller-rhel8@sha256:93e0a7bcbef2432c645a0f7295035776950ff2018452b6a63bdd3af9312746c3_arm64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:93e0a7bcbef2432c645a0f7295035776950ff2018452b6a63bdd3af9312746c3_arm64"
},
"product_reference": "openshift-pipelines/pipelines-controller-rhel8@sha256:93e0a7bcbef2432c645a0f7295035776950ff2018452b6a63bdd3af9312746c3_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-controller-rhel8@sha256:a0c347a5c888baedebaa32eecf9cf6f625fcf37ade2f42702ff6bbfb306e68f8_ppc64le as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a0c347a5c888baedebaa32eecf9cf6f625fcf37ade2f42702ff6bbfb306e68f8_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-controller-rhel8@sha256:a0c347a5c888baedebaa32eecf9cf6f625fcf37ade2f42702ff6bbfb306e68f8_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-controller-rhel8@sha256:a1e781866d3c356f38e89a3937d6b96a3c15b7b880f1a5c35fe7e106f81213fe_amd64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a1e781866d3c356f38e89a3937d6b96a3c15b7b880f1a5c35fe7e106f81213fe_amd64"
},
"product_reference": "openshift-pipelines/pipelines-controller-rhel8@sha256:a1e781866d3c356f38e89a3937d6b96a3c15b7b880f1a5c35fe7e106f81213fe_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:43dc6d413eab18ba5fa27c8acbbc437dbb21294b47be41cb4e77bfa49ee6776e_ppc64le as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:43dc6d413eab18ba5fa27c8acbbc437dbb21294b47be41cb4e77bfa49ee6776e_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:43dc6d413eab18ba5fa27c8acbbc437dbb21294b47be41cb4e77bfa49ee6776e_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:60c70453cdda43c61fe75aac3e95ffde9b1c8cc06dae9749017020586dc334ef_amd64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:60c70453cdda43c61fe75aac3e95ffde9b1c8cc06dae9749017020586dc334ef_amd64"
},
"product_reference": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:60c70453cdda43c61fe75aac3e95ffde9b1c8cc06dae9749017020586dc334ef_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:72c17887a35bc880045ea9ef7d2fcdf5fda106f563853102582661698d71af74_arm64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:72c17887a35bc880045ea9ef7d2fcdf5fda106f563853102582661698d71af74_arm64"
},
"product_reference": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:72c17887a35bc880045ea9ef7d2fcdf5fda106f563853102582661698d71af74_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:c77bfce0abaac800970937b5348cf16b631a101f6e96c743d5782f6b420d191a_s390x as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:c77bfce0abaac800970937b5348cf16b631a101f6e96c743d5782f6b420d191a_s390x"
},
"product_reference": "openshift-pipelines/pipelines-entrypoint-rhel8@sha256:c77bfce0abaac800970937b5348cf16b631a101f6e96c743d5782f6b420d191a_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-events-rhel8@sha256:3dd3c388b1acf33c0d651b32bc0510395926e5e5444f6c3fd2e72c4ac00cb64d_s390x as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:3dd3c388b1acf33c0d651b32bc0510395926e5e5444f6c3fd2e72c4ac00cb64d_s390x"
},
"product_reference": "openshift-pipelines/pipelines-events-rhel8@sha256:3dd3c388b1acf33c0d651b32bc0510395926e5e5444f6c3fd2e72c4ac00cb64d_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-events-rhel8@sha256:72d9112a32a3e0598883a679cd2937fee73dffd502ddb2e44350e7e6625175e7_ppc64le as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:72d9112a32a3e0598883a679cd2937fee73dffd502ddb2e44350e7e6625175e7_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-events-rhel8@sha256:72d9112a32a3e0598883a679cd2937fee73dffd502ddb2e44350e7e6625175e7_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-events-rhel8@sha256:81994abd500fe05fa9ebc1bb6ccfde573ca1e2acafa3a943f31dc2a5dc5599fd_amd64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:81994abd500fe05fa9ebc1bb6ccfde573ca1e2acafa3a943f31dc2a5dc5599fd_amd64"
},
"product_reference": "openshift-pipelines/pipelines-events-rhel8@sha256:81994abd500fe05fa9ebc1bb6ccfde573ca1e2acafa3a943f31dc2a5dc5599fd_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-events-rhel8@sha256:acc4cacbb79098e2430a51abec6667bcd401591b9d8c250978328360e947caec_arm64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:acc4cacbb79098e2430a51abec6667bcd401591b9d8c250978328360e947caec_arm64"
},
"product_reference": "openshift-pipelines/pipelines-events-rhel8@sha256:acc4cacbb79098e2430a51abec6667bcd401591b9d8c250978328360e947caec_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-git-init-rhel8@sha256:4f8fe30627b138387849db8b9e027c6600b4d8e8a9fb60898dd087ac04a3fd10_s390x as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:4f8fe30627b138387849db8b9e027c6600b4d8e8a9fb60898dd087ac04a3fd10_s390x"
},
"product_reference": "openshift-pipelines/pipelines-git-init-rhel8@sha256:4f8fe30627b138387849db8b9e027c6600b4d8e8a9fb60898dd087ac04a3fd10_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-git-init-rhel8@sha256:5fc0894cf8677cf0b4540dd45001085a1c6283666757196191311276ff1f52f7_ppc64le as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:5fc0894cf8677cf0b4540dd45001085a1c6283666757196191311276ff1f52f7_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-git-init-rhel8@sha256:5fc0894cf8677cf0b4540dd45001085a1c6283666757196191311276ff1f52f7_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-git-init-rhel8@sha256:bc596235b5108185241212de4315eb2fd1d520586041704fe6ea0f0556682f9c_arm64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:bc596235b5108185241212de4315eb2fd1d520586041704fe6ea0f0556682f9c_arm64"
},
"product_reference": "openshift-pipelines/pipelines-git-init-rhel8@sha256:bc596235b5108185241212de4315eb2fd1d520586041704fe6ea0f0556682f9c_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-git-init-rhel8@sha256:d1ef4d43c288a2e2be270932d8bee2ebabe08d1c05eaedf408e8d3f08bc37d3d_amd64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:d1ef4d43c288a2e2be270932d8bee2ebabe08d1c05eaedf408e8d3f08bc37d3d_amd64"
},
"product_reference": "openshift-pipelines/pipelines-git-init-rhel8@sha256:d1ef4d43c288a2e2be270932d8bee2ebabe08d1c05eaedf408e8d3f08bc37d3d_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:38df2ee7b5531f7d2539a9b43cb4dee79c9afc3c47a9acd7a53352381bc77e0c_amd64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:38df2ee7b5531f7d2539a9b43cb4dee79c9afc3c47a9acd7a53352381bc77e0c_amd64"
},
"product_reference": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:38df2ee7b5531f7d2539a9b43cb4dee79c9afc3c47a9acd7a53352381bc77e0c_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:9eeb9e5ad290a62fd14bbe09d9214a123a3eb790f05b80a6bb94c7e9f55ec865_arm64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:9eeb9e5ad290a62fd14bbe09d9214a123a3eb790f05b80a6bb94c7e9f55ec865_arm64"
},
"product_reference": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:9eeb9e5ad290a62fd14bbe09d9214a123a3eb790f05b80a6bb94c7e9f55ec865_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:bee7a94b145bb0ef379093ccfa0eb0305b849c38d3974a0e45a32f8df7e0ed25_ppc64le as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:bee7a94b145bb0ef379093ccfa0eb0305b849c38d3974a0e45a32f8df7e0ed25_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:bee7a94b145bb0ef379093ccfa0eb0305b849c38d3974a0e45a32f8df7e0ed25_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:dd34a7c660015f0b0e85cf29bf768b873c8ffd10b4f30551dd4b761d6e2f93b6_s390x as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:dd34a7c660015f0b0e85cf29bf768b873c8ffd10b4f30551dd4b761d6e2f93b6_s390x"
},
"product_reference": "openshift-pipelines/pipelines-hub-api-rhel8@sha256:dd34a7c660015f0b0e85cf29bf768b873c8ffd10b4f30551dd4b761d6e2f93b6_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4fa64c0356d5de6ba506f6e5fe0af5112a071407f7882a4b69624d77e20014f5_amd64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4fa64c0356d5de6ba506f6e5fe0af5112a071407f7882a4b69624d77e20014f5_amd64"
},
"product_reference": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4fa64c0356d5de6ba506f6e5fe0af5112a071407f7882a4b69624d77e20014f5_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:6827a3aaadf146c58909950974c674e8ada6b408ce5055d146ba9cc504a3d38a_ppc64le as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:6827a3aaadf146c58909950974c674e8ada6b408ce5055d146ba9cc504a3d38a_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:6827a3aaadf146c58909950974c674e8ada6b408ce5055d146ba9cc504a3d38a_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:81170bd47e3f6d2ff25a1862e59c6b115858aa77254fe938034651e41d063f7e_arm64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:81170bd47e3f6d2ff25a1862e59c6b115858aa77254fe938034651e41d063f7e_arm64"
},
"product_reference": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:81170bd47e3f6d2ff25a1862e59c6b115858aa77254fe938034651e41d063f7e_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:b694393f429516351f376b8083d292f47ed203c147d6c80d2368543c95ea8169_s390x as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:b694393f429516351f376b8083d292f47ed203c147d6c80d2368543c95ea8169_s390x"
},
"product_reference": "openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:b694393f429516351f376b8083d292f47ed203c147d6c80d2368543c95ea8169_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:2bbbef20cf7cd9e25fdf2c85f8ee0d85456ecea9f6fe63e316e82d6aa458fd65_s390x as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:2bbbef20cf7cd9e25fdf2c85f8ee0d85456ecea9f6fe63e316e82d6aa458fd65_s390x"
},
"product_reference": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:2bbbef20cf7cd9e25fdf2c85f8ee0d85456ecea9f6fe63e316e82d6aa458fd65_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:331d6aa12b6dbe31110d4df4167150dc113b5915be1ffbbd8b606070c487b5ad_ppc64le as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:331d6aa12b6dbe31110d4df4167150dc113b5915be1ffbbd8b606070c487b5ad_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:331d6aa12b6dbe31110d4df4167150dc113b5915be1ffbbd8b606070c487b5ad_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:940208d4dd7b2d9700afde7071d4a17a428c1986b25294e4795f15ff90155cfb_arm64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:940208d4dd7b2d9700afde7071d4a17a428c1986b25294e4795f15ff90155cfb_arm64"
},
"product_reference": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:940208d4dd7b2d9700afde7071d4a17a428c1986b25294e4795f15ff90155cfb_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:99d598d0da818321501ab77ffd36dfb56af3ce815cd16c99bfe66fcc6be2bac6_amd64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:99d598d0da818321501ab77ffd36dfb56af3ce815cd16c99bfe66fcc6be2bac6_amd64"
},
"product_reference": "openshift-pipelines/pipelines-hub-ui-rhel8@sha256:99d598d0da818321501ab77ffd36dfb56af3ce815cd16c99bfe66fcc6be2bac6_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:63abdb4c0068a84e59a3317ecff1357f022d2666e6471d2ebd54a877c528ea3a_ppc64le as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:63abdb4c0068a84e59a3317ecff1357f022d2666e6471d2ebd54a877c528ea3a_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:63abdb4c0068a84e59a3317ecff1357f022d2666e6471d2ebd54a877c528ea3a_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:b9be5c3803e158f1fc6f9c2ddc0a1dc23a9d58a44ba9a3d70c869482af3f339a_amd64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:b9be5c3803e158f1fc6f9c2ddc0a1dc23a9d58a44ba9a3d70c869482af3f339a_amd64"
},
"product_reference": "openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:b9be5c3803e158f1fc6f9c2ddc0a1dc23a9d58a44ba9a3d70c869482af3f339a_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:d85da0482a93a9ee65d55ae033f61e26fb9a6b8ce8f7c855bbd670c69ad20fa2_arm64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:d85da0482a93a9ee65d55ae033f61e26fb9a6b8ce8f7c855bbd670c69ad20fa2_arm64"
},
"product_reference": "openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:d85da0482a93a9ee65d55ae033f61e26fb9a6b8ce8f7c855bbd670c69ad20fa2_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:e1d319b4eba5225519607ad30ee4dd56756ab5e76c403f1dcc8b98b0ab6cb416_s390x as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:e1d319b4eba5225519607ad30ee4dd56756ab5e76c403f1dcc8b98b0ab6cb416_s390x"
},
"product_reference": "openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:e1d319b4eba5225519607ad30ee4dd56756ab5e76c403f1dcc8b98b0ab6cb416_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-nop-rhel8@sha256:21fe3eae3fc1fe8c338d41746943152c972087c5bba0f8af1445af1d77ce27fb_ppc64le as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:21fe3eae3fc1fe8c338d41746943152c972087c5bba0f8af1445af1d77ce27fb_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-nop-rhel8@sha256:21fe3eae3fc1fe8c338d41746943152c972087c5bba0f8af1445af1d77ce27fb_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-nop-rhel8@sha256:5e5f0d91736d097226d32257d77e8efeffb52e6e0616c52d93ac066d7fbe3b03_amd64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:5e5f0d91736d097226d32257d77e8efeffb52e6e0616c52d93ac066d7fbe3b03_amd64"
},
"product_reference": "openshift-pipelines/pipelines-nop-rhel8@sha256:5e5f0d91736d097226d32257d77e8efeffb52e6e0616c52d93ac066d7fbe3b03_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-nop-rhel8@sha256:8700e66a3fcd395fe9b7a6e1171568356edcc022d9ff721f995f40a78f320ca8_s390x as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:8700e66a3fcd395fe9b7a6e1171568356edcc022d9ff721f995f40a78f320ca8_s390x"
},
"product_reference": "openshift-pipelines/pipelines-nop-rhel8@sha256:8700e66a3fcd395fe9b7a6e1171568356edcc022d9ff721f995f40a78f320ca8_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-nop-rhel8@sha256:c47d0280add20fe510e2c74334b905363b16b04491198af0fe8ca54ff063929e_arm64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:c47d0280add20fe510e2c74334b905363b16b04491198af0fe8ca54ff063929e_arm64"
},
"product_reference": "openshift-pipelines/pipelines-nop-rhel8@sha256:c47d0280add20fe510e2c74334b905363b16b04491198af0fe8ca54ff063929e_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-operator-bundle@sha256:321705a23de2319617f327718c625682d0a9ca7499f056c2d0d1e2239a7533da_arm64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:321705a23de2319617f327718c625682d0a9ca7499f056c2d0d1e2239a7533da_arm64"
},
"product_reference": "openshift-pipelines/pipelines-operator-bundle@sha256:321705a23de2319617f327718c625682d0a9ca7499f056c2d0d1e2239a7533da_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-operator-bundle@sha256:9db5800892c9c9d70a73ed369832711be57d34fb9deb801537d50df9bf1741d0_s390x as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:9db5800892c9c9d70a73ed369832711be57d34fb9deb801537d50df9bf1741d0_s390x"
},
"product_reference": "openshift-pipelines/pipelines-operator-bundle@sha256:9db5800892c9c9d70a73ed369832711be57d34fb9deb801537d50df9bf1741d0_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-operator-bundle@sha256:a46b7990c0ad07dae78f43334c9bd5e6cba7b50ca60d3f880099b71e77bed214_amd64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:a46b7990c0ad07dae78f43334c9bd5e6cba7b50ca60d3f880099b71e77bed214_amd64"
},
"product_reference": "openshift-pipelines/pipelines-operator-bundle@sha256:a46b7990c0ad07dae78f43334c9bd5e6cba7b50ca60d3f880099b71e77bed214_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-operator-bundle@sha256:be660e120bdda9b702ba6367c75c6eefa6c89ae6adfd7bd703bda0778b5c1060_ppc64le as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:be660e120bdda9b702ba6367c75c6eefa6c89ae6adfd7bd703bda0778b5c1060_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-operator-bundle@sha256:be660e120bdda9b702ba6367c75c6eefa6c89ae6adfd7bd703bda0778b5c1060_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:089e54bad6d4cf04a40bef07321331364335e9b94f2895799dc20cc3b1d15b4f_ppc64le as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:089e54bad6d4cf04a40bef07321331364335e9b94f2895799dc20cc3b1d15b4f_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:089e54bad6d4cf04a40bef07321331364335e9b94f2895799dc20cc3b1d15b4f_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:6b79cc81807a4ba2eb1170d4c4341d4b3ec92b4e94c5de9837596bb082cc5628_amd64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:6b79cc81807a4ba2eb1170d4c4341d4b3ec92b4e94c5de9837596bb082cc5628_amd64"
},
"product_reference": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:6b79cc81807a4ba2eb1170d4c4341d4b3ec92b4e94c5de9837596bb082cc5628_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:799e7cb98798ab5c91f87dcce0817a3af253b038aeafd76eaf480f29e9009c92_arm64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:799e7cb98798ab5c91f87dcce0817a3af253b038aeafd76eaf480f29e9009c92_arm64"
},
"product_reference": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:799e7cb98798ab5c91f87dcce0817a3af253b038aeafd76eaf480f29e9009c92_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:d01bf0b31ad411e386a095817cd4b903613bfd2325040e91b92021b30be64c75_s390x as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:d01bf0b31ad411e386a095817cd4b903613bfd2325040e91b92021b30be64c75_s390x"
},
"product_reference": "openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:d01bf0b31ad411e386a095817cd4b903613bfd2325040e91b92021b30be64c75_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:14ebd0e2b72184fd3cd064d464a66ff63dde432e4ec3297ab159ee46aa566da1_s390x as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:14ebd0e2b72184fd3cd064d464a66ff63dde432e4ec3297ab159ee46aa566da1_s390x"
},
"product_reference": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:14ebd0e2b72184fd3cd064d464a66ff63dde432e4ec3297ab159ee46aa566da1_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:53ee7c53f046aeec9dc6250b776b5655758fe9d7b8028c43e36de2b82c7db4a5_amd64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:53ee7c53f046aeec9dc6250b776b5655758fe9d7b8028c43e36de2b82c7db4a5_amd64"
},
"product_reference": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:53ee7c53f046aeec9dc6250b776b5655758fe9d7b8028c43e36de2b82c7db4a5_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a1301dad903784986ba1940a67ef6cc5f6b9f2864fb290ac7a8f785a5d7ffb30_ppc64le as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a1301dad903784986ba1940a67ef6cc5f6b9f2864fb290ac7a8f785a5d7ffb30_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a1301dad903784986ba1940a67ef6cc5f6b9f2864fb290ac7a8f785a5d7ffb30_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a410ab1652167801e86452e024b30f9e3910a277c83a2111fac67fa4c05a8260_arm64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a410ab1652167801e86452e024b30f9e3910a277c83a2111fac67fa4c05a8260_arm64"
},
"product_reference": "openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a410ab1652167801e86452e024b30f9e3910a277c83a2111fac67fa4c05a8260_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:29f6ea3c582bb0a38e00988b1dcfff1a11697f2975454761812de03074855a77_s390x as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:29f6ea3c582bb0a38e00988b1dcfff1a11697f2975454761812de03074855a77_s390x"
},
"product_reference": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:29f6ea3c582bb0a38e00988b1dcfff1a11697f2975454761812de03074855a77_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:42c8035b31fe78ed39d7fc4fcd344f02318ac3fa11b9bfa136412f44fd30c448_arm64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:42c8035b31fe78ed39d7fc4fcd344f02318ac3fa11b9bfa136412f44fd30c448_arm64"
},
"product_reference": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:42c8035b31fe78ed39d7fc4fcd344f02318ac3fa11b9bfa136412f44fd30c448_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:8e38fd058d78053b1a0dbe2bfb24e0dbef332e6fe1a53fef20d23c832088e20c_ppc64le as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:8e38fd058d78053b1a0dbe2bfb24e0dbef332e6fe1a53fef20d23c832088e20c_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:8e38fd058d78053b1a0dbe2bfb24e0dbef332e6fe1a53fef20d23c832088e20c_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:9da79600ffaf0fb23cd1222f3fb6de88e7c4d245b6cafc60a2806b8c5db66ac8_amd64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:9da79600ffaf0fb23cd1222f3fb6de88e7c4d245b6cafc60a2806b8c5db66ac8_amd64"
},
"product_reference": "openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:9da79600ffaf0fb23cd1222f3fb6de88e7c4d245b6cafc60a2806b8c5db66ac8_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:57a58a355f9f9cac3fcad5c30b6580cd445b5da23674895724308ce37609d245_arm64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:57a58a355f9f9cac3fcad5c30b6580cd445b5da23674895724308ce37609d245_arm64"
},
"product_reference": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:57a58a355f9f9cac3fcad5c30b6580cd445b5da23674895724308ce37609d245_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:6ab6080fe409b7a365d73923e4d5f3ec3e98a5a20dd7497be1d8dae78fec1532_amd64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:6ab6080fe409b7a365d73923e4d5f3ec3e98a5a20dd7497be1d8dae78fec1532_amd64"
},
"product_reference": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:6ab6080fe409b7a365d73923e4d5f3ec3e98a5a20dd7497be1d8dae78fec1532_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:832dc5f1fb97dcdd6b4d4734a3bdc922292807d555ea3c46b551440b82b3b024_s390x as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:832dc5f1fb97dcdd6b4d4734a3bdc922292807d555ea3c46b551440b82b3b024_s390x"
},
"product_reference": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:832dc5f1fb97dcdd6b4d4734a3bdc922292807d555ea3c46b551440b82b3b024_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:d67ae06f23f7325531799ccef39d69c2967d0dae7bf7be560e65b02f0e1632a0_ppc64le as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:d67ae06f23f7325531799ccef39d69c2967d0dae7bf7be560e65b02f0e1632a0_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-resolvers-rhel8@sha256:d67ae06f23f7325531799ccef39d69c2967d0dae7bf7be560e65b02f0e1632a0_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-results-api-rhel8@sha256:035e9b78ad832f30f15d9b75f7ae2faf220fe7d54b0cafcb184e242f77148a7b_s390x as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:035e9b78ad832f30f15d9b75f7ae2faf220fe7d54b0cafcb184e242f77148a7b_s390x"
},
"product_reference": "openshift-pipelines/pipelines-results-api-rhel8@sha256:035e9b78ad832f30f15d9b75f7ae2faf220fe7d54b0cafcb184e242f77148a7b_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-results-api-rhel8@sha256:074a8a5f28c8518daee6887b783046a0895ed65ddef29f1332f66598011695c1_amd64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:074a8a5f28c8518daee6887b783046a0895ed65ddef29f1332f66598011695c1_amd64"
},
"product_reference": "openshift-pipelines/pipelines-results-api-rhel8@sha256:074a8a5f28c8518daee6887b783046a0895ed65ddef29f1332f66598011695c1_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-results-api-rhel8@sha256:1526233c99e74ac377c7c4c0b632a3755e468c9566b868330860ecf7bebac73c_ppc64le as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:1526233c99e74ac377c7c4c0b632a3755e468c9566b868330860ecf7bebac73c_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-results-api-rhel8@sha256:1526233c99e74ac377c7c4c0b632a3755e468c9566b868330860ecf7bebac73c_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-results-api-rhel8@sha256:bfbbccf02f9dbcbb0504188ba88605391e5e1ff5f09a8ba254867f74cf2385ff_arm64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:bfbbccf02f9dbcbb0504188ba88605391e5e1ff5f09a8ba254867f74cf2385ff_arm64"
},
"product_reference": "openshift-pipelines/pipelines-results-api-rhel8@sha256:bfbbccf02f9dbcbb0504188ba88605391e5e1ff5f09a8ba254867f74cf2385ff_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:4358bd5264994f7e2fefce583da0714fb9d4fb085eb1ab51b8309f0d94b9f153_s390x as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:4358bd5264994f7e2fefce583da0714fb9d4fb085eb1ab51b8309f0d94b9f153_s390x"
},
"product_reference": "openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:4358bd5264994f7e2fefce583da0714fb9d4fb085eb1ab51b8309f0d94b9f153_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:a07c342c2e0cb85ab07527dd943cabfaac076ca3d541a94046fdaea882a1c627_ppc64le as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:a07c342c2e0cb85ab07527dd943cabfaac076ca3d541a94046fdaea882a1c627_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:a07c342c2e0cb85ab07527dd943cabfaac076ca3d541a94046fdaea882a1c627_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:cfec93f99516e4d29a0e3f4096a8063bce44f585b654582a189d41771cbd3f88_arm64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:cfec93f99516e4d29a0e3f4096a8063bce44f585b654582a189d41771cbd3f88_arm64"
},
"product_reference": "openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:cfec93f99516e4d29a0e3f4096a8063bce44f585b654582a189d41771cbd3f88_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:de6ec17ca6e1e523a0def395050a67592748b152af19ce957ffa992fd872124d_amd64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:de6ec17ca6e1e523a0def395050a67592748b152af19ce957ffa992fd872124d_amd64"
},
"product_reference": "openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:de6ec17ca6e1e523a0def395050a67592748b152af19ce957ffa992fd872124d_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26c4927f2c88031e4607387679416592eaf74466493a0421294b6e00a256add2_arm64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26c4927f2c88031e4607387679416592eaf74466493a0421294b6e00a256add2_arm64"
},
"product_reference": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26c4927f2c88031e4607387679416592eaf74466493a0421294b6e00a256add2_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:31f797b35537f16b4da2dabcc6fa8403540f2fa4fd2fb4756cc761db7d835eae_ppc64le as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:31f797b35537f16b4da2dabcc6fa8403540f2fa4fd2fb4756cc761db7d835eae_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:31f797b35537f16b4da2dabcc6fa8403540f2fa4fd2fb4756cc761db7d835eae_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:6966da8cb3686cd191d60224d93f74b5dfcfba4ccb398e5801614dd7d36f9c58_s390x as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:6966da8cb3686cd191d60224d93f74b5dfcfba4ccb398e5801614dd7d36f9c58_s390x"
},
"product_reference": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:6966da8cb3686cd191d60224d93f74b5dfcfba4ccb398e5801614dd7d36f9c58_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:f7716e6bc3ce510d9c59818b189127b746ee9756c47e84b0005af0142c733279_amd64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:f7716e6bc3ce510d9c59818b189127b746ee9756c47e84b0005af0142c733279_amd64"
},
"product_reference": "openshift-pipelines/pipelines-results-watcher-rhel8@sha256:f7716e6bc3ce510d9c59818b189127b746ee9756c47e84b0005af0142c733279_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-rhel8-operator@sha256:819208b38462cb051ad4c758fe4abb083284969f9f31810d3ddaed0db03e5a18_arm64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:819208b38462cb051ad4c758fe4abb083284969f9f31810d3ddaed0db03e5a18_arm64"
},
"product_reference": "openshift-pipelines/pipelines-rhel8-operator@sha256:819208b38462cb051ad4c758fe4abb083284969f9f31810d3ddaed0db03e5a18_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-rhel8-operator@sha256:aeb87311c1172e40165244e95f2a844f7079c39a65ac5edf23d1be31493193b9_ppc64le as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:aeb87311c1172e40165244e95f2a844f7079c39a65ac5edf23d1be31493193b9_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-rhel8-operator@sha256:aeb87311c1172e40165244e95f2a844f7079c39a65ac5edf23d1be31493193b9_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-rhel8-operator@sha256:bfe8d2e997c20941c14a88bc7b9ed630bbbfd639f094c651e63726dbfe432d53_s390x as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:bfe8d2e997c20941c14a88bc7b9ed630bbbfd639f094c651e63726dbfe432d53_s390x"
},
"product_reference": "openshift-pipelines/pipelines-rhel8-operator@sha256:bfe8d2e997c20941c14a88bc7b9ed630bbbfd639f094c651e63726dbfe432d53_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-rhel8-operator@sha256:d477979961e8bc28199454312d5147eb837fb17a193d3ea3f356fc6eb1881fa6_amd64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:d477979961e8bc28199454312d5147eb837fb17a193d3ea3f356fc6eb1881fa6_amd64"
},
"product_reference": "openshift-pipelines/pipelines-rhel8-operator@sha256:d477979961e8bc28199454312d5147eb837fb17a193d3ea3f356fc6eb1881fa6_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:17ae245d343ebf0387352486690a78d351e66c9c4927f4b652173d70f6edf879_s390x as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:17ae245d343ebf0387352486690a78d351e66c9c4927f4b652173d70f6edf879_s390x"
},
"product_reference": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:17ae245d343ebf0387352486690a78d351e66c9c4927f4b652173d70f6edf879_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:4d0584573dc88a4432e95ecd2e64dd92c1fc1c5a945939b47f0874a8704bd353_arm64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:4d0584573dc88a4432e95ecd2e64dd92c1fc1c5a945939b47f0874a8704bd353_arm64"
},
"product_reference": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:4d0584573dc88a4432e95ecd2e64dd92c1fc1c5a945939b47f0874a8704bd353_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:d0923360f8d0b918fe45fd89a0bccfb5066daa40a898aee8e5848cbfbab3a168_amd64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:d0923360f8d0b918fe45fd89a0bccfb5066daa40a898aee8e5848cbfbab3a168_amd64"
},
"product_reference": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:d0923360f8d0b918fe45fd89a0bccfb5066daa40a898aee8e5848cbfbab3a168_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:e79452acf8d3b269fbdc6e958cc0689afc7cedb90d871df1728f391bd4be2931_ppc64le as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:e79452acf8d3b269fbdc6e958cc0689afc7cedb90d871df1728f391bd4be2931_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:e79452acf8d3b269fbdc6e958cc0689afc7cedb90d871df1728f391bd4be2931_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:1b59e9e1281f15ac2c571b4b3accd841864161f23afb493cb8fee427b5e2a04f_s390x as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:1b59e9e1281f15ac2c571b4b3accd841864161f23afb493cb8fee427b5e2a04f_s390x"
},
"product_reference": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:1b59e9e1281f15ac2c571b4b3accd841864161f23afb493cb8fee427b5e2a04f_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f9fa2c6058da4836d92fea2405296de1ed900179a60fd07ed14b9ae1705fdea_amd64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f9fa2c6058da4836d92fea2405296de1ed900179a60fd07ed14b9ae1705fdea_amd64"
},
"product_reference": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f9fa2c6058da4836d92fea2405296de1ed900179a60fd07ed14b9ae1705fdea_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:5bb94a87c3ac594474f1190bb157c8e6a79be4f73515d29b60b005a208c83543_arm64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:5bb94a87c3ac594474f1190bb157c8e6a79be4f73515d29b60b005a208c83543_arm64"
},
"product_reference": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:5bb94a87c3ac594474f1190bb157c8e6a79be4f73515d29b60b005a208c83543_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ec72a0e8654072f757fd9a1ca5385428d08cfd024e7bf59c59d78e5df3dce053_ppc64le as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ec72a0e8654072f757fd9a1ca5385428d08cfd024e7bf59c59d78e5df3dce053_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ec72a0e8654072f757fd9a1ca5385428d08cfd024e7bf59c59d78e5df3dce053_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:1629e75e8d18e5af47c71f6d156496a0ea9addeb476de6e79deb8ace47281e22_amd64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:1629e75e8d18e5af47c71f6d156496a0ea9addeb476de6e79deb8ace47281e22_amd64"
},
"product_reference": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:1629e75e8d18e5af47c71f6d156496a0ea9addeb476de6e79deb8ace47281e22_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:20ed8c365c2a3b3015b695c56eb091c9edfa1997e505694e19befbf96ab54417_arm64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:20ed8c365c2a3b3015b695c56eb091c9edfa1997e505694e19befbf96ab54417_arm64"
},
"product_reference": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:20ed8c365c2a3b3015b695c56eb091c9edfa1997e505694e19befbf96ab54417_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:27913ab5c9182e3345ddd4b2515fb80b94748d8b36b4902bdef0efd840e14604_s390x as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:27913ab5c9182e3345ddd4b2515fb80b94748d8b36b4902bdef0efd840e14604_s390x"
},
"product_reference": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:27913ab5c9182e3345ddd4b2515fb80b94748d8b36b4902bdef0efd840e14604_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:731a38900bff389d0c3ff45d2b2326e390c40d09ad2bec0fa78b7fa4bd4dedf7_ppc64le as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:731a38900bff389d0c3ff45d2b2326e390c40d09ad2bec0fa78b7fa4bd4dedf7_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:731a38900bff389d0c3ff45d2b2326e390c40d09ad2bec0fa78b7fa4bd4dedf7_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:0f610489ea55b796b0973d3b80878975a542b61c63b7a0848bbca256fe60bf30_arm64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:0f610489ea55b796b0973d3b80878975a542b61c63b7a0848bbca256fe60bf30_arm64"
},
"product_reference": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:0f610489ea55b796b0973d3b80878975a542b61c63b7a0848bbca256fe60bf30_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:2804679d3b6cc59d33e0ada55aab9689bf97f73d89b63f9f155eb62bb2f22ebf_ppc64le as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:2804679d3b6cc59d33e0ada55aab9689bf97f73d89b63f9f155eb62bb2f22ebf_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:2804679d3b6cc59d33e0ada55aab9689bf97f73d89b63f9f155eb62bb2f22ebf_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:b9a1f7c7625bfbf00137ad61d9995f3530fc8a513558370b4b7a3e37b22fc9c0_s390x as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:b9a1f7c7625bfbf00137ad61d9995f3530fc8a513558370b4b7a3e37b22fc9c0_s390x"
},
"product_reference": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:b9a1f7c7625bfbf00137ad61d9995f3530fc8a513558370b4b7a3e37b22fc9c0_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:c677f6574fd701f9dfce7cd73e939525a4c62c92868323f7876296865ff1ebe2_amd64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:c677f6574fd701f9dfce7cd73e939525a4c62c92868323f7876296865ff1ebe2_amd64"
},
"product_reference": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:c677f6574fd701f9dfce7cd73e939525a4c62c92868323f7876296865ff1ebe2_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:38d1eb001acb51af95e7f4a1878ae55818b1b9863a94c8e4b03e88ea4db2c5a0_s390x as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:38d1eb001acb51af95e7f4a1878ae55818b1b9863a94c8e4b03e88ea4db2c5a0_s390x"
},
"product_reference": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:38d1eb001acb51af95e7f4a1878ae55818b1b9863a94c8e4b03e88ea4db2c5a0_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54b01953ef2fe569136c577c4387eb405d246c452c35130063e810995ca1ff2f_amd64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54b01953ef2fe569136c577c4387eb405d246c452c35130063e810995ca1ff2f_amd64"
},
"product_reference": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54b01953ef2fe569136c577c4387eb405d246c452c35130063e810995ca1ff2f_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54e88e3d33688d3b36cc8fb93db865fd788fe1e8f2ae7300e6c3d4afd08fd7f0_arm64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54e88e3d33688d3b36cc8fb93db865fd788fe1e8f2ae7300e6c3d4afd08fd7f0_arm64"
},
"product_reference": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54e88e3d33688d3b36cc8fb93db865fd788fe1e8f2ae7300e6c3d4afd08fd7f0_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:86c090b24787fd0ffd1a17317743dcda4c7a5f37e62bc4772b1db7d71b547ff8_ppc64le as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:86c090b24787fd0ffd1a17317743dcda4c7a5f37e62bc4772b1db7d71b547ff8_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:86c090b24787fd0ffd1a17317743dcda4c7a5f37e62bc4772b1db7d71b547ff8_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-webhook-rhel8@sha256:6182fc24309fa292404727e561a89ecc62a3e317874964e4c94b0ec1bc5088c3_arm64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:6182fc24309fa292404727e561a89ecc62a3e317874964e4c94b0ec1bc5088c3_arm64"
},
"product_reference": "openshift-pipelines/pipelines-webhook-rhel8@sha256:6182fc24309fa292404727e561a89ecc62a3e317874964e4c94b0ec1bc5088c3_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-webhook-rhel8@sha256:7f49ad936046118702cef20ae073ede28c5ba8578f90cd70804942bd5c211c03_amd64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:7f49ad936046118702cef20ae073ede28c5ba8578f90cd70804942bd5c211c03_amd64"
},
"product_reference": "openshift-pipelines/pipelines-webhook-rhel8@sha256:7f49ad936046118702cef20ae073ede28c5ba8578f90cd70804942bd5c211c03_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-webhook-rhel8@sha256:8eae4223d0f3f5439f3e0618eff6110eef4e4eb2f61df47c09ef2e4979086658_s390x as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:8eae4223d0f3f5439f3e0618eff6110eef4e4eb2f61df47c09ef2e4979086658_s390x"
},
"product_reference": "openshift-pipelines/pipelines-webhook-rhel8@sha256:8eae4223d0f3f5439f3e0618eff6110eef4e4eb2f61df47c09ef2e4979086658_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-webhook-rhel8@sha256:ea12410a2594e802d0c3a39b2353ffd79e1ea04aa4d128dc191502326ca33bb5_ppc64le as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:ea12410a2594e802d0c3a39b2353ffd79e1ea04aa4d128dc191502326ca33bb5_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-webhook-rhel8@sha256:ea12410a2594e802d0c3a39b2353ffd79e1ea04aa4d128dc191502326ca33bb5_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:41312496ceeeb4d588f5cf67fd0bcfbebd819b9035315685ca6e66bf2f22c4d9_ppc64le as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:41312496ceeeb4d588f5cf67fd0bcfbebd819b9035315685ca6e66bf2f22c4d9_ppc64le"
},
"product_reference": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:41312496ceeeb4d588f5cf67fd0bcfbebd819b9035315685ca6e66bf2f22c4d9_ppc64le",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:9bebc321f3a61a497f1e7b7543a49f5a679fec7c98326754dd85c2a27506fef6_s390x as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:9bebc321f3a61a497f1e7b7543a49f5a679fec7c98326754dd85c2a27506fef6_s390x"
},
"product_reference": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:9bebc321f3a61a497f1e7b7543a49f5a679fec7c98326754dd85c2a27506fef6_s390x",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:c2fb5eb246becd8037834ee5a0e39f4e023767be59655771a545d9d7105e11cd_amd64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:c2fb5eb246becd8037834ee5a0e39f4e023767be59655771a545d9d7105e11cd_amd64"
},
"product_reference": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:c2fb5eb246becd8037834ee5a0e39f4e023767be59655771a545d9d7105e11cd_amd64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:ee5529540a69ba43ea5c8fe703228242f1b36736cb3f99c4a0650cd9b6e91d29_arm64 as a component of OpenShift Pipelines version 1.16 for RHEL 8",
"product_id": "8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:ee5529540a69ba43ea5c8fe703228242f1b36736cb3f99c4a0650cd9b6e91d29_arm64"
},
"product_reference": "openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:ee5529540a69ba43ea5c8fe703228242f1b36736cb3f99c4a0650cd9b6e91d29_arm64",
"relates_to_product_reference": "8Base-PIPELINES-1.16"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-28863",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2293200"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in ISAACS\u0027s node-tar, where it is vulnerable to a denial of service, caused by the lack of folder count validation. The vulnerability exists due to the application not properly controlling the consumption of internal resources while parsing a tar file. By sending a specially crafted request, a remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-tar: denial of service while parsing a tar file due to lack of folders depth validation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:6b3e1fb2d534596e811290912f44adc7e802f0b9221fdf99c040804741be51f4_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:97f4b5fe34f39729a6e5b0dae6992788e707e400bf5e0c7f6ef9e0a1751ffd81_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:abb7268ee2ce62b94b4dba0fc65207bcc7ac64338b10d15ccc57a0b077c56d5e_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d0e21023ff258a92b2b899089ac8245f6a7aaedf72596dd952bc6bc2072f07eb_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:5fcd0a7266ebb30fcb6522de7d46185f3c4effcf7aed2bdff9133180d8092e81_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:a9308b73e38d1784e7e0e85530494811a3a936581b0b15406a831cbca6b51d4d_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:d740f317b2fd15a7fdb8b5461bc3ee13d8eed50c29536fe4217b89340103f07f_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:ec8e4322d9d75fbaf2bbdf87d80f890af7e59b111a03138e2ea9e8e21a9841fc_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:458ff95d3645b3904d6ff93b5a2da1759a27e9d0d775c8adf598ab6886eba175_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:5cc1a8b7a7d6af4681e93dbcf378bc0b1cac853aa37172dd2e64950e33b0d390_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:6730b6c5d63b9fbd7e10150fcc5e62c0145320a949f0dda56ae0864561651729_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:ed1ecc41d06d040907ac59e0c39ddd6429770cba6628fb532228f3b1b4b1233d_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:5da6397f22e3ebd8a8d363f39d8cba2fdf15b13a2f8955488ac2b047a2ee3b90_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:93e0a7bcbef2432c645a0f7295035776950ff2018452b6a63bdd3af9312746c3_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a0c347a5c888baedebaa32eecf9cf6f625fcf37ade2f42702ff6bbfb306e68f8_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a1e781866d3c356f38e89a3937d6b96a3c15b7b880f1a5c35fe7e106f81213fe_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:43dc6d413eab18ba5fa27c8acbbc437dbb21294b47be41cb4e77bfa49ee6776e_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:60c70453cdda43c61fe75aac3e95ffde9b1c8cc06dae9749017020586dc334ef_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:72c17887a35bc880045ea9ef7d2fcdf5fda106f563853102582661698d71af74_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:c77bfce0abaac800970937b5348cf16b631a101f6e96c743d5782f6b420d191a_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:3dd3c388b1acf33c0d651b32bc0510395926e5e5444f6c3fd2e72c4ac00cb64d_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:72d9112a32a3e0598883a679cd2937fee73dffd502ddb2e44350e7e6625175e7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:81994abd500fe05fa9ebc1bb6ccfde573ca1e2acafa3a943f31dc2a5dc5599fd_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:acc4cacbb79098e2430a51abec6667bcd401591b9d8c250978328360e947caec_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:4f8fe30627b138387849db8b9e027c6600b4d8e8a9fb60898dd087ac04a3fd10_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:5fc0894cf8677cf0b4540dd45001085a1c6283666757196191311276ff1f52f7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:bc596235b5108185241212de4315eb2fd1d520586041704fe6ea0f0556682f9c_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:d1ef4d43c288a2e2be270932d8bee2ebabe08d1c05eaedf408e8d3f08bc37d3d_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:38df2ee7b5531f7d2539a9b43cb4dee79c9afc3c47a9acd7a53352381bc77e0c_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:9eeb9e5ad290a62fd14bbe09d9214a123a3eb790f05b80a6bb94c7e9f55ec865_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:bee7a94b145bb0ef379093ccfa0eb0305b849c38d3974a0e45a32f8df7e0ed25_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:dd34a7c660015f0b0e85cf29bf768b873c8ffd10b4f30551dd4b761d6e2f93b6_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4fa64c0356d5de6ba506f6e5fe0af5112a071407f7882a4b69624d77e20014f5_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:6827a3aaadf146c58909950974c674e8ada6b408ce5055d146ba9cc504a3d38a_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:81170bd47e3f6d2ff25a1862e59c6b115858aa77254fe938034651e41d063f7e_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:b694393f429516351f376b8083d292f47ed203c147d6c80d2368543c95ea8169_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:2bbbef20cf7cd9e25fdf2c85f8ee0d85456ecea9f6fe63e316e82d6aa458fd65_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:331d6aa12b6dbe31110d4df4167150dc113b5915be1ffbbd8b606070c487b5ad_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:940208d4dd7b2d9700afde7071d4a17a428c1986b25294e4795f15ff90155cfb_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:99d598d0da818321501ab77ffd36dfb56af3ce815cd16c99bfe66fcc6be2bac6_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:63abdb4c0068a84e59a3317ecff1357f022d2666e6471d2ebd54a877c528ea3a_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:b9be5c3803e158f1fc6f9c2ddc0a1dc23a9d58a44ba9a3d70c869482af3f339a_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:d85da0482a93a9ee65d55ae033f61e26fb9a6b8ce8f7c855bbd670c69ad20fa2_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:e1d319b4eba5225519607ad30ee4dd56756ab5e76c403f1dcc8b98b0ab6cb416_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:21fe3eae3fc1fe8c338d41746943152c972087c5bba0f8af1445af1d77ce27fb_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:5e5f0d91736d097226d32257d77e8efeffb52e6e0616c52d93ac066d7fbe3b03_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:8700e66a3fcd395fe9b7a6e1171568356edcc022d9ff721f995f40a78f320ca8_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:c47d0280add20fe510e2c74334b905363b16b04491198af0fe8ca54ff063929e_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:321705a23de2319617f327718c625682d0a9ca7499f056c2d0d1e2239a7533da_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:9db5800892c9c9d70a73ed369832711be57d34fb9deb801537d50df9bf1741d0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:a46b7990c0ad07dae78f43334c9bd5e6cba7b50ca60d3f880099b71e77bed214_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:be660e120bdda9b702ba6367c75c6eefa6c89ae6adfd7bd703bda0778b5c1060_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:089e54bad6d4cf04a40bef07321331364335e9b94f2895799dc20cc3b1d15b4f_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:6b79cc81807a4ba2eb1170d4c4341d4b3ec92b4e94c5de9837596bb082cc5628_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:799e7cb98798ab5c91f87dcce0817a3af253b038aeafd76eaf480f29e9009c92_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:d01bf0b31ad411e386a095817cd4b903613bfd2325040e91b92021b30be64c75_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:14ebd0e2b72184fd3cd064d464a66ff63dde432e4ec3297ab159ee46aa566da1_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:53ee7c53f046aeec9dc6250b776b5655758fe9d7b8028c43e36de2b82c7db4a5_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a1301dad903784986ba1940a67ef6cc5f6b9f2864fb290ac7a8f785a5d7ffb30_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a410ab1652167801e86452e024b30f9e3910a277c83a2111fac67fa4c05a8260_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:29f6ea3c582bb0a38e00988b1dcfff1a11697f2975454761812de03074855a77_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:42c8035b31fe78ed39d7fc4fcd344f02318ac3fa11b9bfa136412f44fd30c448_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:8e38fd058d78053b1a0dbe2bfb24e0dbef332e6fe1a53fef20d23c832088e20c_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:9da79600ffaf0fb23cd1222f3fb6de88e7c4d245b6cafc60a2806b8c5db66ac8_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:57a58a355f9f9cac3fcad5c30b6580cd445b5da23674895724308ce37609d245_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:6ab6080fe409b7a365d73923e4d5f3ec3e98a5a20dd7497be1d8dae78fec1532_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:832dc5f1fb97dcdd6b4d4734a3bdc922292807d555ea3c46b551440b82b3b024_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:d67ae06f23f7325531799ccef39d69c2967d0dae7bf7be560e65b02f0e1632a0_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:035e9b78ad832f30f15d9b75f7ae2faf220fe7d54b0cafcb184e242f77148a7b_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:074a8a5f28c8518daee6887b783046a0895ed65ddef29f1332f66598011695c1_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:1526233c99e74ac377c7c4c0b632a3755e468c9566b868330860ecf7bebac73c_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:bfbbccf02f9dbcbb0504188ba88605391e5e1ff5f09a8ba254867f74cf2385ff_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:4358bd5264994f7e2fefce583da0714fb9d4fb085eb1ab51b8309f0d94b9f153_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:a07c342c2e0cb85ab07527dd943cabfaac076ca3d541a94046fdaea882a1c627_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:cfec93f99516e4d29a0e3f4096a8063bce44f585b654582a189d41771cbd3f88_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:de6ec17ca6e1e523a0def395050a67592748b152af19ce957ffa992fd872124d_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26c4927f2c88031e4607387679416592eaf74466493a0421294b6e00a256add2_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:31f797b35537f16b4da2dabcc6fa8403540f2fa4fd2fb4756cc761db7d835eae_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:6966da8cb3686cd191d60224d93f74b5dfcfba4ccb398e5801614dd7d36f9c58_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:f7716e6bc3ce510d9c59818b189127b746ee9756c47e84b0005af0142c733279_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:819208b38462cb051ad4c758fe4abb083284969f9f31810d3ddaed0db03e5a18_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:aeb87311c1172e40165244e95f2a844f7079c39a65ac5edf23d1be31493193b9_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:bfe8d2e997c20941c14a88bc7b9ed630bbbfd639f094c651e63726dbfe432d53_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:d477979961e8bc28199454312d5147eb837fb17a193d3ea3f356fc6eb1881fa6_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:17ae245d343ebf0387352486690a78d351e66c9c4927f4b652173d70f6edf879_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:4d0584573dc88a4432e95ecd2e64dd92c1fc1c5a945939b47f0874a8704bd353_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:d0923360f8d0b918fe45fd89a0bccfb5066daa40a898aee8e5848cbfbab3a168_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:e79452acf8d3b269fbdc6e958cc0689afc7cedb90d871df1728f391bd4be2931_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:1b59e9e1281f15ac2c571b4b3accd841864161f23afb493cb8fee427b5e2a04f_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f9fa2c6058da4836d92fea2405296de1ed900179a60fd07ed14b9ae1705fdea_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:5bb94a87c3ac594474f1190bb157c8e6a79be4f73515d29b60b005a208c83543_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ec72a0e8654072f757fd9a1ca5385428d08cfd024e7bf59c59d78e5df3dce053_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:1629e75e8d18e5af47c71f6d156496a0ea9addeb476de6e79deb8ace47281e22_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:20ed8c365c2a3b3015b695c56eb091c9edfa1997e505694e19befbf96ab54417_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:27913ab5c9182e3345ddd4b2515fb80b94748d8b36b4902bdef0efd840e14604_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:731a38900bff389d0c3ff45d2b2326e390c40d09ad2bec0fa78b7fa4bd4dedf7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:0f610489ea55b796b0973d3b80878975a542b61c63b7a0848bbca256fe60bf30_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:2804679d3b6cc59d33e0ada55aab9689bf97f73d89b63f9f155eb62bb2f22ebf_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:b9a1f7c7625bfbf00137ad61d9995f3530fc8a513558370b4b7a3e37b22fc9c0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:c677f6574fd701f9dfce7cd73e939525a4c62c92868323f7876296865ff1ebe2_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:38d1eb001acb51af95e7f4a1878ae55818b1b9863a94c8e4b03e88ea4db2c5a0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54b01953ef2fe569136c577c4387eb405d246c452c35130063e810995ca1ff2f_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54e88e3d33688d3b36cc8fb93db865fd788fe1e8f2ae7300e6c3d4afd08fd7f0_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:86c090b24787fd0ffd1a17317743dcda4c7a5f37e62bc4772b1db7d71b547ff8_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:6182fc24309fa292404727e561a89ecc62a3e317874964e4c94b0ec1bc5088c3_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:7f49ad936046118702cef20ae073ede28c5ba8578f90cd70804942bd5c211c03_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:8eae4223d0f3f5439f3e0618eff6110eef4e4eb2f61df47c09ef2e4979086658_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:ea12410a2594e802d0c3a39b2353ffd79e1ea04aa4d128dc191502326ca33bb5_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:41312496ceeeb4d588f5cf67fd0bcfbebd819b9035315685ca6e66bf2f22c4d9_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:9bebc321f3a61a497f1e7b7543a49f5a679fec7c98326754dd85c2a27506fef6_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:c2fb5eb246becd8037834ee5a0e39f4e023767be59655771a545d9d7105e11cd_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:ee5529540a69ba43ea5c8fe703228242f1b36736cb3f99c4a0650cd9b6e91d29_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-28863"
},
{
"category": "external",
"summary": "RHBZ#2293200",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293200"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-28863",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28863"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-28863",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28863"
},
{
"category": "external",
"summary": "https://github.com/isaacs/node-tar/security/advisories/GHSA-f5x3-32g6-xq36",
"url": "https://github.com/isaacs/node-tar/security/advisories/GHSA-f5x3-32g6-xq36"
},
{
"category": "external",
"summary": "https://security.netapp.com/advisory/ntap-20240524-0005/",
"url": "https://security.netapp.com/advisory/ntap-20240524-0005/"
}
],
"release_date": "2024-03-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-09T14:44:53+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:6b3e1fb2d534596e811290912f44adc7e802f0b9221fdf99c040804741be51f4_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:97f4b5fe34f39729a6e5b0dae6992788e707e400bf5e0c7f6ef9e0a1751ffd81_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:abb7268ee2ce62b94b4dba0fc65207bcc7ac64338b10d15ccc57a0b077c56d5e_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d0e21023ff258a92b2b899089ac8245f6a7aaedf72596dd952bc6bc2072f07eb_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:5fcd0a7266ebb30fcb6522de7d46185f3c4effcf7aed2bdff9133180d8092e81_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:a9308b73e38d1784e7e0e85530494811a3a936581b0b15406a831cbca6b51d4d_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:d740f317b2fd15a7fdb8b5461bc3ee13d8eed50c29536fe4217b89340103f07f_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:ec8e4322d9d75fbaf2bbdf87d80f890af7e59b111a03138e2ea9e8e21a9841fc_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:458ff95d3645b3904d6ff93b5a2da1759a27e9d0d775c8adf598ab6886eba175_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:5cc1a8b7a7d6af4681e93dbcf378bc0b1cac853aa37172dd2e64950e33b0d390_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:6730b6c5d63b9fbd7e10150fcc5e62c0145320a949f0dda56ae0864561651729_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:ed1ecc41d06d040907ac59e0c39ddd6429770cba6628fb532228f3b1b4b1233d_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:5da6397f22e3ebd8a8d363f39d8cba2fdf15b13a2f8955488ac2b047a2ee3b90_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:93e0a7bcbef2432c645a0f7295035776950ff2018452b6a63bdd3af9312746c3_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a0c347a5c888baedebaa32eecf9cf6f625fcf37ade2f42702ff6bbfb306e68f8_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a1e781866d3c356f38e89a3937d6b96a3c15b7b880f1a5c35fe7e106f81213fe_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:43dc6d413eab18ba5fa27c8acbbc437dbb21294b47be41cb4e77bfa49ee6776e_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:60c70453cdda43c61fe75aac3e95ffde9b1c8cc06dae9749017020586dc334ef_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:72c17887a35bc880045ea9ef7d2fcdf5fda106f563853102582661698d71af74_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:c77bfce0abaac800970937b5348cf16b631a101f6e96c743d5782f6b420d191a_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:3dd3c388b1acf33c0d651b32bc0510395926e5e5444f6c3fd2e72c4ac00cb64d_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:72d9112a32a3e0598883a679cd2937fee73dffd502ddb2e44350e7e6625175e7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:81994abd500fe05fa9ebc1bb6ccfde573ca1e2acafa3a943f31dc2a5dc5599fd_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:acc4cacbb79098e2430a51abec6667bcd401591b9d8c250978328360e947caec_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:4f8fe30627b138387849db8b9e027c6600b4d8e8a9fb60898dd087ac04a3fd10_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:5fc0894cf8677cf0b4540dd45001085a1c6283666757196191311276ff1f52f7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:bc596235b5108185241212de4315eb2fd1d520586041704fe6ea0f0556682f9c_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:d1ef4d43c288a2e2be270932d8bee2ebabe08d1c05eaedf408e8d3f08bc37d3d_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:38df2ee7b5531f7d2539a9b43cb4dee79c9afc3c47a9acd7a53352381bc77e0c_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:9eeb9e5ad290a62fd14bbe09d9214a123a3eb790f05b80a6bb94c7e9f55ec865_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:bee7a94b145bb0ef379093ccfa0eb0305b849c38d3974a0e45a32f8df7e0ed25_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:dd34a7c660015f0b0e85cf29bf768b873c8ffd10b4f30551dd4b761d6e2f93b6_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4fa64c0356d5de6ba506f6e5fe0af5112a071407f7882a4b69624d77e20014f5_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:6827a3aaadf146c58909950974c674e8ada6b408ce5055d146ba9cc504a3d38a_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:81170bd47e3f6d2ff25a1862e59c6b115858aa77254fe938034651e41d063f7e_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:b694393f429516351f376b8083d292f47ed203c147d6c80d2368543c95ea8169_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:2bbbef20cf7cd9e25fdf2c85f8ee0d85456ecea9f6fe63e316e82d6aa458fd65_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:331d6aa12b6dbe31110d4df4167150dc113b5915be1ffbbd8b606070c487b5ad_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:940208d4dd7b2d9700afde7071d4a17a428c1986b25294e4795f15ff90155cfb_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:99d598d0da818321501ab77ffd36dfb56af3ce815cd16c99bfe66fcc6be2bac6_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:63abdb4c0068a84e59a3317ecff1357f022d2666e6471d2ebd54a877c528ea3a_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:b9be5c3803e158f1fc6f9c2ddc0a1dc23a9d58a44ba9a3d70c869482af3f339a_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:d85da0482a93a9ee65d55ae033f61e26fb9a6b8ce8f7c855bbd670c69ad20fa2_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:e1d319b4eba5225519607ad30ee4dd56756ab5e76c403f1dcc8b98b0ab6cb416_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:21fe3eae3fc1fe8c338d41746943152c972087c5bba0f8af1445af1d77ce27fb_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:5e5f0d91736d097226d32257d77e8efeffb52e6e0616c52d93ac066d7fbe3b03_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:8700e66a3fcd395fe9b7a6e1171568356edcc022d9ff721f995f40a78f320ca8_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:c47d0280add20fe510e2c74334b905363b16b04491198af0fe8ca54ff063929e_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:321705a23de2319617f327718c625682d0a9ca7499f056c2d0d1e2239a7533da_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:9db5800892c9c9d70a73ed369832711be57d34fb9deb801537d50df9bf1741d0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:a46b7990c0ad07dae78f43334c9bd5e6cba7b50ca60d3f880099b71e77bed214_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:be660e120bdda9b702ba6367c75c6eefa6c89ae6adfd7bd703bda0778b5c1060_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:089e54bad6d4cf04a40bef07321331364335e9b94f2895799dc20cc3b1d15b4f_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:6b79cc81807a4ba2eb1170d4c4341d4b3ec92b4e94c5de9837596bb082cc5628_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:799e7cb98798ab5c91f87dcce0817a3af253b038aeafd76eaf480f29e9009c92_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:d01bf0b31ad411e386a095817cd4b903613bfd2325040e91b92021b30be64c75_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:14ebd0e2b72184fd3cd064d464a66ff63dde432e4ec3297ab159ee46aa566da1_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:53ee7c53f046aeec9dc6250b776b5655758fe9d7b8028c43e36de2b82c7db4a5_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a1301dad903784986ba1940a67ef6cc5f6b9f2864fb290ac7a8f785a5d7ffb30_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a410ab1652167801e86452e024b30f9e3910a277c83a2111fac67fa4c05a8260_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:29f6ea3c582bb0a38e00988b1dcfff1a11697f2975454761812de03074855a77_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:42c8035b31fe78ed39d7fc4fcd344f02318ac3fa11b9bfa136412f44fd30c448_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:8e38fd058d78053b1a0dbe2bfb24e0dbef332e6fe1a53fef20d23c832088e20c_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:9da79600ffaf0fb23cd1222f3fb6de88e7c4d245b6cafc60a2806b8c5db66ac8_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:57a58a355f9f9cac3fcad5c30b6580cd445b5da23674895724308ce37609d245_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:6ab6080fe409b7a365d73923e4d5f3ec3e98a5a20dd7497be1d8dae78fec1532_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:832dc5f1fb97dcdd6b4d4734a3bdc922292807d555ea3c46b551440b82b3b024_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:d67ae06f23f7325531799ccef39d69c2967d0dae7bf7be560e65b02f0e1632a0_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:035e9b78ad832f30f15d9b75f7ae2faf220fe7d54b0cafcb184e242f77148a7b_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:074a8a5f28c8518daee6887b783046a0895ed65ddef29f1332f66598011695c1_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:1526233c99e74ac377c7c4c0b632a3755e468c9566b868330860ecf7bebac73c_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:bfbbccf02f9dbcbb0504188ba88605391e5e1ff5f09a8ba254867f74cf2385ff_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:4358bd5264994f7e2fefce583da0714fb9d4fb085eb1ab51b8309f0d94b9f153_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:a07c342c2e0cb85ab07527dd943cabfaac076ca3d541a94046fdaea882a1c627_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:cfec93f99516e4d29a0e3f4096a8063bce44f585b654582a189d41771cbd3f88_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:de6ec17ca6e1e523a0def395050a67592748b152af19ce957ffa992fd872124d_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26c4927f2c88031e4607387679416592eaf74466493a0421294b6e00a256add2_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:31f797b35537f16b4da2dabcc6fa8403540f2fa4fd2fb4756cc761db7d835eae_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:6966da8cb3686cd191d60224d93f74b5dfcfba4ccb398e5801614dd7d36f9c58_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:f7716e6bc3ce510d9c59818b189127b746ee9756c47e84b0005af0142c733279_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:819208b38462cb051ad4c758fe4abb083284969f9f31810d3ddaed0db03e5a18_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:aeb87311c1172e40165244e95f2a844f7079c39a65ac5edf23d1be31493193b9_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:bfe8d2e997c20941c14a88bc7b9ed630bbbfd639f094c651e63726dbfe432d53_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:d477979961e8bc28199454312d5147eb837fb17a193d3ea3f356fc6eb1881fa6_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:17ae245d343ebf0387352486690a78d351e66c9c4927f4b652173d70f6edf879_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:4d0584573dc88a4432e95ecd2e64dd92c1fc1c5a945939b47f0874a8704bd353_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:d0923360f8d0b918fe45fd89a0bccfb5066daa40a898aee8e5848cbfbab3a168_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:e79452acf8d3b269fbdc6e958cc0689afc7cedb90d871df1728f391bd4be2931_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:1b59e9e1281f15ac2c571b4b3accd841864161f23afb493cb8fee427b5e2a04f_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f9fa2c6058da4836d92fea2405296de1ed900179a60fd07ed14b9ae1705fdea_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:5bb94a87c3ac594474f1190bb157c8e6a79be4f73515d29b60b005a208c83543_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ec72a0e8654072f757fd9a1ca5385428d08cfd024e7bf59c59d78e5df3dce053_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:1629e75e8d18e5af47c71f6d156496a0ea9addeb476de6e79deb8ace47281e22_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:20ed8c365c2a3b3015b695c56eb091c9edfa1997e505694e19befbf96ab54417_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:27913ab5c9182e3345ddd4b2515fb80b94748d8b36b4902bdef0efd840e14604_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:731a38900bff389d0c3ff45d2b2326e390c40d09ad2bec0fa78b7fa4bd4dedf7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:0f610489ea55b796b0973d3b80878975a542b61c63b7a0848bbca256fe60bf30_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:2804679d3b6cc59d33e0ada55aab9689bf97f73d89b63f9f155eb62bb2f22ebf_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:b9a1f7c7625bfbf00137ad61d9995f3530fc8a513558370b4b7a3e37b22fc9c0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:c677f6574fd701f9dfce7cd73e939525a4c62c92868323f7876296865ff1ebe2_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:38d1eb001acb51af95e7f4a1878ae55818b1b9863a94c8e4b03e88ea4db2c5a0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54b01953ef2fe569136c577c4387eb405d246c452c35130063e810995ca1ff2f_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54e88e3d33688d3b36cc8fb93db865fd788fe1e8f2ae7300e6c3d4afd08fd7f0_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:86c090b24787fd0ffd1a17317743dcda4c7a5f37e62bc4772b1db7d71b547ff8_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:6182fc24309fa292404727e561a89ecc62a3e317874964e4c94b0ec1bc5088c3_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:7f49ad936046118702cef20ae073ede28c5ba8578f90cd70804942bd5c211c03_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:8eae4223d0f3f5439f3e0618eff6110eef4e4eb2f61df47c09ef2e4979086658_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:ea12410a2594e802d0c3a39b2353ffd79e1ea04aa4d128dc191502326ca33bb5_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:41312496ceeeb4d588f5cf67fd0bcfbebd819b9035315685ca6e66bf2f22c4d9_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:9bebc321f3a61a497f1e7b7543a49f5a679fec7c98326754dd85c2a27506fef6_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:c2fb5eb246becd8037834ee5a0e39f4e023767be59655771a545d9d7105e11cd_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:ee5529540a69ba43ea5c8fe703228242f1b36736cb3f99c4a0650cd9b6e91d29_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHEA-2024:7870"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:6b3e1fb2d534596e811290912f44adc7e802f0b9221fdf99c040804741be51f4_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:97f4b5fe34f39729a6e5b0dae6992788e707e400bf5e0c7f6ef9e0a1751ffd81_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:abb7268ee2ce62b94b4dba0fc65207bcc7ac64338b10d15ccc57a0b077c56d5e_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d0e21023ff258a92b2b899089ac8245f6a7aaedf72596dd952bc6bc2072f07eb_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:5fcd0a7266ebb30fcb6522de7d46185f3c4effcf7aed2bdff9133180d8092e81_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:a9308b73e38d1784e7e0e85530494811a3a936581b0b15406a831cbca6b51d4d_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:d740f317b2fd15a7fdb8b5461bc3ee13d8eed50c29536fe4217b89340103f07f_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:ec8e4322d9d75fbaf2bbdf87d80f890af7e59b111a03138e2ea9e8e21a9841fc_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:458ff95d3645b3904d6ff93b5a2da1759a27e9d0d775c8adf598ab6886eba175_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:5cc1a8b7a7d6af4681e93dbcf378bc0b1cac853aa37172dd2e64950e33b0d390_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:6730b6c5d63b9fbd7e10150fcc5e62c0145320a949f0dda56ae0864561651729_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:ed1ecc41d06d040907ac59e0c39ddd6429770cba6628fb532228f3b1b4b1233d_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:5da6397f22e3ebd8a8d363f39d8cba2fdf15b13a2f8955488ac2b047a2ee3b90_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:93e0a7bcbef2432c645a0f7295035776950ff2018452b6a63bdd3af9312746c3_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a0c347a5c888baedebaa32eecf9cf6f625fcf37ade2f42702ff6bbfb306e68f8_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a1e781866d3c356f38e89a3937d6b96a3c15b7b880f1a5c35fe7e106f81213fe_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:43dc6d413eab18ba5fa27c8acbbc437dbb21294b47be41cb4e77bfa49ee6776e_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:60c70453cdda43c61fe75aac3e95ffde9b1c8cc06dae9749017020586dc334ef_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:72c17887a35bc880045ea9ef7d2fcdf5fda106f563853102582661698d71af74_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:c77bfce0abaac800970937b5348cf16b631a101f6e96c743d5782f6b420d191a_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:3dd3c388b1acf33c0d651b32bc0510395926e5e5444f6c3fd2e72c4ac00cb64d_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:72d9112a32a3e0598883a679cd2937fee73dffd502ddb2e44350e7e6625175e7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:81994abd500fe05fa9ebc1bb6ccfde573ca1e2acafa3a943f31dc2a5dc5599fd_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:acc4cacbb79098e2430a51abec6667bcd401591b9d8c250978328360e947caec_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:4f8fe30627b138387849db8b9e027c6600b4d8e8a9fb60898dd087ac04a3fd10_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:5fc0894cf8677cf0b4540dd45001085a1c6283666757196191311276ff1f52f7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:bc596235b5108185241212de4315eb2fd1d520586041704fe6ea0f0556682f9c_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:d1ef4d43c288a2e2be270932d8bee2ebabe08d1c05eaedf408e8d3f08bc37d3d_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:38df2ee7b5531f7d2539a9b43cb4dee79c9afc3c47a9acd7a53352381bc77e0c_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:9eeb9e5ad290a62fd14bbe09d9214a123a3eb790f05b80a6bb94c7e9f55ec865_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:bee7a94b145bb0ef379093ccfa0eb0305b849c38d3974a0e45a32f8df7e0ed25_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:dd34a7c660015f0b0e85cf29bf768b873c8ffd10b4f30551dd4b761d6e2f93b6_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4fa64c0356d5de6ba506f6e5fe0af5112a071407f7882a4b69624d77e20014f5_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:6827a3aaadf146c58909950974c674e8ada6b408ce5055d146ba9cc504a3d38a_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:81170bd47e3f6d2ff25a1862e59c6b115858aa77254fe938034651e41d063f7e_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:b694393f429516351f376b8083d292f47ed203c147d6c80d2368543c95ea8169_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:2bbbef20cf7cd9e25fdf2c85f8ee0d85456ecea9f6fe63e316e82d6aa458fd65_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:331d6aa12b6dbe31110d4df4167150dc113b5915be1ffbbd8b606070c487b5ad_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:940208d4dd7b2d9700afde7071d4a17a428c1986b25294e4795f15ff90155cfb_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:99d598d0da818321501ab77ffd36dfb56af3ce815cd16c99bfe66fcc6be2bac6_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:63abdb4c0068a84e59a3317ecff1357f022d2666e6471d2ebd54a877c528ea3a_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:b9be5c3803e158f1fc6f9c2ddc0a1dc23a9d58a44ba9a3d70c869482af3f339a_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:d85da0482a93a9ee65d55ae033f61e26fb9a6b8ce8f7c855bbd670c69ad20fa2_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:e1d319b4eba5225519607ad30ee4dd56756ab5e76c403f1dcc8b98b0ab6cb416_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:21fe3eae3fc1fe8c338d41746943152c972087c5bba0f8af1445af1d77ce27fb_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:5e5f0d91736d097226d32257d77e8efeffb52e6e0616c52d93ac066d7fbe3b03_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:8700e66a3fcd395fe9b7a6e1171568356edcc022d9ff721f995f40a78f320ca8_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:c47d0280add20fe510e2c74334b905363b16b04491198af0fe8ca54ff063929e_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:321705a23de2319617f327718c625682d0a9ca7499f056c2d0d1e2239a7533da_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:9db5800892c9c9d70a73ed369832711be57d34fb9deb801537d50df9bf1741d0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:a46b7990c0ad07dae78f43334c9bd5e6cba7b50ca60d3f880099b71e77bed214_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:be660e120bdda9b702ba6367c75c6eefa6c89ae6adfd7bd703bda0778b5c1060_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:089e54bad6d4cf04a40bef07321331364335e9b94f2895799dc20cc3b1d15b4f_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:6b79cc81807a4ba2eb1170d4c4341d4b3ec92b4e94c5de9837596bb082cc5628_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:799e7cb98798ab5c91f87dcce0817a3af253b038aeafd76eaf480f29e9009c92_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:d01bf0b31ad411e386a095817cd4b903613bfd2325040e91b92021b30be64c75_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:14ebd0e2b72184fd3cd064d464a66ff63dde432e4ec3297ab159ee46aa566da1_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:53ee7c53f046aeec9dc6250b776b5655758fe9d7b8028c43e36de2b82c7db4a5_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a1301dad903784986ba1940a67ef6cc5f6b9f2864fb290ac7a8f785a5d7ffb30_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a410ab1652167801e86452e024b30f9e3910a277c83a2111fac67fa4c05a8260_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:29f6ea3c582bb0a38e00988b1dcfff1a11697f2975454761812de03074855a77_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:42c8035b31fe78ed39d7fc4fcd344f02318ac3fa11b9bfa136412f44fd30c448_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:8e38fd058d78053b1a0dbe2bfb24e0dbef332e6fe1a53fef20d23c832088e20c_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:9da79600ffaf0fb23cd1222f3fb6de88e7c4d245b6cafc60a2806b8c5db66ac8_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:57a58a355f9f9cac3fcad5c30b6580cd445b5da23674895724308ce37609d245_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:6ab6080fe409b7a365d73923e4d5f3ec3e98a5a20dd7497be1d8dae78fec1532_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:832dc5f1fb97dcdd6b4d4734a3bdc922292807d555ea3c46b551440b82b3b024_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:d67ae06f23f7325531799ccef39d69c2967d0dae7bf7be560e65b02f0e1632a0_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:035e9b78ad832f30f15d9b75f7ae2faf220fe7d54b0cafcb184e242f77148a7b_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:074a8a5f28c8518daee6887b783046a0895ed65ddef29f1332f66598011695c1_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:1526233c99e74ac377c7c4c0b632a3755e468c9566b868330860ecf7bebac73c_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:bfbbccf02f9dbcbb0504188ba88605391e5e1ff5f09a8ba254867f74cf2385ff_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:4358bd5264994f7e2fefce583da0714fb9d4fb085eb1ab51b8309f0d94b9f153_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:a07c342c2e0cb85ab07527dd943cabfaac076ca3d541a94046fdaea882a1c627_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:cfec93f99516e4d29a0e3f4096a8063bce44f585b654582a189d41771cbd3f88_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:de6ec17ca6e1e523a0def395050a67592748b152af19ce957ffa992fd872124d_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26c4927f2c88031e4607387679416592eaf74466493a0421294b6e00a256add2_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:31f797b35537f16b4da2dabcc6fa8403540f2fa4fd2fb4756cc761db7d835eae_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:6966da8cb3686cd191d60224d93f74b5dfcfba4ccb398e5801614dd7d36f9c58_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:f7716e6bc3ce510d9c59818b189127b746ee9756c47e84b0005af0142c733279_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:819208b38462cb051ad4c758fe4abb083284969f9f31810d3ddaed0db03e5a18_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:aeb87311c1172e40165244e95f2a844f7079c39a65ac5edf23d1be31493193b9_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:bfe8d2e997c20941c14a88bc7b9ed630bbbfd639f094c651e63726dbfe432d53_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:d477979961e8bc28199454312d5147eb837fb17a193d3ea3f356fc6eb1881fa6_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:17ae245d343ebf0387352486690a78d351e66c9c4927f4b652173d70f6edf879_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:4d0584573dc88a4432e95ecd2e64dd92c1fc1c5a945939b47f0874a8704bd353_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:d0923360f8d0b918fe45fd89a0bccfb5066daa40a898aee8e5848cbfbab3a168_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:e79452acf8d3b269fbdc6e958cc0689afc7cedb90d871df1728f391bd4be2931_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:1b59e9e1281f15ac2c571b4b3accd841864161f23afb493cb8fee427b5e2a04f_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f9fa2c6058da4836d92fea2405296de1ed900179a60fd07ed14b9ae1705fdea_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:5bb94a87c3ac594474f1190bb157c8e6a79be4f73515d29b60b005a208c83543_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ec72a0e8654072f757fd9a1ca5385428d08cfd024e7bf59c59d78e5df3dce053_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:1629e75e8d18e5af47c71f6d156496a0ea9addeb476de6e79deb8ace47281e22_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:20ed8c365c2a3b3015b695c56eb091c9edfa1997e505694e19befbf96ab54417_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:27913ab5c9182e3345ddd4b2515fb80b94748d8b36b4902bdef0efd840e14604_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:731a38900bff389d0c3ff45d2b2326e390c40d09ad2bec0fa78b7fa4bd4dedf7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:0f610489ea55b796b0973d3b80878975a542b61c63b7a0848bbca256fe60bf30_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:2804679d3b6cc59d33e0ada55aab9689bf97f73d89b63f9f155eb62bb2f22ebf_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:b9a1f7c7625bfbf00137ad61d9995f3530fc8a513558370b4b7a3e37b22fc9c0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:c677f6574fd701f9dfce7cd73e939525a4c62c92868323f7876296865ff1ebe2_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:38d1eb001acb51af95e7f4a1878ae55818b1b9863a94c8e4b03e88ea4db2c5a0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54b01953ef2fe569136c577c4387eb405d246c452c35130063e810995ca1ff2f_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54e88e3d33688d3b36cc8fb93db865fd788fe1e8f2ae7300e6c3d4afd08fd7f0_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:86c090b24787fd0ffd1a17317743dcda4c7a5f37e62bc4772b1db7d71b547ff8_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:6182fc24309fa292404727e561a89ecc62a3e317874964e4c94b0ec1bc5088c3_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:7f49ad936046118702cef20ae073ede28c5ba8578f90cd70804942bd5c211c03_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:8eae4223d0f3f5439f3e0618eff6110eef4e4eb2f61df47c09ef2e4979086658_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:ea12410a2594e802d0c3a39b2353ffd79e1ea04aa4d128dc191502326ca33bb5_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:41312496ceeeb4d588f5cf67fd0bcfbebd819b9035315685ca6e66bf2f22c4d9_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:9bebc321f3a61a497f1e7b7543a49f5a679fec7c98326754dd85c2a27506fef6_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:c2fb5eb246becd8037834ee5a0e39f4e023767be59655771a545d9d7105e11cd_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:ee5529540a69ba43ea5c8fe703228242f1b36736cb3f99c4a0650cd9b6e91d29_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "node-tar: denial of service while parsing a tar file due to lack of folders depth validation"
},
{
"cve": "CVE-2024-29041",
"cwe": {
"id": "CWE-601",
"name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
},
"discovery_date": "2024-06-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2290901"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Express.js minimalist web framework for node. Upstream versions of Express.js before 4.19.0 and all pre-release alpha and beta versions of 5.0 are affected by an open redirect vulnerability using malformed URLs. When a user of Express performs a redirect using a user-provided URL, Express performs an encode [using `encodeurl`](https://github.com/pillarjs/encodeurl) on the contents before passing it to the `location` header. This issue can cause malformed URLs to be evaluated in unexpected ways by common redirect allow list implementations in Express applications, leading to an Open Redirect via bypass of a properly implemented allow list. The main method impacted is `res.location()`, but this is also called from within `res.redirect()`. The vulnerability is fixed in upstream version 4.19.2 and 5.0.0-beta.3.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "express: cause malformed URLs to be evaluated",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Fuse 7 only uses express as part of build time development dependency, it is not part of the final product delivery.\n\nUpstream versions should not be relied upon for ultimate determination of affectedness. Red Hat might backport fixes from upstream versions on a case by case basis.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:6b3e1fb2d534596e811290912f44adc7e802f0b9221fdf99c040804741be51f4_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:97f4b5fe34f39729a6e5b0dae6992788e707e400bf5e0c7f6ef9e0a1751ffd81_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:abb7268ee2ce62b94b4dba0fc65207bcc7ac64338b10d15ccc57a0b077c56d5e_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d0e21023ff258a92b2b899089ac8245f6a7aaedf72596dd952bc6bc2072f07eb_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:5fcd0a7266ebb30fcb6522de7d46185f3c4effcf7aed2bdff9133180d8092e81_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:a9308b73e38d1784e7e0e85530494811a3a936581b0b15406a831cbca6b51d4d_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:d740f317b2fd15a7fdb8b5461bc3ee13d8eed50c29536fe4217b89340103f07f_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:ec8e4322d9d75fbaf2bbdf87d80f890af7e59b111a03138e2ea9e8e21a9841fc_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:458ff95d3645b3904d6ff93b5a2da1759a27e9d0d775c8adf598ab6886eba175_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:5cc1a8b7a7d6af4681e93dbcf378bc0b1cac853aa37172dd2e64950e33b0d390_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:6730b6c5d63b9fbd7e10150fcc5e62c0145320a949f0dda56ae0864561651729_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:ed1ecc41d06d040907ac59e0c39ddd6429770cba6628fb532228f3b1b4b1233d_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:5da6397f22e3ebd8a8d363f39d8cba2fdf15b13a2f8955488ac2b047a2ee3b90_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:93e0a7bcbef2432c645a0f7295035776950ff2018452b6a63bdd3af9312746c3_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a0c347a5c888baedebaa32eecf9cf6f625fcf37ade2f42702ff6bbfb306e68f8_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a1e781866d3c356f38e89a3937d6b96a3c15b7b880f1a5c35fe7e106f81213fe_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:43dc6d413eab18ba5fa27c8acbbc437dbb21294b47be41cb4e77bfa49ee6776e_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:60c70453cdda43c61fe75aac3e95ffde9b1c8cc06dae9749017020586dc334ef_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:72c17887a35bc880045ea9ef7d2fcdf5fda106f563853102582661698d71af74_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:c77bfce0abaac800970937b5348cf16b631a101f6e96c743d5782f6b420d191a_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:3dd3c388b1acf33c0d651b32bc0510395926e5e5444f6c3fd2e72c4ac00cb64d_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:72d9112a32a3e0598883a679cd2937fee73dffd502ddb2e44350e7e6625175e7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:81994abd500fe05fa9ebc1bb6ccfde573ca1e2acafa3a943f31dc2a5dc5599fd_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:acc4cacbb79098e2430a51abec6667bcd401591b9d8c250978328360e947caec_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:4f8fe30627b138387849db8b9e027c6600b4d8e8a9fb60898dd087ac04a3fd10_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:5fc0894cf8677cf0b4540dd45001085a1c6283666757196191311276ff1f52f7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:bc596235b5108185241212de4315eb2fd1d520586041704fe6ea0f0556682f9c_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:d1ef4d43c288a2e2be270932d8bee2ebabe08d1c05eaedf408e8d3f08bc37d3d_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:38df2ee7b5531f7d2539a9b43cb4dee79c9afc3c47a9acd7a53352381bc77e0c_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:9eeb9e5ad290a62fd14bbe09d9214a123a3eb790f05b80a6bb94c7e9f55ec865_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:bee7a94b145bb0ef379093ccfa0eb0305b849c38d3974a0e45a32f8df7e0ed25_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:dd34a7c660015f0b0e85cf29bf768b873c8ffd10b4f30551dd4b761d6e2f93b6_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4fa64c0356d5de6ba506f6e5fe0af5112a071407f7882a4b69624d77e20014f5_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:6827a3aaadf146c58909950974c674e8ada6b408ce5055d146ba9cc504a3d38a_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:81170bd47e3f6d2ff25a1862e59c6b115858aa77254fe938034651e41d063f7e_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:b694393f429516351f376b8083d292f47ed203c147d6c80d2368543c95ea8169_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:2bbbef20cf7cd9e25fdf2c85f8ee0d85456ecea9f6fe63e316e82d6aa458fd65_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:331d6aa12b6dbe31110d4df4167150dc113b5915be1ffbbd8b606070c487b5ad_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:940208d4dd7b2d9700afde7071d4a17a428c1986b25294e4795f15ff90155cfb_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:99d598d0da818321501ab77ffd36dfb56af3ce815cd16c99bfe66fcc6be2bac6_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:63abdb4c0068a84e59a3317ecff1357f022d2666e6471d2ebd54a877c528ea3a_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:b9be5c3803e158f1fc6f9c2ddc0a1dc23a9d58a44ba9a3d70c869482af3f339a_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:d85da0482a93a9ee65d55ae033f61e26fb9a6b8ce8f7c855bbd670c69ad20fa2_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:e1d319b4eba5225519607ad30ee4dd56756ab5e76c403f1dcc8b98b0ab6cb416_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:21fe3eae3fc1fe8c338d41746943152c972087c5bba0f8af1445af1d77ce27fb_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:5e5f0d91736d097226d32257d77e8efeffb52e6e0616c52d93ac066d7fbe3b03_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:8700e66a3fcd395fe9b7a6e1171568356edcc022d9ff721f995f40a78f320ca8_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:c47d0280add20fe510e2c74334b905363b16b04491198af0fe8ca54ff063929e_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:321705a23de2319617f327718c625682d0a9ca7499f056c2d0d1e2239a7533da_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:9db5800892c9c9d70a73ed369832711be57d34fb9deb801537d50df9bf1741d0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:a46b7990c0ad07dae78f43334c9bd5e6cba7b50ca60d3f880099b71e77bed214_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:be660e120bdda9b702ba6367c75c6eefa6c89ae6adfd7bd703bda0778b5c1060_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:089e54bad6d4cf04a40bef07321331364335e9b94f2895799dc20cc3b1d15b4f_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:6b79cc81807a4ba2eb1170d4c4341d4b3ec92b4e94c5de9837596bb082cc5628_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:799e7cb98798ab5c91f87dcce0817a3af253b038aeafd76eaf480f29e9009c92_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:d01bf0b31ad411e386a095817cd4b903613bfd2325040e91b92021b30be64c75_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:14ebd0e2b72184fd3cd064d464a66ff63dde432e4ec3297ab159ee46aa566da1_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:53ee7c53f046aeec9dc6250b776b5655758fe9d7b8028c43e36de2b82c7db4a5_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a1301dad903784986ba1940a67ef6cc5f6b9f2864fb290ac7a8f785a5d7ffb30_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a410ab1652167801e86452e024b30f9e3910a277c83a2111fac67fa4c05a8260_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:29f6ea3c582bb0a38e00988b1dcfff1a11697f2975454761812de03074855a77_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:42c8035b31fe78ed39d7fc4fcd344f02318ac3fa11b9bfa136412f44fd30c448_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:8e38fd058d78053b1a0dbe2bfb24e0dbef332e6fe1a53fef20d23c832088e20c_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:9da79600ffaf0fb23cd1222f3fb6de88e7c4d245b6cafc60a2806b8c5db66ac8_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:57a58a355f9f9cac3fcad5c30b6580cd445b5da23674895724308ce37609d245_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:6ab6080fe409b7a365d73923e4d5f3ec3e98a5a20dd7497be1d8dae78fec1532_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:832dc5f1fb97dcdd6b4d4734a3bdc922292807d555ea3c46b551440b82b3b024_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:d67ae06f23f7325531799ccef39d69c2967d0dae7bf7be560e65b02f0e1632a0_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:035e9b78ad832f30f15d9b75f7ae2faf220fe7d54b0cafcb184e242f77148a7b_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:074a8a5f28c8518daee6887b783046a0895ed65ddef29f1332f66598011695c1_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:1526233c99e74ac377c7c4c0b632a3755e468c9566b868330860ecf7bebac73c_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:bfbbccf02f9dbcbb0504188ba88605391e5e1ff5f09a8ba254867f74cf2385ff_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:4358bd5264994f7e2fefce583da0714fb9d4fb085eb1ab51b8309f0d94b9f153_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:a07c342c2e0cb85ab07527dd943cabfaac076ca3d541a94046fdaea882a1c627_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:cfec93f99516e4d29a0e3f4096a8063bce44f585b654582a189d41771cbd3f88_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:de6ec17ca6e1e523a0def395050a67592748b152af19ce957ffa992fd872124d_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26c4927f2c88031e4607387679416592eaf74466493a0421294b6e00a256add2_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:31f797b35537f16b4da2dabcc6fa8403540f2fa4fd2fb4756cc761db7d835eae_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:6966da8cb3686cd191d60224d93f74b5dfcfba4ccb398e5801614dd7d36f9c58_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:f7716e6bc3ce510d9c59818b189127b746ee9756c47e84b0005af0142c733279_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:819208b38462cb051ad4c758fe4abb083284969f9f31810d3ddaed0db03e5a18_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:aeb87311c1172e40165244e95f2a844f7079c39a65ac5edf23d1be31493193b9_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:bfe8d2e997c20941c14a88bc7b9ed630bbbfd639f094c651e63726dbfe432d53_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:d477979961e8bc28199454312d5147eb837fb17a193d3ea3f356fc6eb1881fa6_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:17ae245d343ebf0387352486690a78d351e66c9c4927f4b652173d70f6edf879_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:4d0584573dc88a4432e95ecd2e64dd92c1fc1c5a945939b47f0874a8704bd353_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:d0923360f8d0b918fe45fd89a0bccfb5066daa40a898aee8e5848cbfbab3a168_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:e79452acf8d3b269fbdc6e958cc0689afc7cedb90d871df1728f391bd4be2931_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:1b59e9e1281f15ac2c571b4b3accd841864161f23afb493cb8fee427b5e2a04f_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f9fa2c6058da4836d92fea2405296de1ed900179a60fd07ed14b9ae1705fdea_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:5bb94a87c3ac594474f1190bb157c8e6a79be4f73515d29b60b005a208c83543_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ec72a0e8654072f757fd9a1ca5385428d08cfd024e7bf59c59d78e5df3dce053_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:1629e75e8d18e5af47c71f6d156496a0ea9addeb476de6e79deb8ace47281e22_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:20ed8c365c2a3b3015b695c56eb091c9edfa1997e505694e19befbf96ab54417_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:27913ab5c9182e3345ddd4b2515fb80b94748d8b36b4902bdef0efd840e14604_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:731a38900bff389d0c3ff45d2b2326e390c40d09ad2bec0fa78b7fa4bd4dedf7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:0f610489ea55b796b0973d3b80878975a542b61c63b7a0848bbca256fe60bf30_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:2804679d3b6cc59d33e0ada55aab9689bf97f73d89b63f9f155eb62bb2f22ebf_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:b9a1f7c7625bfbf00137ad61d9995f3530fc8a513558370b4b7a3e37b22fc9c0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:c677f6574fd701f9dfce7cd73e939525a4c62c92868323f7876296865ff1ebe2_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:38d1eb001acb51af95e7f4a1878ae55818b1b9863a94c8e4b03e88ea4db2c5a0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54b01953ef2fe569136c577c4387eb405d246c452c35130063e810995ca1ff2f_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54e88e3d33688d3b36cc8fb93db865fd788fe1e8f2ae7300e6c3d4afd08fd7f0_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:86c090b24787fd0ffd1a17317743dcda4c7a5f37e62bc4772b1db7d71b547ff8_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:6182fc24309fa292404727e561a89ecc62a3e317874964e4c94b0ec1bc5088c3_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:7f49ad936046118702cef20ae073ede28c5ba8578f90cd70804942bd5c211c03_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:8eae4223d0f3f5439f3e0618eff6110eef4e4eb2f61df47c09ef2e4979086658_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:ea12410a2594e802d0c3a39b2353ffd79e1ea04aa4d128dc191502326ca33bb5_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:41312496ceeeb4d588f5cf67fd0bcfbebd819b9035315685ca6e66bf2f22c4d9_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:9bebc321f3a61a497f1e7b7543a49f5a679fec7c98326754dd85c2a27506fef6_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:c2fb5eb246becd8037834ee5a0e39f4e023767be59655771a545d9d7105e11cd_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:ee5529540a69ba43ea5c8fe703228242f1b36736cb3f99c4a0650cd9b6e91d29_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-29041"
},
{
"category": "external",
"summary": "RHBZ#2290901",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2290901"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-29041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29041"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29041",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29041"
},
{
"category": "external",
"summary": "https://expressjs.com/en/4x/api.html#res.location",
"url": "https://expressjs.com/en/4x/api.html#res.location"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/commit/0867302ddbde0e9463d0564fea5861feb708c2dd",
"url": "https://github.com/expressjs/express/commit/0867302ddbde0e9463d0564fea5861feb708c2dd"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/commit/0b746953c4bd8e377123527db11f9cd866e39f94",
"url": "https://github.com/expressjs/express/commit/0b746953c4bd8e377123527db11f9cd866e39f94"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/pull/5539",
"url": "https://github.com/expressjs/express/pull/5539"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/security/advisories/GHSA-rv95-896h-c2vc",
"url": "https://github.com/expressjs/express/security/advisories/GHSA-rv95-896h-c2vc"
},
{
"category": "external",
"summary": "https://github.com/koajs/koa/issues/1800",
"url": "https://github.com/koajs/koa/issues/1800"
}
],
"release_date": "2024-03-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-09T14:44:53+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:6b3e1fb2d534596e811290912f44adc7e802f0b9221fdf99c040804741be51f4_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:97f4b5fe34f39729a6e5b0dae6992788e707e400bf5e0c7f6ef9e0a1751ffd81_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:abb7268ee2ce62b94b4dba0fc65207bcc7ac64338b10d15ccc57a0b077c56d5e_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d0e21023ff258a92b2b899089ac8245f6a7aaedf72596dd952bc6bc2072f07eb_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:5fcd0a7266ebb30fcb6522de7d46185f3c4effcf7aed2bdff9133180d8092e81_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:a9308b73e38d1784e7e0e85530494811a3a936581b0b15406a831cbca6b51d4d_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:d740f317b2fd15a7fdb8b5461bc3ee13d8eed50c29536fe4217b89340103f07f_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:ec8e4322d9d75fbaf2bbdf87d80f890af7e59b111a03138e2ea9e8e21a9841fc_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:458ff95d3645b3904d6ff93b5a2da1759a27e9d0d775c8adf598ab6886eba175_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:5cc1a8b7a7d6af4681e93dbcf378bc0b1cac853aa37172dd2e64950e33b0d390_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:6730b6c5d63b9fbd7e10150fcc5e62c0145320a949f0dda56ae0864561651729_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:ed1ecc41d06d040907ac59e0c39ddd6429770cba6628fb532228f3b1b4b1233d_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:5da6397f22e3ebd8a8d363f39d8cba2fdf15b13a2f8955488ac2b047a2ee3b90_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:93e0a7bcbef2432c645a0f7295035776950ff2018452b6a63bdd3af9312746c3_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a0c347a5c888baedebaa32eecf9cf6f625fcf37ade2f42702ff6bbfb306e68f8_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a1e781866d3c356f38e89a3937d6b96a3c15b7b880f1a5c35fe7e106f81213fe_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:43dc6d413eab18ba5fa27c8acbbc437dbb21294b47be41cb4e77bfa49ee6776e_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:60c70453cdda43c61fe75aac3e95ffde9b1c8cc06dae9749017020586dc334ef_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:72c17887a35bc880045ea9ef7d2fcdf5fda106f563853102582661698d71af74_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:c77bfce0abaac800970937b5348cf16b631a101f6e96c743d5782f6b420d191a_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:3dd3c388b1acf33c0d651b32bc0510395926e5e5444f6c3fd2e72c4ac00cb64d_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:72d9112a32a3e0598883a679cd2937fee73dffd502ddb2e44350e7e6625175e7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:81994abd500fe05fa9ebc1bb6ccfde573ca1e2acafa3a943f31dc2a5dc5599fd_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:acc4cacbb79098e2430a51abec6667bcd401591b9d8c250978328360e947caec_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:4f8fe30627b138387849db8b9e027c6600b4d8e8a9fb60898dd087ac04a3fd10_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:5fc0894cf8677cf0b4540dd45001085a1c6283666757196191311276ff1f52f7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:bc596235b5108185241212de4315eb2fd1d520586041704fe6ea0f0556682f9c_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:d1ef4d43c288a2e2be270932d8bee2ebabe08d1c05eaedf408e8d3f08bc37d3d_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:38df2ee7b5531f7d2539a9b43cb4dee79c9afc3c47a9acd7a53352381bc77e0c_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:9eeb9e5ad290a62fd14bbe09d9214a123a3eb790f05b80a6bb94c7e9f55ec865_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:bee7a94b145bb0ef379093ccfa0eb0305b849c38d3974a0e45a32f8df7e0ed25_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:dd34a7c660015f0b0e85cf29bf768b873c8ffd10b4f30551dd4b761d6e2f93b6_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4fa64c0356d5de6ba506f6e5fe0af5112a071407f7882a4b69624d77e20014f5_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:6827a3aaadf146c58909950974c674e8ada6b408ce5055d146ba9cc504a3d38a_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:81170bd47e3f6d2ff25a1862e59c6b115858aa77254fe938034651e41d063f7e_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:b694393f429516351f376b8083d292f47ed203c147d6c80d2368543c95ea8169_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:2bbbef20cf7cd9e25fdf2c85f8ee0d85456ecea9f6fe63e316e82d6aa458fd65_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:331d6aa12b6dbe31110d4df4167150dc113b5915be1ffbbd8b606070c487b5ad_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:940208d4dd7b2d9700afde7071d4a17a428c1986b25294e4795f15ff90155cfb_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:99d598d0da818321501ab77ffd36dfb56af3ce815cd16c99bfe66fcc6be2bac6_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:63abdb4c0068a84e59a3317ecff1357f022d2666e6471d2ebd54a877c528ea3a_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:b9be5c3803e158f1fc6f9c2ddc0a1dc23a9d58a44ba9a3d70c869482af3f339a_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:d85da0482a93a9ee65d55ae033f61e26fb9a6b8ce8f7c855bbd670c69ad20fa2_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:e1d319b4eba5225519607ad30ee4dd56756ab5e76c403f1dcc8b98b0ab6cb416_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:21fe3eae3fc1fe8c338d41746943152c972087c5bba0f8af1445af1d77ce27fb_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:5e5f0d91736d097226d32257d77e8efeffb52e6e0616c52d93ac066d7fbe3b03_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:8700e66a3fcd395fe9b7a6e1171568356edcc022d9ff721f995f40a78f320ca8_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:c47d0280add20fe510e2c74334b905363b16b04491198af0fe8ca54ff063929e_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:321705a23de2319617f327718c625682d0a9ca7499f056c2d0d1e2239a7533da_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:9db5800892c9c9d70a73ed369832711be57d34fb9deb801537d50df9bf1741d0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:a46b7990c0ad07dae78f43334c9bd5e6cba7b50ca60d3f880099b71e77bed214_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:be660e120bdda9b702ba6367c75c6eefa6c89ae6adfd7bd703bda0778b5c1060_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:089e54bad6d4cf04a40bef07321331364335e9b94f2895799dc20cc3b1d15b4f_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:6b79cc81807a4ba2eb1170d4c4341d4b3ec92b4e94c5de9837596bb082cc5628_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:799e7cb98798ab5c91f87dcce0817a3af253b038aeafd76eaf480f29e9009c92_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:d01bf0b31ad411e386a095817cd4b903613bfd2325040e91b92021b30be64c75_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:14ebd0e2b72184fd3cd064d464a66ff63dde432e4ec3297ab159ee46aa566da1_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:53ee7c53f046aeec9dc6250b776b5655758fe9d7b8028c43e36de2b82c7db4a5_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a1301dad903784986ba1940a67ef6cc5f6b9f2864fb290ac7a8f785a5d7ffb30_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a410ab1652167801e86452e024b30f9e3910a277c83a2111fac67fa4c05a8260_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:29f6ea3c582bb0a38e00988b1dcfff1a11697f2975454761812de03074855a77_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:42c8035b31fe78ed39d7fc4fcd344f02318ac3fa11b9bfa136412f44fd30c448_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:8e38fd058d78053b1a0dbe2bfb24e0dbef332e6fe1a53fef20d23c832088e20c_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:9da79600ffaf0fb23cd1222f3fb6de88e7c4d245b6cafc60a2806b8c5db66ac8_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:57a58a355f9f9cac3fcad5c30b6580cd445b5da23674895724308ce37609d245_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:6ab6080fe409b7a365d73923e4d5f3ec3e98a5a20dd7497be1d8dae78fec1532_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:832dc5f1fb97dcdd6b4d4734a3bdc922292807d555ea3c46b551440b82b3b024_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:d67ae06f23f7325531799ccef39d69c2967d0dae7bf7be560e65b02f0e1632a0_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:035e9b78ad832f30f15d9b75f7ae2faf220fe7d54b0cafcb184e242f77148a7b_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:074a8a5f28c8518daee6887b783046a0895ed65ddef29f1332f66598011695c1_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:1526233c99e74ac377c7c4c0b632a3755e468c9566b868330860ecf7bebac73c_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:bfbbccf02f9dbcbb0504188ba88605391e5e1ff5f09a8ba254867f74cf2385ff_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:4358bd5264994f7e2fefce583da0714fb9d4fb085eb1ab51b8309f0d94b9f153_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:a07c342c2e0cb85ab07527dd943cabfaac076ca3d541a94046fdaea882a1c627_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:cfec93f99516e4d29a0e3f4096a8063bce44f585b654582a189d41771cbd3f88_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:de6ec17ca6e1e523a0def395050a67592748b152af19ce957ffa992fd872124d_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26c4927f2c88031e4607387679416592eaf74466493a0421294b6e00a256add2_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:31f797b35537f16b4da2dabcc6fa8403540f2fa4fd2fb4756cc761db7d835eae_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:6966da8cb3686cd191d60224d93f74b5dfcfba4ccb398e5801614dd7d36f9c58_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:f7716e6bc3ce510d9c59818b189127b746ee9756c47e84b0005af0142c733279_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:819208b38462cb051ad4c758fe4abb083284969f9f31810d3ddaed0db03e5a18_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:aeb87311c1172e40165244e95f2a844f7079c39a65ac5edf23d1be31493193b9_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:bfe8d2e997c20941c14a88bc7b9ed630bbbfd639f094c651e63726dbfe432d53_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:d477979961e8bc28199454312d5147eb837fb17a193d3ea3f356fc6eb1881fa6_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:17ae245d343ebf0387352486690a78d351e66c9c4927f4b652173d70f6edf879_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:4d0584573dc88a4432e95ecd2e64dd92c1fc1c5a945939b47f0874a8704bd353_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:d0923360f8d0b918fe45fd89a0bccfb5066daa40a898aee8e5848cbfbab3a168_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:e79452acf8d3b269fbdc6e958cc0689afc7cedb90d871df1728f391bd4be2931_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:1b59e9e1281f15ac2c571b4b3accd841864161f23afb493cb8fee427b5e2a04f_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f9fa2c6058da4836d92fea2405296de1ed900179a60fd07ed14b9ae1705fdea_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:5bb94a87c3ac594474f1190bb157c8e6a79be4f73515d29b60b005a208c83543_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ec72a0e8654072f757fd9a1ca5385428d08cfd024e7bf59c59d78e5df3dce053_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:1629e75e8d18e5af47c71f6d156496a0ea9addeb476de6e79deb8ace47281e22_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:20ed8c365c2a3b3015b695c56eb091c9edfa1997e505694e19befbf96ab54417_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:27913ab5c9182e3345ddd4b2515fb80b94748d8b36b4902bdef0efd840e14604_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:731a38900bff389d0c3ff45d2b2326e390c40d09ad2bec0fa78b7fa4bd4dedf7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:0f610489ea55b796b0973d3b80878975a542b61c63b7a0848bbca256fe60bf30_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:2804679d3b6cc59d33e0ada55aab9689bf97f73d89b63f9f155eb62bb2f22ebf_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:b9a1f7c7625bfbf00137ad61d9995f3530fc8a513558370b4b7a3e37b22fc9c0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:c677f6574fd701f9dfce7cd73e939525a4c62c92868323f7876296865ff1ebe2_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:38d1eb001acb51af95e7f4a1878ae55818b1b9863a94c8e4b03e88ea4db2c5a0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54b01953ef2fe569136c577c4387eb405d246c452c35130063e810995ca1ff2f_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54e88e3d33688d3b36cc8fb93db865fd788fe1e8f2ae7300e6c3d4afd08fd7f0_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:86c090b24787fd0ffd1a17317743dcda4c7a5f37e62bc4772b1db7d71b547ff8_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:6182fc24309fa292404727e561a89ecc62a3e317874964e4c94b0ec1bc5088c3_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:7f49ad936046118702cef20ae073ede28c5ba8578f90cd70804942bd5c211c03_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:8eae4223d0f3f5439f3e0618eff6110eef4e4eb2f61df47c09ef2e4979086658_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:ea12410a2594e802d0c3a39b2353ffd79e1ea04aa4d128dc191502326ca33bb5_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:41312496ceeeb4d588f5cf67fd0bcfbebd819b9035315685ca6e66bf2f22c4d9_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:9bebc321f3a61a497f1e7b7543a49f5a679fec7c98326754dd85c2a27506fef6_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:c2fb5eb246becd8037834ee5a0e39f4e023767be59655771a545d9d7105e11cd_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:ee5529540a69ba43ea5c8fe703228242f1b36736cb3f99c4a0650cd9b6e91d29_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHEA-2024:7870"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:6b3e1fb2d534596e811290912f44adc7e802f0b9221fdf99c040804741be51f4_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:97f4b5fe34f39729a6e5b0dae6992788e707e400bf5e0c7f6ef9e0a1751ffd81_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:abb7268ee2ce62b94b4dba0fc65207bcc7ac64338b10d15ccc57a0b077c56d5e_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d0e21023ff258a92b2b899089ac8245f6a7aaedf72596dd952bc6bc2072f07eb_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:5fcd0a7266ebb30fcb6522de7d46185f3c4effcf7aed2bdff9133180d8092e81_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:a9308b73e38d1784e7e0e85530494811a3a936581b0b15406a831cbca6b51d4d_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:d740f317b2fd15a7fdb8b5461bc3ee13d8eed50c29536fe4217b89340103f07f_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:ec8e4322d9d75fbaf2bbdf87d80f890af7e59b111a03138e2ea9e8e21a9841fc_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:458ff95d3645b3904d6ff93b5a2da1759a27e9d0d775c8adf598ab6886eba175_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:5cc1a8b7a7d6af4681e93dbcf378bc0b1cac853aa37172dd2e64950e33b0d390_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:6730b6c5d63b9fbd7e10150fcc5e62c0145320a949f0dda56ae0864561651729_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:ed1ecc41d06d040907ac59e0c39ddd6429770cba6628fb532228f3b1b4b1233d_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:5da6397f22e3ebd8a8d363f39d8cba2fdf15b13a2f8955488ac2b047a2ee3b90_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:93e0a7bcbef2432c645a0f7295035776950ff2018452b6a63bdd3af9312746c3_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a0c347a5c888baedebaa32eecf9cf6f625fcf37ade2f42702ff6bbfb306e68f8_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a1e781866d3c356f38e89a3937d6b96a3c15b7b880f1a5c35fe7e106f81213fe_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:43dc6d413eab18ba5fa27c8acbbc437dbb21294b47be41cb4e77bfa49ee6776e_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:60c70453cdda43c61fe75aac3e95ffde9b1c8cc06dae9749017020586dc334ef_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:72c17887a35bc880045ea9ef7d2fcdf5fda106f563853102582661698d71af74_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:c77bfce0abaac800970937b5348cf16b631a101f6e96c743d5782f6b420d191a_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:3dd3c388b1acf33c0d651b32bc0510395926e5e5444f6c3fd2e72c4ac00cb64d_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:72d9112a32a3e0598883a679cd2937fee73dffd502ddb2e44350e7e6625175e7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:81994abd500fe05fa9ebc1bb6ccfde573ca1e2acafa3a943f31dc2a5dc5599fd_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:acc4cacbb79098e2430a51abec6667bcd401591b9d8c250978328360e947caec_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:4f8fe30627b138387849db8b9e027c6600b4d8e8a9fb60898dd087ac04a3fd10_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:5fc0894cf8677cf0b4540dd45001085a1c6283666757196191311276ff1f52f7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:bc596235b5108185241212de4315eb2fd1d520586041704fe6ea0f0556682f9c_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:d1ef4d43c288a2e2be270932d8bee2ebabe08d1c05eaedf408e8d3f08bc37d3d_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:38df2ee7b5531f7d2539a9b43cb4dee79c9afc3c47a9acd7a53352381bc77e0c_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:9eeb9e5ad290a62fd14bbe09d9214a123a3eb790f05b80a6bb94c7e9f55ec865_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:bee7a94b145bb0ef379093ccfa0eb0305b849c38d3974a0e45a32f8df7e0ed25_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:dd34a7c660015f0b0e85cf29bf768b873c8ffd10b4f30551dd4b761d6e2f93b6_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4fa64c0356d5de6ba506f6e5fe0af5112a071407f7882a4b69624d77e20014f5_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:6827a3aaadf146c58909950974c674e8ada6b408ce5055d146ba9cc504a3d38a_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:81170bd47e3f6d2ff25a1862e59c6b115858aa77254fe938034651e41d063f7e_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:b694393f429516351f376b8083d292f47ed203c147d6c80d2368543c95ea8169_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:2bbbef20cf7cd9e25fdf2c85f8ee0d85456ecea9f6fe63e316e82d6aa458fd65_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:331d6aa12b6dbe31110d4df4167150dc113b5915be1ffbbd8b606070c487b5ad_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:940208d4dd7b2d9700afde7071d4a17a428c1986b25294e4795f15ff90155cfb_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:99d598d0da818321501ab77ffd36dfb56af3ce815cd16c99bfe66fcc6be2bac6_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:63abdb4c0068a84e59a3317ecff1357f022d2666e6471d2ebd54a877c528ea3a_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:b9be5c3803e158f1fc6f9c2ddc0a1dc23a9d58a44ba9a3d70c869482af3f339a_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:d85da0482a93a9ee65d55ae033f61e26fb9a6b8ce8f7c855bbd670c69ad20fa2_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:e1d319b4eba5225519607ad30ee4dd56756ab5e76c403f1dcc8b98b0ab6cb416_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:21fe3eae3fc1fe8c338d41746943152c972087c5bba0f8af1445af1d77ce27fb_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:5e5f0d91736d097226d32257d77e8efeffb52e6e0616c52d93ac066d7fbe3b03_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:8700e66a3fcd395fe9b7a6e1171568356edcc022d9ff721f995f40a78f320ca8_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:c47d0280add20fe510e2c74334b905363b16b04491198af0fe8ca54ff063929e_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:321705a23de2319617f327718c625682d0a9ca7499f056c2d0d1e2239a7533da_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:9db5800892c9c9d70a73ed369832711be57d34fb9deb801537d50df9bf1741d0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:a46b7990c0ad07dae78f43334c9bd5e6cba7b50ca60d3f880099b71e77bed214_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:be660e120bdda9b702ba6367c75c6eefa6c89ae6adfd7bd703bda0778b5c1060_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:089e54bad6d4cf04a40bef07321331364335e9b94f2895799dc20cc3b1d15b4f_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:6b79cc81807a4ba2eb1170d4c4341d4b3ec92b4e94c5de9837596bb082cc5628_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:799e7cb98798ab5c91f87dcce0817a3af253b038aeafd76eaf480f29e9009c92_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:d01bf0b31ad411e386a095817cd4b903613bfd2325040e91b92021b30be64c75_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:14ebd0e2b72184fd3cd064d464a66ff63dde432e4ec3297ab159ee46aa566da1_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:53ee7c53f046aeec9dc6250b776b5655758fe9d7b8028c43e36de2b82c7db4a5_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a1301dad903784986ba1940a67ef6cc5f6b9f2864fb290ac7a8f785a5d7ffb30_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a410ab1652167801e86452e024b30f9e3910a277c83a2111fac67fa4c05a8260_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:29f6ea3c582bb0a38e00988b1dcfff1a11697f2975454761812de03074855a77_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:42c8035b31fe78ed39d7fc4fcd344f02318ac3fa11b9bfa136412f44fd30c448_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:8e38fd058d78053b1a0dbe2bfb24e0dbef332e6fe1a53fef20d23c832088e20c_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:9da79600ffaf0fb23cd1222f3fb6de88e7c4d245b6cafc60a2806b8c5db66ac8_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:57a58a355f9f9cac3fcad5c30b6580cd445b5da23674895724308ce37609d245_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:6ab6080fe409b7a365d73923e4d5f3ec3e98a5a20dd7497be1d8dae78fec1532_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:832dc5f1fb97dcdd6b4d4734a3bdc922292807d555ea3c46b551440b82b3b024_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:d67ae06f23f7325531799ccef39d69c2967d0dae7bf7be560e65b02f0e1632a0_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:035e9b78ad832f30f15d9b75f7ae2faf220fe7d54b0cafcb184e242f77148a7b_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:074a8a5f28c8518daee6887b783046a0895ed65ddef29f1332f66598011695c1_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:1526233c99e74ac377c7c4c0b632a3755e468c9566b868330860ecf7bebac73c_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:bfbbccf02f9dbcbb0504188ba88605391e5e1ff5f09a8ba254867f74cf2385ff_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:4358bd5264994f7e2fefce583da0714fb9d4fb085eb1ab51b8309f0d94b9f153_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:a07c342c2e0cb85ab07527dd943cabfaac076ca3d541a94046fdaea882a1c627_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:cfec93f99516e4d29a0e3f4096a8063bce44f585b654582a189d41771cbd3f88_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:de6ec17ca6e1e523a0def395050a67592748b152af19ce957ffa992fd872124d_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26c4927f2c88031e4607387679416592eaf74466493a0421294b6e00a256add2_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:31f797b35537f16b4da2dabcc6fa8403540f2fa4fd2fb4756cc761db7d835eae_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:6966da8cb3686cd191d60224d93f74b5dfcfba4ccb398e5801614dd7d36f9c58_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:f7716e6bc3ce510d9c59818b189127b746ee9756c47e84b0005af0142c733279_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:819208b38462cb051ad4c758fe4abb083284969f9f31810d3ddaed0db03e5a18_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:aeb87311c1172e40165244e95f2a844f7079c39a65ac5edf23d1be31493193b9_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:bfe8d2e997c20941c14a88bc7b9ed630bbbfd639f094c651e63726dbfe432d53_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:d477979961e8bc28199454312d5147eb837fb17a193d3ea3f356fc6eb1881fa6_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:17ae245d343ebf0387352486690a78d351e66c9c4927f4b652173d70f6edf879_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:4d0584573dc88a4432e95ecd2e64dd92c1fc1c5a945939b47f0874a8704bd353_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:d0923360f8d0b918fe45fd89a0bccfb5066daa40a898aee8e5848cbfbab3a168_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:e79452acf8d3b269fbdc6e958cc0689afc7cedb90d871df1728f391bd4be2931_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:1b59e9e1281f15ac2c571b4b3accd841864161f23afb493cb8fee427b5e2a04f_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f9fa2c6058da4836d92fea2405296de1ed900179a60fd07ed14b9ae1705fdea_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:5bb94a87c3ac594474f1190bb157c8e6a79be4f73515d29b60b005a208c83543_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ec72a0e8654072f757fd9a1ca5385428d08cfd024e7bf59c59d78e5df3dce053_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:1629e75e8d18e5af47c71f6d156496a0ea9addeb476de6e79deb8ace47281e22_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:20ed8c365c2a3b3015b695c56eb091c9edfa1997e505694e19befbf96ab54417_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:27913ab5c9182e3345ddd4b2515fb80b94748d8b36b4902bdef0efd840e14604_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:731a38900bff389d0c3ff45d2b2326e390c40d09ad2bec0fa78b7fa4bd4dedf7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:0f610489ea55b796b0973d3b80878975a542b61c63b7a0848bbca256fe60bf30_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:2804679d3b6cc59d33e0ada55aab9689bf97f73d89b63f9f155eb62bb2f22ebf_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:b9a1f7c7625bfbf00137ad61d9995f3530fc8a513558370b4b7a3e37b22fc9c0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:c677f6574fd701f9dfce7cd73e939525a4c62c92868323f7876296865ff1ebe2_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:38d1eb001acb51af95e7f4a1878ae55818b1b9863a94c8e4b03e88ea4db2c5a0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54b01953ef2fe569136c577c4387eb405d246c452c35130063e810995ca1ff2f_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54e88e3d33688d3b36cc8fb93db865fd788fe1e8f2ae7300e6c3d4afd08fd7f0_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:86c090b24787fd0ffd1a17317743dcda4c7a5f37e62bc4772b1db7d71b547ff8_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:6182fc24309fa292404727e561a89ecc62a3e317874964e4c94b0ec1bc5088c3_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:7f49ad936046118702cef20ae073ede28c5ba8578f90cd70804942bd5c211c03_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:8eae4223d0f3f5439f3e0618eff6110eef4e4eb2f61df47c09ef2e4979086658_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:ea12410a2594e802d0c3a39b2353ffd79e1ea04aa4d128dc191502326ca33bb5_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:41312496ceeeb4d588f5cf67fd0bcfbebd819b9035315685ca6e66bf2f22c4d9_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:9bebc321f3a61a497f1e7b7543a49f5a679fec7c98326754dd85c2a27506fef6_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:c2fb5eb246becd8037834ee5a0e39f4e023767be59655771a545d9d7105e11cd_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:ee5529540a69ba43ea5c8fe703228242f1b36736cb3f99c4a0650cd9b6e91d29_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:6b3e1fb2d534596e811290912f44adc7e802f0b9221fdf99c040804741be51f4_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:97f4b5fe34f39729a6e5b0dae6992788e707e400bf5e0c7f6ef9e0a1751ffd81_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:abb7268ee2ce62b94b4dba0fc65207bcc7ac64338b10d15ccc57a0b077c56d5e_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d0e21023ff258a92b2b899089ac8245f6a7aaedf72596dd952bc6bc2072f07eb_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:5fcd0a7266ebb30fcb6522de7d46185f3c4effcf7aed2bdff9133180d8092e81_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:a9308b73e38d1784e7e0e85530494811a3a936581b0b15406a831cbca6b51d4d_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:d740f317b2fd15a7fdb8b5461bc3ee13d8eed50c29536fe4217b89340103f07f_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:ec8e4322d9d75fbaf2bbdf87d80f890af7e59b111a03138e2ea9e8e21a9841fc_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:458ff95d3645b3904d6ff93b5a2da1759a27e9d0d775c8adf598ab6886eba175_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:5cc1a8b7a7d6af4681e93dbcf378bc0b1cac853aa37172dd2e64950e33b0d390_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:6730b6c5d63b9fbd7e10150fcc5e62c0145320a949f0dda56ae0864561651729_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:ed1ecc41d06d040907ac59e0c39ddd6429770cba6628fb532228f3b1b4b1233d_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:5da6397f22e3ebd8a8d363f39d8cba2fdf15b13a2f8955488ac2b047a2ee3b90_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:93e0a7bcbef2432c645a0f7295035776950ff2018452b6a63bdd3af9312746c3_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a0c347a5c888baedebaa32eecf9cf6f625fcf37ade2f42702ff6bbfb306e68f8_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a1e781866d3c356f38e89a3937d6b96a3c15b7b880f1a5c35fe7e106f81213fe_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:43dc6d413eab18ba5fa27c8acbbc437dbb21294b47be41cb4e77bfa49ee6776e_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:60c70453cdda43c61fe75aac3e95ffde9b1c8cc06dae9749017020586dc334ef_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:72c17887a35bc880045ea9ef7d2fcdf5fda106f563853102582661698d71af74_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:c77bfce0abaac800970937b5348cf16b631a101f6e96c743d5782f6b420d191a_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:3dd3c388b1acf33c0d651b32bc0510395926e5e5444f6c3fd2e72c4ac00cb64d_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:72d9112a32a3e0598883a679cd2937fee73dffd502ddb2e44350e7e6625175e7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:81994abd500fe05fa9ebc1bb6ccfde573ca1e2acafa3a943f31dc2a5dc5599fd_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:acc4cacbb79098e2430a51abec6667bcd401591b9d8c250978328360e947caec_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:4f8fe30627b138387849db8b9e027c6600b4d8e8a9fb60898dd087ac04a3fd10_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:5fc0894cf8677cf0b4540dd45001085a1c6283666757196191311276ff1f52f7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:bc596235b5108185241212de4315eb2fd1d520586041704fe6ea0f0556682f9c_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:d1ef4d43c288a2e2be270932d8bee2ebabe08d1c05eaedf408e8d3f08bc37d3d_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:38df2ee7b5531f7d2539a9b43cb4dee79c9afc3c47a9acd7a53352381bc77e0c_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:9eeb9e5ad290a62fd14bbe09d9214a123a3eb790f05b80a6bb94c7e9f55ec865_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:bee7a94b145bb0ef379093ccfa0eb0305b849c38d3974a0e45a32f8df7e0ed25_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:dd34a7c660015f0b0e85cf29bf768b873c8ffd10b4f30551dd4b761d6e2f93b6_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4fa64c0356d5de6ba506f6e5fe0af5112a071407f7882a4b69624d77e20014f5_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:6827a3aaadf146c58909950974c674e8ada6b408ce5055d146ba9cc504a3d38a_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:81170bd47e3f6d2ff25a1862e59c6b115858aa77254fe938034651e41d063f7e_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:b694393f429516351f376b8083d292f47ed203c147d6c80d2368543c95ea8169_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:2bbbef20cf7cd9e25fdf2c85f8ee0d85456ecea9f6fe63e316e82d6aa458fd65_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:331d6aa12b6dbe31110d4df4167150dc113b5915be1ffbbd8b606070c487b5ad_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:940208d4dd7b2d9700afde7071d4a17a428c1986b25294e4795f15ff90155cfb_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:99d598d0da818321501ab77ffd36dfb56af3ce815cd16c99bfe66fcc6be2bac6_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:63abdb4c0068a84e59a3317ecff1357f022d2666e6471d2ebd54a877c528ea3a_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:b9be5c3803e158f1fc6f9c2ddc0a1dc23a9d58a44ba9a3d70c869482af3f339a_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:d85da0482a93a9ee65d55ae033f61e26fb9a6b8ce8f7c855bbd670c69ad20fa2_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:e1d319b4eba5225519607ad30ee4dd56756ab5e76c403f1dcc8b98b0ab6cb416_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:21fe3eae3fc1fe8c338d41746943152c972087c5bba0f8af1445af1d77ce27fb_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:5e5f0d91736d097226d32257d77e8efeffb52e6e0616c52d93ac066d7fbe3b03_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:8700e66a3fcd395fe9b7a6e1171568356edcc022d9ff721f995f40a78f320ca8_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:c47d0280add20fe510e2c74334b905363b16b04491198af0fe8ca54ff063929e_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:321705a23de2319617f327718c625682d0a9ca7499f056c2d0d1e2239a7533da_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:9db5800892c9c9d70a73ed369832711be57d34fb9deb801537d50df9bf1741d0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:a46b7990c0ad07dae78f43334c9bd5e6cba7b50ca60d3f880099b71e77bed214_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:be660e120bdda9b702ba6367c75c6eefa6c89ae6adfd7bd703bda0778b5c1060_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:089e54bad6d4cf04a40bef07321331364335e9b94f2895799dc20cc3b1d15b4f_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:6b79cc81807a4ba2eb1170d4c4341d4b3ec92b4e94c5de9837596bb082cc5628_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:799e7cb98798ab5c91f87dcce0817a3af253b038aeafd76eaf480f29e9009c92_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:d01bf0b31ad411e386a095817cd4b903613bfd2325040e91b92021b30be64c75_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:14ebd0e2b72184fd3cd064d464a66ff63dde432e4ec3297ab159ee46aa566da1_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:53ee7c53f046aeec9dc6250b776b5655758fe9d7b8028c43e36de2b82c7db4a5_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a1301dad903784986ba1940a67ef6cc5f6b9f2864fb290ac7a8f785a5d7ffb30_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a410ab1652167801e86452e024b30f9e3910a277c83a2111fac67fa4c05a8260_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:29f6ea3c582bb0a38e00988b1dcfff1a11697f2975454761812de03074855a77_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:42c8035b31fe78ed39d7fc4fcd344f02318ac3fa11b9bfa136412f44fd30c448_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:8e38fd058d78053b1a0dbe2bfb24e0dbef332e6fe1a53fef20d23c832088e20c_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:9da79600ffaf0fb23cd1222f3fb6de88e7c4d245b6cafc60a2806b8c5db66ac8_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:57a58a355f9f9cac3fcad5c30b6580cd445b5da23674895724308ce37609d245_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:6ab6080fe409b7a365d73923e4d5f3ec3e98a5a20dd7497be1d8dae78fec1532_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:832dc5f1fb97dcdd6b4d4734a3bdc922292807d555ea3c46b551440b82b3b024_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:d67ae06f23f7325531799ccef39d69c2967d0dae7bf7be560e65b02f0e1632a0_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:035e9b78ad832f30f15d9b75f7ae2faf220fe7d54b0cafcb184e242f77148a7b_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:074a8a5f28c8518daee6887b783046a0895ed65ddef29f1332f66598011695c1_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:1526233c99e74ac377c7c4c0b632a3755e468c9566b868330860ecf7bebac73c_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:bfbbccf02f9dbcbb0504188ba88605391e5e1ff5f09a8ba254867f74cf2385ff_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:4358bd5264994f7e2fefce583da0714fb9d4fb085eb1ab51b8309f0d94b9f153_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:a07c342c2e0cb85ab07527dd943cabfaac076ca3d541a94046fdaea882a1c627_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:cfec93f99516e4d29a0e3f4096a8063bce44f585b654582a189d41771cbd3f88_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:de6ec17ca6e1e523a0def395050a67592748b152af19ce957ffa992fd872124d_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26c4927f2c88031e4607387679416592eaf74466493a0421294b6e00a256add2_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:31f797b35537f16b4da2dabcc6fa8403540f2fa4fd2fb4756cc761db7d835eae_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:6966da8cb3686cd191d60224d93f74b5dfcfba4ccb398e5801614dd7d36f9c58_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:f7716e6bc3ce510d9c59818b189127b746ee9756c47e84b0005af0142c733279_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:819208b38462cb051ad4c758fe4abb083284969f9f31810d3ddaed0db03e5a18_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:aeb87311c1172e40165244e95f2a844f7079c39a65ac5edf23d1be31493193b9_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:bfe8d2e997c20941c14a88bc7b9ed630bbbfd639f094c651e63726dbfe432d53_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:d477979961e8bc28199454312d5147eb837fb17a193d3ea3f356fc6eb1881fa6_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:17ae245d343ebf0387352486690a78d351e66c9c4927f4b652173d70f6edf879_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:4d0584573dc88a4432e95ecd2e64dd92c1fc1c5a945939b47f0874a8704bd353_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:d0923360f8d0b918fe45fd89a0bccfb5066daa40a898aee8e5848cbfbab3a168_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:e79452acf8d3b269fbdc6e958cc0689afc7cedb90d871df1728f391bd4be2931_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:1b59e9e1281f15ac2c571b4b3accd841864161f23afb493cb8fee427b5e2a04f_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f9fa2c6058da4836d92fea2405296de1ed900179a60fd07ed14b9ae1705fdea_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:5bb94a87c3ac594474f1190bb157c8e6a79be4f73515d29b60b005a208c83543_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ec72a0e8654072f757fd9a1ca5385428d08cfd024e7bf59c59d78e5df3dce053_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:1629e75e8d18e5af47c71f6d156496a0ea9addeb476de6e79deb8ace47281e22_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:20ed8c365c2a3b3015b695c56eb091c9edfa1997e505694e19befbf96ab54417_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:27913ab5c9182e3345ddd4b2515fb80b94748d8b36b4902bdef0efd840e14604_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:731a38900bff389d0c3ff45d2b2326e390c40d09ad2bec0fa78b7fa4bd4dedf7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:0f610489ea55b796b0973d3b80878975a542b61c63b7a0848bbca256fe60bf30_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:2804679d3b6cc59d33e0ada55aab9689bf97f73d89b63f9f155eb62bb2f22ebf_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:b9a1f7c7625bfbf00137ad61d9995f3530fc8a513558370b4b7a3e37b22fc9c0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:c677f6574fd701f9dfce7cd73e939525a4c62c92868323f7876296865ff1ebe2_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:38d1eb001acb51af95e7f4a1878ae55818b1b9863a94c8e4b03e88ea4db2c5a0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54b01953ef2fe569136c577c4387eb405d246c452c35130063e810995ca1ff2f_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54e88e3d33688d3b36cc8fb93db865fd788fe1e8f2ae7300e6c3d4afd08fd7f0_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:86c090b24787fd0ffd1a17317743dcda4c7a5f37e62bc4772b1db7d71b547ff8_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:6182fc24309fa292404727e561a89ecc62a3e317874964e4c94b0ec1bc5088c3_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:7f49ad936046118702cef20ae073ede28c5ba8578f90cd70804942bd5c211c03_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:8eae4223d0f3f5439f3e0618eff6110eef4e4eb2f61df47c09ef2e4979086658_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:ea12410a2594e802d0c3a39b2353ffd79e1ea04aa4d128dc191502326ca33bb5_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:41312496ceeeb4d588f5cf67fd0bcfbebd819b9035315685ca6e66bf2f22c4d9_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:9bebc321f3a61a497f1e7b7543a49f5a679fec7c98326754dd85c2a27506fef6_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:c2fb5eb246becd8037834ee5a0e39f4e023767be59655771a545d9d7105e11cd_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:ee5529540a69ba43ea5c8fe703228242f1b36736cb3f99c4a0650cd9b6e91d29_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "express: cause malformed URLs to be evaluated"
},
{
"cve": "CVE-2024-29180",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2024-03-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2270863"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the webpack-dev-middleware package, where it failed to validate the supplied URL address sufficiently before returning local files. This flaw allows an attacker to craft URLs to return arbitrary local files from the developer\u0027s machine. The lack of normalization before calling the middleware also allows the attacker to perform path traversal attacks on the target environment.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webpack-dev-middleware: lack of URL validation may lead to file leak",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability in webpack-dev represents a important security issue due to its potential to expose sensitive files and compromise developer machines. By failing to validate URLs and normalize paths effectively, the middleware allows attackers to craft malicious requests that can retrieve arbitrary local files or perform unauthorized path traversal. This could lead to unauthorized access to confidential information, including source code, configuration files, and even system-level files. Given the widespread use of webpack-dev-middleware in web development environments, addressing this vulnerability promptly is important to prevent serious data breaches and protect the integrity of development processes.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:6b3e1fb2d534596e811290912f44adc7e802f0b9221fdf99c040804741be51f4_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:97f4b5fe34f39729a6e5b0dae6992788e707e400bf5e0c7f6ef9e0a1751ffd81_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:abb7268ee2ce62b94b4dba0fc65207bcc7ac64338b10d15ccc57a0b077c56d5e_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d0e21023ff258a92b2b899089ac8245f6a7aaedf72596dd952bc6bc2072f07eb_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:5fcd0a7266ebb30fcb6522de7d46185f3c4effcf7aed2bdff9133180d8092e81_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:a9308b73e38d1784e7e0e85530494811a3a936581b0b15406a831cbca6b51d4d_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:d740f317b2fd15a7fdb8b5461bc3ee13d8eed50c29536fe4217b89340103f07f_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:ec8e4322d9d75fbaf2bbdf87d80f890af7e59b111a03138e2ea9e8e21a9841fc_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:458ff95d3645b3904d6ff93b5a2da1759a27e9d0d775c8adf598ab6886eba175_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:5cc1a8b7a7d6af4681e93dbcf378bc0b1cac853aa37172dd2e64950e33b0d390_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:6730b6c5d63b9fbd7e10150fcc5e62c0145320a949f0dda56ae0864561651729_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:ed1ecc41d06d040907ac59e0c39ddd6429770cba6628fb532228f3b1b4b1233d_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:5da6397f22e3ebd8a8d363f39d8cba2fdf15b13a2f8955488ac2b047a2ee3b90_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:93e0a7bcbef2432c645a0f7295035776950ff2018452b6a63bdd3af9312746c3_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a0c347a5c888baedebaa32eecf9cf6f625fcf37ade2f42702ff6bbfb306e68f8_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a1e781866d3c356f38e89a3937d6b96a3c15b7b880f1a5c35fe7e106f81213fe_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:43dc6d413eab18ba5fa27c8acbbc437dbb21294b47be41cb4e77bfa49ee6776e_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:60c70453cdda43c61fe75aac3e95ffde9b1c8cc06dae9749017020586dc334ef_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:72c17887a35bc880045ea9ef7d2fcdf5fda106f563853102582661698d71af74_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:c77bfce0abaac800970937b5348cf16b631a101f6e96c743d5782f6b420d191a_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:3dd3c388b1acf33c0d651b32bc0510395926e5e5444f6c3fd2e72c4ac00cb64d_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:72d9112a32a3e0598883a679cd2937fee73dffd502ddb2e44350e7e6625175e7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:81994abd500fe05fa9ebc1bb6ccfde573ca1e2acafa3a943f31dc2a5dc5599fd_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:acc4cacbb79098e2430a51abec6667bcd401591b9d8c250978328360e947caec_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:4f8fe30627b138387849db8b9e027c6600b4d8e8a9fb60898dd087ac04a3fd10_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:5fc0894cf8677cf0b4540dd45001085a1c6283666757196191311276ff1f52f7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:bc596235b5108185241212de4315eb2fd1d520586041704fe6ea0f0556682f9c_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:d1ef4d43c288a2e2be270932d8bee2ebabe08d1c05eaedf408e8d3f08bc37d3d_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:38df2ee7b5531f7d2539a9b43cb4dee79c9afc3c47a9acd7a53352381bc77e0c_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:9eeb9e5ad290a62fd14bbe09d9214a123a3eb790f05b80a6bb94c7e9f55ec865_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:bee7a94b145bb0ef379093ccfa0eb0305b849c38d3974a0e45a32f8df7e0ed25_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:dd34a7c660015f0b0e85cf29bf768b873c8ffd10b4f30551dd4b761d6e2f93b6_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4fa64c0356d5de6ba506f6e5fe0af5112a071407f7882a4b69624d77e20014f5_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:6827a3aaadf146c58909950974c674e8ada6b408ce5055d146ba9cc504a3d38a_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:81170bd47e3f6d2ff25a1862e59c6b115858aa77254fe938034651e41d063f7e_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:b694393f429516351f376b8083d292f47ed203c147d6c80d2368543c95ea8169_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:2bbbef20cf7cd9e25fdf2c85f8ee0d85456ecea9f6fe63e316e82d6aa458fd65_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:331d6aa12b6dbe31110d4df4167150dc113b5915be1ffbbd8b606070c487b5ad_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:940208d4dd7b2d9700afde7071d4a17a428c1986b25294e4795f15ff90155cfb_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:99d598d0da818321501ab77ffd36dfb56af3ce815cd16c99bfe66fcc6be2bac6_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:63abdb4c0068a84e59a3317ecff1357f022d2666e6471d2ebd54a877c528ea3a_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:b9be5c3803e158f1fc6f9c2ddc0a1dc23a9d58a44ba9a3d70c869482af3f339a_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:d85da0482a93a9ee65d55ae033f61e26fb9a6b8ce8f7c855bbd670c69ad20fa2_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:e1d319b4eba5225519607ad30ee4dd56756ab5e76c403f1dcc8b98b0ab6cb416_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:21fe3eae3fc1fe8c338d41746943152c972087c5bba0f8af1445af1d77ce27fb_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:5e5f0d91736d097226d32257d77e8efeffb52e6e0616c52d93ac066d7fbe3b03_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:8700e66a3fcd395fe9b7a6e1171568356edcc022d9ff721f995f40a78f320ca8_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:c47d0280add20fe510e2c74334b905363b16b04491198af0fe8ca54ff063929e_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:321705a23de2319617f327718c625682d0a9ca7499f056c2d0d1e2239a7533da_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:9db5800892c9c9d70a73ed369832711be57d34fb9deb801537d50df9bf1741d0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:a46b7990c0ad07dae78f43334c9bd5e6cba7b50ca60d3f880099b71e77bed214_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:be660e120bdda9b702ba6367c75c6eefa6c89ae6adfd7bd703bda0778b5c1060_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:089e54bad6d4cf04a40bef07321331364335e9b94f2895799dc20cc3b1d15b4f_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:6b79cc81807a4ba2eb1170d4c4341d4b3ec92b4e94c5de9837596bb082cc5628_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:799e7cb98798ab5c91f87dcce0817a3af253b038aeafd76eaf480f29e9009c92_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:d01bf0b31ad411e386a095817cd4b903613bfd2325040e91b92021b30be64c75_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:14ebd0e2b72184fd3cd064d464a66ff63dde432e4ec3297ab159ee46aa566da1_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:53ee7c53f046aeec9dc6250b776b5655758fe9d7b8028c43e36de2b82c7db4a5_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a1301dad903784986ba1940a67ef6cc5f6b9f2864fb290ac7a8f785a5d7ffb30_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a410ab1652167801e86452e024b30f9e3910a277c83a2111fac67fa4c05a8260_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:29f6ea3c582bb0a38e00988b1dcfff1a11697f2975454761812de03074855a77_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:42c8035b31fe78ed39d7fc4fcd344f02318ac3fa11b9bfa136412f44fd30c448_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:8e38fd058d78053b1a0dbe2bfb24e0dbef332e6fe1a53fef20d23c832088e20c_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:9da79600ffaf0fb23cd1222f3fb6de88e7c4d245b6cafc60a2806b8c5db66ac8_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:57a58a355f9f9cac3fcad5c30b6580cd445b5da23674895724308ce37609d245_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:6ab6080fe409b7a365d73923e4d5f3ec3e98a5a20dd7497be1d8dae78fec1532_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:832dc5f1fb97dcdd6b4d4734a3bdc922292807d555ea3c46b551440b82b3b024_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:d67ae06f23f7325531799ccef39d69c2967d0dae7bf7be560e65b02f0e1632a0_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:035e9b78ad832f30f15d9b75f7ae2faf220fe7d54b0cafcb184e242f77148a7b_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:074a8a5f28c8518daee6887b783046a0895ed65ddef29f1332f66598011695c1_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:1526233c99e74ac377c7c4c0b632a3755e468c9566b868330860ecf7bebac73c_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:bfbbccf02f9dbcbb0504188ba88605391e5e1ff5f09a8ba254867f74cf2385ff_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:4358bd5264994f7e2fefce583da0714fb9d4fb085eb1ab51b8309f0d94b9f153_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:a07c342c2e0cb85ab07527dd943cabfaac076ca3d541a94046fdaea882a1c627_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:cfec93f99516e4d29a0e3f4096a8063bce44f585b654582a189d41771cbd3f88_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:de6ec17ca6e1e523a0def395050a67592748b152af19ce957ffa992fd872124d_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26c4927f2c88031e4607387679416592eaf74466493a0421294b6e00a256add2_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:31f797b35537f16b4da2dabcc6fa8403540f2fa4fd2fb4756cc761db7d835eae_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:6966da8cb3686cd191d60224d93f74b5dfcfba4ccb398e5801614dd7d36f9c58_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:f7716e6bc3ce510d9c59818b189127b746ee9756c47e84b0005af0142c733279_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:819208b38462cb051ad4c758fe4abb083284969f9f31810d3ddaed0db03e5a18_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:aeb87311c1172e40165244e95f2a844f7079c39a65ac5edf23d1be31493193b9_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:bfe8d2e997c20941c14a88bc7b9ed630bbbfd639f094c651e63726dbfe432d53_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:d477979961e8bc28199454312d5147eb837fb17a193d3ea3f356fc6eb1881fa6_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:17ae245d343ebf0387352486690a78d351e66c9c4927f4b652173d70f6edf879_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:4d0584573dc88a4432e95ecd2e64dd92c1fc1c5a945939b47f0874a8704bd353_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:d0923360f8d0b918fe45fd89a0bccfb5066daa40a898aee8e5848cbfbab3a168_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:e79452acf8d3b269fbdc6e958cc0689afc7cedb90d871df1728f391bd4be2931_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:1b59e9e1281f15ac2c571b4b3accd841864161f23afb493cb8fee427b5e2a04f_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f9fa2c6058da4836d92fea2405296de1ed900179a60fd07ed14b9ae1705fdea_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:5bb94a87c3ac594474f1190bb157c8e6a79be4f73515d29b60b005a208c83543_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ec72a0e8654072f757fd9a1ca5385428d08cfd024e7bf59c59d78e5df3dce053_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:1629e75e8d18e5af47c71f6d156496a0ea9addeb476de6e79deb8ace47281e22_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:20ed8c365c2a3b3015b695c56eb091c9edfa1997e505694e19befbf96ab54417_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:27913ab5c9182e3345ddd4b2515fb80b94748d8b36b4902bdef0efd840e14604_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:731a38900bff389d0c3ff45d2b2326e390c40d09ad2bec0fa78b7fa4bd4dedf7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:0f610489ea55b796b0973d3b80878975a542b61c63b7a0848bbca256fe60bf30_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:2804679d3b6cc59d33e0ada55aab9689bf97f73d89b63f9f155eb62bb2f22ebf_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:b9a1f7c7625bfbf00137ad61d9995f3530fc8a513558370b4b7a3e37b22fc9c0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:c677f6574fd701f9dfce7cd73e939525a4c62c92868323f7876296865ff1ebe2_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:38d1eb001acb51af95e7f4a1878ae55818b1b9863a94c8e4b03e88ea4db2c5a0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54b01953ef2fe569136c577c4387eb405d246c452c35130063e810995ca1ff2f_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54e88e3d33688d3b36cc8fb93db865fd788fe1e8f2ae7300e6c3d4afd08fd7f0_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:86c090b24787fd0ffd1a17317743dcda4c7a5f37e62bc4772b1db7d71b547ff8_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:6182fc24309fa292404727e561a89ecc62a3e317874964e4c94b0ec1bc5088c3_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:7f49ad936046118702cef20ae073ede28c5ba8578f90cd70804942bd5c211c03_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:8eae4223d0f3f5439f3e0618eff6110eef4e4eb2f61df47c09ef2e4979086658_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:ea12410a2594e802d0c3a39b2353ffd79e1ea04aa4d128dc191502326ca33bb5_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:41312496ceeeb4d588f5cf67fd0bcfbebd819b9035315685ca6e66bf2f22c4d9_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:9bebc321f3a61a497f1e7b7543a49f5a679fec7c98326754dd85c2a27506fef6_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:c2fb5eb246becd8037834ee5a0e39f4e023767be59655771a545d9d7105e11cd_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:ee5529540a69ba43ea5c8fe703228242f1b36736cb3f99c4a0650cd9b6e91d29_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-29180"
},
{
"category": "external",
"summary": "RHBZ#2270863",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270863"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-29180",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29180"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29180",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29180"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack-dev-middleware/security/advisories/GHSA-wr3j-pwj9-hqq6",
"url": "https://github.com/webpack/webpack-dev-middleware/security/advisories/GHSA-wr3j-pwj9-hqq6"
}
],
"release_date": "2024-03-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-09T14:44:53+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:6b3e1fb2d534596e811290912f44adc7e802f0b9221fdf99c040804741be51f4_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:97f4b5fe34f39729a6e5b0dae6992788e707e400bf5e0c7f6ef9e0a1751ffd81_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:abb7268ee2ce62b94b4dba0fc65207bcc7ac64338b10d15ccc57a0b077c56d5e_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d0e21023ff258a92b2b899089ac8245f6a7aaedf72596dd952bc6bc2072f07eb_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:5fcd0a7266ebb30fcb6522de7d46185f3c4effcf7aed2bdff9133180d8092e81_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:a9308b73e38d1784e7e0e85530494811a3a936581b0b15406a831cbca6b51d4d_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:d740f317b2fd15a7fdb8b5461bc3ee13d8eed50c29536fe4217b89340103f07f_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:ec8e4322d9d75fbaf2bbdf87d80f890af7e59b111a03138e2ea9e8e21a9841fc_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:458ff95d3645b3904d6ff93b5a2da1759a27e9d0d775c8adf598ab6886eba175_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:5cc1a8b7a7d6af4681e93dbcf378bc0b1cac853aa37172dd2e64950e33b0d390_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:6730b6c5d63b9fbd7e10150fcc5e62c0145320a949f0dda56ae0864561651729_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:ed1ecc41d06d040907ac59e0c39ddd6429770cba6628fb532228f3b1b4b1233d_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:5da6397f22e3ebd8a8d363f39d8cba2fdf15b13a2f8955488ac2b047a2ee3b90_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:93e0a7bcbef2432c645a0f7295035776950ff2018452b6a63bdd3af9312746c3_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a0c347a5c888baedebaa32eecf9cf6f625fcf37ade2f42702ff6bbfb306e68f8_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a1e781866d3c356f38e89a3937d6b96a3c15b7b880f1a5c35fe7e106f81213fe_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:43dc6d413eab18ba5fa27c8acbbc437dbb21294b47be41cb4e77bfa49ee6776e_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:60c70453cdda43c61fe75aac3e95ffde9b1c8cc06dae9749017020586dc334ef_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:72c17887a35bc880045ea9ef7d2fcdf5fda106f563853102582661698d71af74_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:c77bfce0abaac800970937b5348cf16b631a101f6e96c743d5782f6b420d191a_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:3dd3c388b1acf33c0d651b32bc0510395926e5e5444f6c3fd2e72c4ac00cb64d_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:72d9112a32a3e0598883a679cd2937fee73dffd502ddb2e44350e7e6625175e7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:81994abd500fe05fa9ebc1bb6ccfde573ca1e2acafa3a943f31dc2a5dc5599fd_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:acc4cacbb79098e2430a51abec6667bcd401591b9d8c250978328360e947caec_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:4f8fe30627b138387849db8b9e027c6600b4d8e8a9fb60898dd087ac04a3fd10_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:5fc0894cf8677cf0b4540dd45001085a1c6283666757196191311276ff1f52f7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:bc596235b5108185241212de4315eb2fd1d520586041704fe6ea0f0556682f9c_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:d1ef4d43c288a2e2be270932d8bee2ebabe08d1c05eaedf408e8d3f08bc37d3d_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:38df2ee7b5531f7d2539a9b43cb4dee79c9afc3c47a9acd7a53352381bc77e0c_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:9eeb9e5ad290a62fd14bbe09d9214a123a3eb790f05b80a6bb94c7e9f55ec865_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:bee7a94b145bb0ef379093ccfa0eb0305b849c38d3974a0e45a32f8df7e0ed25_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:dd34a7c660015f0b0e85cf29bf768b873c8ffd10b4f30551dd4b761d6e2f93b6_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4fa64c0356d5de6ba506f6e5fe0af5112a071407f7882a4b69624d77e20014f5_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:6827a3aaadf146c58909950974c674e8ada6b408ce5055d146ba9cc504a3d38a_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:81170bd47e3f6d2ff25a1862e59c6b115858aa77254fe938034651e41d063f7e_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:b694393f429516351f376b8083d292f47ed203c147d6c80d2368543c95ea8169_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:2bbbef20cf7cd9e25fdf2c85f8ee0d85456ecea9f6fe63e316e82d6aa458fd65_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:331d6aa12b6dbe31110d4df4167150dc113b5915be1ffbbd8b606070c487b5ad_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:940208d4dd7b2d9700afde7071d4a17a428c1986b25294e4795f15ff90155cfb_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:99d598d0da818321501ab77ffd36dfb56af3ce815cd16c99bfe66fcc6be2bac6_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:63abdb4c0068a84e59a3317ecff1357f022d2666e6471d2ebd54a877c528ea3a_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:b9be5c3803e158f1fc6f9c2ddc0a1dc23a9d58a44ba9a3d70c869482af3f339a_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:d85da0482a93a9ee65d55ae033f61e26fb9a6b8ce8f7c855bbd670c69ad20fa2_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:e1d319b4eba5225519607ad30ee4dd56756ab5e76c403f1dcc8b98b0ab6cb416_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:21fe3eae3fc1fe8c338d41746943152c972087c5bba0f8af1445af1d77ce27fb_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:5e5f0d91736d097226d32257d77e8efeffb52e6e0616c52d93ac066d7fbe3b03_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:8700e66a3fcd395fe9b7a6e1171568356edcc022d9ff721f995f40a78f320ca8_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:c47d0280add20fe510e2c74334b905363b16b04491198af0fe8ca54ff063929e_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:321705a23de2319617f327718c625682d0a9ca7499f056c2d0d1e2239a7533da_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:9db5800892c9c9d70a73ed369832711be57d34fb9deb801537d50df9bf1741d0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:a46b7990c0ad07dae78f43334c9bd5e6cba7b50ca60d3f880099b71e77bed214_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:be660e120bdda9b702ba6367c75c6eefa6c89ae6adfd7bd703bda0778b5c1060_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:089e54bad6d4cf04a40bef07321331364335e9b94f2895799dc20cc3b1d15b4f_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:6b79cc81807a4ba2eb1170d4c4341d4b3ec92b4e94c5de9837596bb082cc5628_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:799e7cb98798ab5c91f87dcce0817a3af253b038aeafd76eaf480f29e9009c92_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:d01bf0b31ad411e386a095817cd4b903613bfd2325040e91b92021b30be64c75_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:14ebd0e2b72184fd3cd064d464a66ff63dde432e4ec3297ab159ee46aa566da1_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:53ee7c53f046aeec9dc6250b776b5655758fe9d7b8028c43e36de2b82c7db4a5_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a1301dad903784986ba1940a67ef6cc5f6b9f2864fb290ac7a8f785a5d7ffb30_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a410ab1652167801e86452e024b30f9e3910a277c83a2111fac67fa4c05a8260_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:29f6ea3c582bb0a38e00988b1dcfff1a11697f2975454761812de03074855a77_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:42c8035b31fe78ed39d7fc4fcd344f02318ac3fa11b9bfa136412f44fd30c448_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:8e38fd058d78053b1a0dbe2bfb24e0dbef332e6fe1a53fef20d23c832088e20c_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:9da79600ffaf0fb23cd1222f3fb6de88e7c4d245b6cafc60a2806b8c5db66ac8_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:57a58a355f9f9cac3fcad5c30b6580cd445b5da23674895724308ce37609d245_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:6ab6080fe409b7a365d73923e4d5f3ec3e98a5a20dd7497be1d8dae78fec1532_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:832dc5f1fb97dcdd6b4d4734a3bdc922292807d555ea3c46b551440b82b3b024_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:d67ae06f23f7325531799ccef39d69c2967d0dae7bf7be560e65b02f0e1632a0_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:035e9b78ad832f30f15d9b75f7ae2faf220fe7d54b0cafcb184e242f77148a7b_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:074a8a5f28c8518daee6887b783046a0895ed65ddef29f1332f66598011695c1_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:1526233c99e74ac377c7c4c0b632a3755e468c9566b868330860ecf7bebac73c_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:bfbbccf02f9dbcbb0504188ba88605391e5e1ff5f09a8ba254867f74cf2385ff_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:4358bd5264994f7e2fefce583da0714fb9d4fb085eb1ab51b8309f0d94b9f153_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:a07c342c2e0cb85ab07527dd943cabfaac076ca3d541a94046fdaea882a1c627_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:cfec93f99516e4d29a0e3f4096a8063bce44f585b654582a189d41771cbd3f88_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:de6ec17ca6e1e523a0def395050a67592748b152af19ce957ffa992fd872124d_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26c4927f2c88031e4607387679416592eaf74466493a0421294b6e00a256add2_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:31f797b35537f16b4da2dabcc6fa8403540f2fa4fd2fb4756cc761db7d835eae_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:6966da8cb3686cd191d60224d93f74b5dfcfba4ccb398e5801614dd7d36f9c58_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:f7716e6bc3ce510d9c59818b189127b746ee9756c47e84b0005af0142c733279_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:819208b38462cb051ad4c758fe4abb083284969f9f31810d3ddaed0db03e5a18_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:aeb87311c1172e40165244e95f2a844f7079c39a65ac5edf23d1be31493193b9_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:bfe8d2e997c20941c14a88bc7b9ed630bbbfd639f094c651e63726dbfe432d53_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:d477979961e8bc28199454312d5147eb837fb17a193d3ea3f356fc6eb1881fa6_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:17ae245d343ebf0387352486690a78d351e66c9c4927f4b652173d70f6edf879_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:4d0584573dc88a4432e95ecd2e64dd92c1fc1c5a945939b47f0874a8704bd353_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:d0923360f8d0b918fe45fd89a0bccfb5066daa40a898aee8e5848cbfbab3a168_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:e79452acf8d3b269fbdc6e958cc0689afc7cedb90d871df1728f391bd4be2931_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:1b59e9e1281f15ac2c571b4b3accd841864161f23afb493cb8fee427b5e2a04f_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f9fa2c6058da4836d92fea2405296de1ed900179a60fd07ed14b9ae1705fdea_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:5bb94a87c3ac594474f1190bb157c8e6a79be4f73515d29b60b005a208c83543_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ec72a0e8654072f757fd9a1ca5385428d08cfd024e7bf59c59d78e5df3dce053_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:1629e75e8d18e5af47c71f6d156496a0ea9addeb476de6e79deb8ace47281e22_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:20ed8c365c2a3b3015b695c56eb091c9edfa1997e505694e19befbf96ab54417_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:27913ab5c9182e3345ddd4b2515fb80b94748d8b36b4902bdef0efd840e14604_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:731a38900bff389d0c3ff45d2b2326e390c40d09ad2bec0fa78b7fa4bd4dedf7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:0f610489ea55b796b0973d3b80878975a542b61c63b7a0848bbca256fe60bf30_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:2804679d3b6cc59d33e0ada55aab9689bf97f73d89b63f9f155eb62bb2f22ebf_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:b9a1f7c7625bfbf00137ad61d9995f3530fc8a513558370b4b7a3e37b22fc9c0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:c677f6574fd701f9dfce7cd73e939525a4c62c92868323f7876296865ff1ebe2_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:38d1eb001acb51af95e7f4a1878ae55818b1b9863a94c8e4b03e88ea4db2c5a0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54b01953ef2fe569136c577c4387eb405d246c452c35130063e810995ca1ff2f_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54e88e3d33688d3b36cc8fb93db865fd788fe1e8f2ae7300e6c3d4afd08fd7f0_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:86c090b24787fd0ffd1a17317743dcda4c7a5f37e62bc4772b1db7d71b547ff8_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:6182fc24309fa292404727e561a89ecc62a3e317874964e4c94b0ec1bc5088c3_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:7f49ad936046118702cef20ae073ede28c5ba8578f90cd70804942bd5c211c03_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:8eae4223d0f3f5439f3e0618eff6110eef4e4eb2f61df47c09ef2e4979086658_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:ea12410a2594e802d0c3a39b2353ffd79e1ea04aa4d128dc191502326ca33bb5_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:41312496ceeeb4d588f5cf67fd0bcfbebd819b9035315685ca6e66bf2f22c4d9_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:9bebc321f3a61a497f1e7b7543a49f5a679fec7c98326754dd85c2a27506fef6_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:c2fb5eb246becd8037834ee5a0e39f4e023767be59655771a545d9d7105e11cd_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:ee5529540a69ba43ea5c8fe703228242f1b36736cb3f99c4a0650cd9b6e91d29_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHEA-2024:7870"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:6b3e1fb2d534596e811290912f44adc7e802f0b9221fdf99c040804741be51f4_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:97f4b5fe34f39729a6e5b0dae6992788e707e400bf5e0c7f6ef9e0a1751ffd81_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:abb7268ee2ce62b94b4dba0fc65207bcc7ac64338b10d15ccc57a0b077c56d5e_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d0e21023ff258a92b2b899089ac8245f6a7aaedf72596dd952bc6bc2072f07eb_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:5fcd0a7266ebb30fcb6522de7d46185f3c4effcf7aed2bdff9133180d8092e81_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:a9308b73e38d1784e7e0e85530494811a3a936581b0b15406a831cbca6b51d4d_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:d740f317b2fd15a7fdb8b5461bc3ee13d8eed50c29536fe4217b89340103f07f_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:ec8e4322d9d75fbaf2bbdf87d80f890af7e59b111a03138e2ea9e8e21a9841fc_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:458ff95d3645b3904d6ff93b5a2da1759a27e9d0d775c8adf598ab6886eba175_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:5cc1a8b7a7d6af4681e93dbcf378bc0b1cac853aa37172dd2e64950e33b0d390_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:6730b6c5d63b9fbd7e10150fcc5e62c0145320a949f0dda56ae0864561651729_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:ed1ecc41d06d040907ac59e0c39ddd6429770cba6628fb532228f3b1b4b1233d_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:5da6397f22e3ebd8a8d363f39d8cba2fdf15b13a2f8955488ac2b047a2ee3b90_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:93e0a7bcbef2432c645a0f7295035776950ff2018452b6a63bdd3af9312746c3_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a0c347a5c888baedebaa32eecf9cf6f625fcf37ade2f42702ff6bbfb306e68f8_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a1e781866d3c356f38e89a3937d6b96a3c15b7b880f1a5c35fe7e106f81213fe_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:43dc6d413eab18ba5fa27c8acbbc437dbb21294b47be41cb4e77bfa49ee6776e_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:60c70453cdda43c61fe75aac3e95ffde9b1c8cc06dae9749017020586dc334ef_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:72c17887a35bc880045ea9ef7d2fcdf5fda106f563853102582661698d71af74_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:c77bfce0abaac800970937b5348cf16b631a101f6e96c743d5782f6b420d191a_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:3dd3c388b1acf33c0d651b32bc0510395926e5e5444f6c3fd2e72c4ac00cb64d_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:72d9112a32a3e0598883a679cd2937fee73dffd502ddb2e44350e7e6625175e7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:81994abd500fe05fa9ebc1bb6ccfde573ca1e2acafa3a943f31dc2a5dc5599fd_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:acc4cacbb79098e2430a51abec6667bcd401591b9d8c250978328360e947caec_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:4f8fe30627b138387849db8b9e027c6600b4d8e8a9fb60898dd087ac04a3fd10_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:5fc0894cf8677cf0b4540dd45001085a1c6283666757196191311276ff1f52f7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:bc596235b5108185241212de4315eb2fd1d520586041704fe6ea0f0556682f9c_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:d1ef4d43c288a2e2be270932d8bee2ebabe08d1c05eaedf408e8d3f08bc37d3d_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:38df2ee7b5531f7d2539a9b43cb4dee79c9afc3c47a9acd7a53352381bc77e0c_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:9eeb9e5ad290a62fd14bbe09d9214a123a3eb790f05b80a6bb94c7e9f55ec865_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:bee7a94b145bb0ef379093ccfa0eb0305b849c38d3974a0e45a32f8df7e0ed25_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:dd34a7c660015f0b0e85cf29bf768b873c8ffd10b4f30551dd4b761d6e2f93b6_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4fa64c0356d5de6ba506f6e5fe0af5112a071407f7882a4b69624d77e20014f5_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:6827a3aaadf146c58909950974c674e8ada6b408ce5055d146ba9cc504a3d38a_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:81170bd47e3f6d2ff25a1862e59c6b115858aa77254fe938034651e41d063f7e_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:b694393f429516351f376b8083d292f47ed203c147d6c80d2368543c95ea8169_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:2bbbef20cf7cd9e25fdf2c85f8ee0d85456ecea9f6fe63e316e82d6aa458fd65_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:331d6aa12b6dbe31110d4df4167150dc113b5915be1ffbbd8b606070c487b5ad_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:940208d4dd7b2d9700afde7071d4a17a428c1986b25294e4795f15ff90155cfb_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:99d598d0da818321501ab77ffd36dfb56af3ce815cd16c99bfe66fcc6be2bac6_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:63abdb4c0068a84e59a3317ecff1357f022d2666e6471d2ebd54a877c528ea3a_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:b9be5c3803e158f1fc6f9c2ddc0a1dc23a9d58a44ba9a3d70c869482af3f339a_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:d85da0482a93a9ee65d55ae033f61e26fb9a6b8ce8f7c855bbd670c69ad20fa2_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:e1d319b4eba5225519607ad30ee4dd56756ab5e76c403f1dcc8b98b0ab6cb416_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:21fe3eae3fc1fe8c338d41746943152c972087c5bba0f8af1445af1d77ce27fb_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:5e5f0d91736d097226d32257d77e8efeffb52e6e0616c52d93ac066d7fbe3b03_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:8700e66a3fcd395fe9b7a6e1171568356edcc022d9ff721f995f40a78f320ca8_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:c47d0280add20fe510e2c74334b905363b16b04491198af0fe8ca54ff063929e_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:321705a23de2319617f327718c625682d0a9ca7499f056c2d0d1e2239a7533da_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:9db5800892c9c9d70a73ed369832711be57d34fb9deb801537d50df9bf1741d0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:a46b7990c0ad07dae78f43334c9bd5e6cba7b50ca60d3f880099b71e77bed214_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:be660e120bdda9b702ba6367c75c6eefa6c89ae6adfd7bd703bda0778b5c1060_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:089e54bad6d4cf04a40bef07321331364335e9b94f2895799dc20cc3b1d15b4f_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:6b79cc81807a4ba2eb1170d4c4341d4b3ec92b4e94c5de9837596bb082cc5628_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:799e7cb98798ab5c91f87dcce0817a3af253b038aeafd76eaf480f29e9009c92_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:d01bf0b31ad411e386a095817cd4b903613bfd2325040e91b92021b30be64c75_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:14ebd0e2b72184fd3cd064d464a66ff63dde432e4ec3297ab159ee46aa566da1_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:53ee7c53f046aeec9dc6250b776b5655758fe9d7b8028c43e36de2b82c7db4a5_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a1301dad903784986ba1940a67ef6cc5f6b9f2864fb290ac7a8f785a5d7ffb30_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a410ab1652167801e86452e024b30f9e3910a277c83a2111fac67fa4c05a8260_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:29f6ea3c582bb0a38e00988b1dcfff1a11697f2975454761812de03074855a77_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:42c8035b31fe78ed39d7fc4fcd344f02318ac3fa11b9bfa136412f44fd30c448_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:8e38fd058d78053b1a0dbe2bfb24e0dbef332e6fe1a53fef20d23c832088e20c_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:9da79600ffaf0fb23cd1222f3fb6de88e7c4d245b6cafc60a2806b8c5db66ac8_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:57a58a355f9f9cac3fcad5c30b6580cd445b5da23674895724308ce37609d245_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:6ab6080fe409b7a365d73923e4d5f3ec3e98a5a20dd7497be1d8dae78fec1532_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:832dc5f1fb97dcdd6b4d4734a3bdc922292807d555ea3c46b551440b82b3b024_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:d67ae06f23f7325531799ccef39d69c2967d0dae7bf7be560e65b02f0e1632a0_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:035e9b78ad832f30f15d9b75f7ae2faf220fe7d54b0cafcb184e242f77148a7b_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:074a8a5f28c8518daee6887b783046a0895ed65ddef29f1332f66598011695c1_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:1526233c99e74ac377c7c4c0b632a3755e468c9566b868330860ecf7bebac73c_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:bfbbccf02f9dbcbb0504188ba88605391e5e1ff5f09a8ba254867f74cf2385ff_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:4358bd5264994f7e2fefce583da0714fb9d4fb085eb1ab51b8309f0d94b9f153_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:a07c342c2e0cb85ab07527dd943cabfaac076ca3d541a94046fdaea882a1c627_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:cfec93f99516e4d29a0e3f4096a8063bce44f585b654582a189d41771cbd3f88_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:de6ec17ca6e1e523a0def395050a67592748b152af19ce957ffa992fd872124d_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26c4927f2c88031e4607387679416592eaf74466493a0421294b6e00a256add2_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:31f797b35537f16b4da2dabcc6fa8403540f2fa4fd2fb4756cc761db7d835eae_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:6966da8cb3686cd191d60224d93f74b5dfcfba4ccb398e5801614dd7d36f9c58_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:f7716e6bc3ce510d9c59818b189127b746ee9756c47e84b0005af0142c733279_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:819208b38462cb051ad4c758fe4abb083284969f9f31810d3ddaed0db03e5a18_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:aeb87311c1172e40165244e95f2a844f7079c39a65ac5edf23d1be31493193b9_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:bfe8d2e997c20941c14a88bc7b9ed630bbbfd639f094c651e63726dbfe432d53_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:d477979961e8bc28199454312d5147eb837fb17a193d3ea3f356fc6eb1881fa6_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:17ae245d343ebf0387352486690a78d351e66c9c4927f4b652173d70f6edf879_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:4d0584573dc88a4432e95ecd2e64dd92c1fc1c5a945939b47f0874a8704bd353_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:d0923360f8d0b918fe45fd89a0bccfb5066daa40a898aee8e5848cbfbab3a168_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:e79452acf8d3b269fbdc6e958cc0689afc7cedb90d871df1728f391bd4be2931_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:1b59e9e1281f15ac2c571b4b3accd841864161f23afb493cb8fee427b5e2a04f_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f9fa2c6058da4836d92fea2405296de1ed900179a60fd07ed14b9ae1705fdea_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:5bb94a87c3ac594474f1190bb157c8e6a79be4f73515d29b60b005a208c83543_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ec72a0e8654072f757fd9a1ca5385428d08cfd024e7bf59c59d78e5df3dce053_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:1629e75e8d18e5af47c71f6d156496a0ea9addeb476de6e79deb8ace47281e22_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:20ed8c365c2a3b3015b695c56eb091c9edfa1997e505694e19befbf96ab54417_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:27913ab5c9182e3345ddd4b2515fb80b94748d8b36b4902bdef0efd840e14604_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:731a38900bff389d0c3ff45d2b2326e390c40d09ad2bec0fa78b7fa4bd4dedf7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:0f610489ea55b796b0973d3b80878975a542b61c63b7a0848bbca256fe60bf30_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:2804679d3b6cc59d33e0ada55aab9689bf97f73d89b63f9f155eb62bb2f22ebf_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:b9a1f7c7625bfbf00137ad61d9995f3530fc8a513558370b4b7a3e37b22fc9c0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:c677f6574fd701f9dfce7cd73e939525a4c62c92868323f7876296865ff1ebe2_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:38d1eb001acb51af95e7f4a1878ae55818b1b9863a94c8e4b03e88ea4db2c5a0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54b01953ef2fe569136c577c4387eb405d246c452c35130063e810995ca1ff2f_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54e88e3d33688d3b36cc8fb93db865fd788fe1e8f2ae7300e6c3d4afd08fd7f0_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:86c090b24787fd0ffd1a17317743dcda4c7a5f37e62bc4772b1db7d71b547ff8_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:6182fc24309fa292404727e561a89ecc62a3e317874964e4c94b0ec1bc5088c3_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:7f49ad936046118702cef20ae073ede28c5ba8578f90cd70804942bd5c211c03_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:8eae4223d0f3f5439f3e0618eff6110eef4e4eb2f61df47c09ef2e4979086658_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:ea12410a2594e802d0c3a39b2353ffd79e1ea04aa4d128dc191502326ca33bb5_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:41312496ceeeb4d588f5cf67fd0bcfbebd819b9035315685ca6e66bf2f22c4d9_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:9bebc321f3a61a497f1e7b7543a49f5a679fec7c98326754dd85c2a27506fef6_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:c2fb5eb246becd8037834ee5a0e39f4e023767be59655771a545d9d7105e11cd_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:ee5529540a69ba43ea5c8fe703228242f1b36736cb3f99c4a0650cd9b6e91d29_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:6b3e1fb2d534596e811290912f44adc7e802f0b9221fdf99c040804741be51f4_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:97f4b5fe34f39729a6e5b0dae6992788e707e400bf5e0c7f6ef9e0a1751ffd81_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:abb7268ee2ce62b94b4dba0fc65207bcc7ac64338b10d15ccc57a0b077c56d5e_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d0e21023ff258a92b2b899089ac8245f6a7aaedf72596dd952bc6bc2072f07eb_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:5fcd0a7266ebb30fcb6522de7d46185f3c4effcf7aed2bdff9133180d8092e81_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:a9308b73e38d1784e7e0e85530494811a3a936581b0b15406a831cbca6b51d4d_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:d740f317b2fd15a7fdb8b5461bc3ee13d8eed50c29536fe4217b89340103f07f_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:ec8e4322d9d75fbaf2bbdf87d80f890af7e59b111a03138e2ea9e8e21a9841fc_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:458ff95d3645b3904d6ff93b5a2da1759a27e9d0d775c8adf598ab6886eba175_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:5cc1a8b7a7d6af4681e93dbcf378bc0b1cac853aa37172dd2e64950e33b0d390_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:6730b6c5d63b9fbd7e10150fcc5e62c0145320a949f0dda56ae0864561651729_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:ed1ecc41d06d040907ac59e0c39ddd6429770cba6628fb532228f3b1b4b1233d_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:5da6397f22e3ebd8a8d363f39d8cba2fdf15b13a2f8955488ac2b047a2ee3b90_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:93e0a7bcbef2432c645a0f7295035776950ff2018452b6a63bdd3af9312746c3_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a0c347a5c888baedebaa32eecf9cf6f625fcf37ade2f42702ff6bbfb306e68f8_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a1e781866d3c356f38e89a3937d6b96a3c15b7b880f1a5c35fe7e106f81213fe_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:43dc6d413eab18ba5fa27c8acbbc437dbb21294b47be41cb4e77bfa49ee6776e_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:60c70453cdda43c61fe75aac3e95ffde9b1c8cc06dae9749017020586dc334ef_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:72c17887a35bc880045ea9ef7d2fcdf5fda106f563853102582661698d71af74_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:c77bfce0abaac800970937b5348cf16b631a101f6e96c743d5782f6b420d191a_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:3dd3c388b1acf33c0d651b32bc0510395926e5e5444f6c3fd2e72c4ac00cb64d_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:72d9112a32a3e0598883a679cd2937fee73dffd502ddb2e44350e7e6625175e7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:81994abd500fe05fa9ebc1bb6ccfde573ca1e2acafa3a943f31dc2a5dc5599fd_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:acc4cacbb79098e2430a51abec6667bcd401591b9d8c250978328360e947caec_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:4f8fe30627b138387849db8b9e027c6600b4d8e8a9fb60898dd087ac04a3fd10_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:5fc0894cf8677cf0b4540dd45001085a1c6283666757196191311276ff1f52f7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:bc596235b5108185241212de4315eb2fd1d520586041704fe6ea0f0556682f9c_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:d1ef4d43c288a2e2be270932d8bee2ebabe08d1c05eaedf408e8d3f08bc37d3d_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:38df2ee7b5531f7d2539a9b43cb4dee79c9afc3c47a9acd7a53352381bc77e0c_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:9eeb9e5ad290a62fd14bbe09d9214a123a3eb790f05b80a6bb94c7e9f55ec865_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:bee7a94b145bb0ef379093ccfa0eb0305b849c38d3974a0e45a32f8df7e0ed25_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:dd34a7c660015f0b0e85cf29bf768b873c8ffd10b4f30551dd4b761d6e2f93b6_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4fa64c0356d5de6ba506f6e5fe0af5112a071407f7882a4b69624d77e20014f5_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:6827a3aaadf146c58909950974c674e8ada6b408ce5055d146ba9cc504a3d38a_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:81170bd47e3f6d2ff25a1862e59c6b115858aa77254fe938034651e41d063f7e_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:b694393f429516351f376b8083d292f47ed203c147d6c80d2368543c95ea8169_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:2bbbef20cf7cd9e25fdf2c85f8ee0d85456ecea9f6fe63e316e82d6aa458fd65_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:331d6aa12b6dbe31110d4df4167150dc113b5915be1ffbbd8b606070c487b5ad_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:940208d4dd7b2d9700afde7071d4a17a428c1986b25294e4795f15ff90155cfb_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:99d598d0da818321501ab77ffd36dfb56af3ce815cd16c99bfe66fcc6be2bac6_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:63abdb4c0068a84e59a3317ecff1357f022d2666e6471d2ebd54a877c528ea3a_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:b9be5c3803e158f1fc6f9c2ddc0a1dc23a9d58a44ba9a3d70c869482af3f339a_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:d85da0482a93a9ee65d55ae033f61e26fb9a6b8ce8f7c855bbd670c69ad20fa2_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:e1d319b4eba5225519607ad30ee4dd56756ab5e76c403f1dcc8b98b0ab6cb416_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:21fe3eae3fc1fe8c338d41746943152c972087c5bba0f8af1445af1d77ce27fb_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:5e5f0d91736d097226d32257d77e8efeffb52e6e0616c52d93ac066d7fbe3b03_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:8700e66a3fcd395fe9b7a6e1171568356edcc022d9ff721f995f40a78f320ca8_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:c47d0280add20fe510e2c74334b905363b16b04491198af0fe8ca54ff063929e_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:321705a23de2319617f327718c625682d0a9ca7499f056c2d0d1e2239a7533da_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:9db5800892c9c9d70a73ed369832711be57d34fb9deb801537d50df9bf1741d0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:a46b7990c0ad07dae78f43334c9bd5e6cba7b50ca60d3f880099b71e77bed214_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:be660e120bdda9b702ba6367c75c6eefa6c89ae6adfd7bd703bda0778b5c1060_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:089e54bad6d4cf04a40bef07321331364335e9b94f2895799dc20cc3b1d15b4f_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:6b79cc81807a4ba2eb1170d4c4341d4b3ec92b4e94c5de9837596bb082cc5628_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:799e7cb98798ab5c91f87dcce0817a3af253b038aeafd76eaf480f29e9009c92_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:d01bf0b31ad411e386a095817cd4b903613bfd2325040e91b92021b30be64c75_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:14ebd0e2b72184fd3cd064d464a66ff63dde432e4ec3297ab159ee46aa566da1_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:53ee7c53f046aeec9dc6250b776b5655758fe9d7b8028c43e36de2b82c7db4a5_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a1301dad903784986ba1940a67ef6cc5f6b9f2864fb290ac7a8f785a5d7ffb30_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a410ab1652167801e86452e024b30f9e3910a277c83a2111fac67fa4c05a8260_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:29f6ea3c582bb0a38e00988b1dcfff1a11697f2975454761812de03074855a77_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:42c8035b31fe78ed39d7fc4fcd344f02318ac3fa11b9bfa136412f44fd30c448_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:8e38fd058d78053b1a0dbe2bfb24e0dbef332e6fe1a53fef20d23c832088e20c_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:9da79600ffaf0fb23cd1222f3fb6de88e7c4d245b6cafc60a2806b8c5db66ac8_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:57a58a355f9f9cac3fcad5c30b6580cd445b5da23674895724308ce37609d245_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:6ab6080fe409b7a365d73923e4d5f3ec3e98a5a20dd7497be1d8dae78fec1532_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:832dc5f1fb97dcdd6b4d4734a3bdc922292807d555ea3c46b551440b82b3b024_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:d67ae06f23f7325531799ccef39d69c2967d0dae7bf7be560e65b02f0e1632a0_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:035e9b78ad832f30f15d9b75f7ae2faf220fe7d54b0cafcb184e242f77148a7b_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:074a8a5f28c8518daee6887b783046a0895ed65ddef29f1332f66598011695c1_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:1526233c99e74ac377c7c4c0b632a3755e468c9566b868330860ecf7bebac73c_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:bfbbccf02f9dbcbb0504188ba88605391e5e1ff5f09a8ba254867f74cf2385ff_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:4358bd5264994f7e2fefce583da0714fb9d4fb085eb1ab51b8309f0d94b9f153_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:a07c342c2e0cb85ab07527dd943cabfaac076ca3d541a94046fdaea882a1c627_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:cfec93f99516e4d29a0e3f4096a8063bce44f585b654582a189d41771cbd3f88_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:de6ec17ca6e1e523a0def395050a67592748b152af19ce957ffa992fd872124d_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26c4927f2c88031e4607387679416592eaf74466493a0421294b6e00a256add2_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:31f797b35537f16b4da2dabcc6fa8403540f2fa4fd2fb4756cc761db7d835eae_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:6966da8cb3686cd191d60224d93f74b5dfcfba4ccb398e5801614dd7d36f9c58_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:f7716e6bc3ce510d9c59818b189127b746ee9756c47e84b0005af0142c733279_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:819208b38462cb051ad4c758fe4abb083284969f9f31810d3ddaed0db03e5a18_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:aeb87311c1172e40165244e95f2a844f7079c39a65ac5edf23d1be31493193b9_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:bfe8d2e997c20941c14a88bc7b9ed630bbbfd639f094c651e63726dbfe432d53_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:d477979961e8bc28199454312d5147eb837fb17a193d3ea3f356fc6eb1881fa6_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:17ae245d343ebf0387352486690a78d351e66c9c4927f4b652173d70f6edf879_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:4d0584573dc88a4432e95ecd2e64dd92c1fc1c5a945939b47f0874a8704bd353_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:d0923360f8d0b918fe45fd89a0bccfb5066daa40a898aee8e5848cbfbab3a168_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:e79452acf8d3b269fbdc6e958cc0689afc7cedb90d871df1728f391bd4be2931_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:1b59e9e1281f15ac2c571b4b3accd841864161f23afb493cb8fee427b5e2a04f_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f9fa2c6058da4836d92fea2405296de1ed900179a60fd07ed14b9ae1705fdea_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:5bb94a87c3ac594474f1190bb157c8e6a79be4f73515d29b60b005a208c83543_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ec72a0e8654072f757fd9a1ca5385428d08cfd024e7bf59c59d78e5df3dce053_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:1629e75e8d18e5af47c71f6d156496a0ea9addeb476de6e79deb8ace47281e22_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:20ed8c365c2a3b3015b695c56eb091c9edfa1997e505694e19befbf96ab54417_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:27913ab5c9182e3345ddd4b2515fb80b94748d8b36b4902bdef0efd840e14604_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:731a38900bff389d0c3ff45d2b2326e390c40d09ad2bec0fa78b7fa4bd4dedf7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:0f610489ea55b796b0973d3b80878975a542b61c63b7a0848bbca256fe60bf30_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:2804679d3b6cc59d33e0ada55aab9689bf97f73d89b63f9f155eb62bb2f22ebf_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:b9a1f7c7625bfbf00137ad61d9995f3530fc8a513558370b4b7a3e37b22fc9c0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:c677f6574fd701f9dfce7cd73e939525a4c62c92868323f7876296865ff1ebe2_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:38d1eb001acb51af95e7f4a1878ae55818b1b9863a94c8e4b03e88ea4db2c5a0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54b01953ef2fe569136c577c4387eb405d246c452c35130063e810995ca1ff2f_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54e88e3d33688d3b36cc8fb93db865fd788fe1e8f2ae7300e6c3d4afd08fd7f0_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:86c090b24787fd0ffd1a17317743dcda4c7a5f37e62bc4772b1db7d71b547ff8_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:6182fc24309fa292404727e561a89ecc62a3e317874964e4c94b0ec1bc5088c3_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:7f49ad936046118702cef20ae073ede28c5ba8578f90cd70804942bd5c211c03_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:8eae4223d0f3f5439f3e0618eff6110eef4e4eb2f61df47c09ef2e4979086658_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:ea12410a2594e802d0c3a39b2353ffd79e1ea04aa4d128dc191502326ca33bb5_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:41312496ceeeb4d588f5cf67fd0bcfbebd819b9035315685ca6e66bf2f22c4d9_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:9bebc321f3a61a497f1e7b7543a49f5a679fec7c98326754dd85c2a27506fef6_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:c2fb5eb246becd8037834ee5a0e39f4e023767be59655771a545d9d7105e11cd_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:ee5529540a69ba43ea5c8fe703228242f1b36736cb3f99c4a0650cd9b6e91d29_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "webpack-dev-middleware: lack of URL validation may lead to file leak"
},
{
"cve": "CVE-2024-39338",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2024-08-13T17:21:32.774718+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2304369"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Axios HTTP Client. It is vulnerable to a server-side request forgery attack (SSRF) caused by unexpected behavior where requests for path-relative URLs get processed as protocol-relative URLs. This flaw allows an attacker to perform arbitrary requests from the server, potentially accessing internal systems or exfiltrating sensitive data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: axios: Server-Side Request Forgery",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as IMPORTANT because it can be exploited remotely with low complexity and without user interaction, it poses a significant risk to confidentiality.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:6b3e1fb2d534596e811290912f44adc7e802f0b9221fdf99c040804741be51f4_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:97f4b5fe34f39729a6e5b0dae6992788e707e400bf5e0c7f6ef9e0a1751ffd81_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:abb7268ee2ce62b94b4dba0fc65207bcc7ac64338b10d15ccc57a0b077c56d5e_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d0e21023ff258a92b2b899089ac8245f6a7aaedf72596dd952bc6bc2072f07eb_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:5fcd0a7266ebb30fcb6522de7d46185f3c4effcf7aed2bdff9133180d8092e81_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:a9308b73e38d1784e7e0e85530494811a3a936581b0b15406a831cbca6b51d4d_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:d740f317b2fd15a7fdb8b5461bc3ee13d8eed50c29536fe4217b89340103f07f_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:ec8e4322d9d75fbaf2bbdf87d80f890af7e59b111a03138e2ea9e8e21a9841fc_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:458ff95d3645b3904d6ff93b5a2da1759a27e9d0d775c8adf598ab6886eba175_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:5cc1a8b7a7d6af4681e93dbcf378bc0b1cac853aa37172dd2e64950e33b0d390_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:6730b6c5d63b9fbd7e10150fcc5e62c0145320a949f0dda56ae0864561651729_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:ed1ecc41d06d040907ac59e0c39ddd6429770cba6628fb532228f3b1b4b1233d_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:5da6397f22e3ebd8a8d363f39d8cba2fdf15b13a2f8955488ac2b047a2ee3b90_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:93e0a7bcbef2432c645a0f7295035776950ff2018452b6a63bdd3af9312746c3_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a0c347a5c888baedebaa32eecf9cf6f625fcf37ade2f42702ff6bbfb306e68f8_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a1e781866d3c356f38e89a3937d6b96a3c15b7b880f1a5c35fe7e106f81213fe_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:43dc6d413eab18ba5fa27c8acbbc437dbb21294b47be41cb4e77bfa49ee6776e_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:60c70453cdda43c61fe75aac3e95ffde9b1c8cc06dae9749017020586dc334ef_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:72c17887a35bc880045ea9ef7d2fcdf5fda106f563853102582661698d71af74_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:c77bfce0abaac800970937b5348cf16b631a101f6e96c743d5782f6b420d191a_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:3dd3c388b1acf33c0d651b32bc0510395926e5e5444f6c3fd2e72c4ac00cb64d_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:72d9112a32a3e0598883a679cd2937fee73dffd502ddb2e44350e7e6625175e7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:81994abd500fe05fa9ebc1bb6ccfde573ca1e2acafa3a943f31dc2a5dc5599fd_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:acc4cacbb79098e2430a51abec6667bcd401591b9d8c250978328360e947caec_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:4f8fe30627b138387849db8b9e027c6600b4d8e8a9fb60898dd087ac04a3fd10_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:5fc0894cf8677cf0b4540dd45001085a1c6283666757196191311276ff1f52f7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:bc596235b5108185241212de4315eb2fd1d520586041704fe6ea0f0556682f9c_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:d1ef4d43c288a2e2be270932d8bee2ebabe08d1c05eaedf408e8d3f08bc37d3d_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:38df2ee7b5531f7d2539a9b43cb4dee79c9afc3c47a9acd7a53352381bc77e0c_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:9eeb9e5ad290a62fd14bbe09d9214a123a3eb790f05b80a6bb94c7e9f55ec865_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:bee7a94b145bb0ef379093ccfa0eb0305b849c38d3974a0e45a32f8df7e0ed25_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:dd34a7c660015f0b0e85cf29bf768b873c8ffd10b4f30551dd4b761d6e2f93b6_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4fa64c0356d5de6ba506f6e5fe0af5112a071407f7882a4b69624d77e20014f5_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:6827a3aaadf146c58909950974c674e8ada6b408ce5055d146ba9cc504a3d38a_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:81170bd47e3f6d2ff25a1862e59c6b115858aa77254fe938034651e41d063f7e_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:b694393f429516351f376b8083d292f47ed203c147d6c80d2368543c95ea8169_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:2bbbef20cf7cd9e25fdf2c85f8ee0d85456ecea9f6fe63e316e82d6aa458fd65_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:331d6aa12b6dbe31110d4df4167150dc113b5915be1ffbbd8b606070c487b5ad_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:940208d4dd7b2d9700afde7071d4a17a428c1986b25294e4795f15ff90155cfb_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:99d598d0da818321501ab77ffd36dfb56af3ce815cd16c99bfe66fcc6be2bac6_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:63abdb4c0068a84e59a3317ecff1357f022d2666e6471d2ebd54a877c528ea3a_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:b9be5c3803e158f1fc6f9c2ddc0a1dc23a9d58a44ba9a3d70c869482af3f339a_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:d85da0482a93a9ee65d55ae033f61e26fb9a6b8ce8f7c855bbd670c69ad20fa2_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:e1d319b4eba5225519607ad30ee4dd56756ab5e76c403f1dcc8b98b0ab6cb416_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:21fe3eae3fc1fe8c338d41746943152c972087c5bba0f8af1445af1d77ce27fb_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:5e5f0d91736d097226d32257d77e8efeffb52e6e0616c52d93ac066d7fbe3b03_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:8700e66a3fcd395fe9b7a6e1171568356edcc022d9ff721f995f40a78f320ca8_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:c47d0280add20fe510e2c74334b905363b16b04491198af0fe8ca54ff063929e_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:321705a23de2319617f327718c625682d0a9ca7499f056c2d0d1e2239a7533da_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:9db5800892c9c9d70a73ed369832711be57d34fb9deb801537d50df9bf1741d0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:a46b7990c0ad07dae78f43334c9bd5e6cba7b50ca60d3f880099b71e77bed214_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:be660e120bdda9b702ba6367c75c6eefa6c89ae6adfd7bd703bda0778b5c1060_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:089e54bad6d4cf04a40bef07321331364335e9b94f2895799dc20cc3b1d15b4f_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:6b79cc81807a4ba2eb1170d4c4341d4b3ec92b4e94c5de9837596bb082cc5628_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:799e7cb98798ab5c91f87dcce0817a3af253b038aeafd76eaf480f29e9009c92_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:d01bf0b31ad411e386a095817cd4b903613bfd2325040e91b92021b30be64c75_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:14ebd0e2b72184fd3cd064d464a66ff63dde432e4ec3297ab159ee46aa566da1_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:53ee7c53f046aeec9dc6250b776b5655758fe9d7b8028c43e36de2b82c7db4a5_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a1301dad903784986ba1940a67ef6cc5f6b9f2864fb290ac7a8f785a5d7ffb30_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a410ab1652167801e86452e024b30f9e3910a277c83a2111fac67fa4c05a8260_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:29f6ea3c582bb0a38e00988b1dcfff1a11697f2975454761812de03074855a77_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:42c8035b31fe78ed39d7fc4fcd344f02318ac3fa11b9bfa136412f44fd30c448_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:8e38fd058d78053b1a0dbe2bfb24e0dbef332e6fe1a53fef20d23c832088e20c_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:9da79600ffaf0fb23cd1222f3fb6de88e7c4d245b6cafc60a2806b8c5db66ac8_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:57a58a355f9f9cac3fcad5c30b6580cd445b5da23674895724308ce37609d245_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:6ab6080fe409b7a365d73923e4d5f3ec3e98a5a20dd7497be1d8dae78fec1532_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:832dc5f1fb97dcdd6b4d4734a3bdc922292807d555ea3c46b551440b82b3b024_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:d67ae06f23f7325531799ccef39d69c2967d0dae7bf7be560e65b02f0e1632a0_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:035e9b78ad832f30f15d9b75f7ae2faf220fe7d54b0cafcb184e242f77148a7b_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:074a8a5f28c8518daee6887b783046a0895ed65ddef29f1332f66598011695c1_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:1526233c99e74ac377c7c4c0b632a3755e468c9566b868330860ecf7bebac73c_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:bfbbccf02f9dbcbb0504188ba88605391e5e1ff5f09a8ba254867f74cf2385ff_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:4358bd5264994f7e2fefce583da0714fb9d4fb085eb1ab51b8309f0d94b9f153_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:a07c342c2e0cb85ab07527dd943cabfaac076ca3d541a94046fdaea882a1c627_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:cfec93f99516e4d29a0e3f4096a8063bce44f585b654582a189d41771cbd3f88_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:de6ec17ca6e1e523a0def395050a67592748b152af19ce957ffa992fd872124d_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26c4927f2c88031e4607387679416592eaf74466493a0421294b6e00a256add2_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:31f797b35537f16b4da2dabcc6fa8403540f2fa4fd2fb4756cc761db7d835eae_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:6966da8cb3686cd191d60224d93f74b5dfcfba4ccb398e5801614dd7d36f9c58_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:f7716e6bc3ce510d9c59818b189127b746ee9756c47e84b0005af0142c733279_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:819208b38462cb051ad4c758fe4abb083284969f9f31810d3ddaed0db03e5a18_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:aeb87311c1172e40165244e95f2a844f7079c39a65ac5edf23d1be31493193b9_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:bfe8d2e997c20941c14a88bc7b9ed630bbbfd639f094c651e63726dbfe432d53_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:d477979961e8bc28199454312d5147eb837fb17a193d3ea3f356fc6eb1881fa6_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:17ae245d343ebf0387352486690a78d351e66c9c4927f4b652173d70f6edf879_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:4d0584573dc88a4432e95ecd2e64dd92c1fc1c5a945939b47f0874a8704bd353_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:d0923360f8d0b918fe45fd89a0bccfb5066daa40a898aee8e5848cbfbab3a168_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:e79452acf8d3b269fbdc6e958cc0689afc7cedb90d871df1728f391bd4be2931_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:1b59e9e1281f15ac2c571b4b3accd841864161f23afb493cb8fee427b5e2a04f_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f9fa2c6058da4836d92fea2405296de1ed900179a60fd07ed14b9ae1705fdea_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:5bb94a87c3ac594474f1190bb157c8e6a79be4f73515d29b60b005a208c83543_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ec72a0e8654072f757fd9a1ca5385428d08cfd024e7bf59c59d78e5df3dce053_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:1629e75e8d18e5af47c71f6d156496a0ea9addeb476de6e79deb8ace47281e22_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:20ed8c365c2a3b3015b695c56eb091c9edfa1997e505694e19befbf96ab54417_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:27913ab5c9182e3345ddd4b2515fb80b94748d8b36b4902bdef0efd840e14604_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:731a38900bff389d0c3ff45d2b2326e390c40d09ad2bec0fa78b7fa4bd4dedf7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:0f610489ea55b796b0973d3b80878975a542b61c63b7a0848bbca256fe60bf30_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:2804679d3b6cc59d33e0ada55aab9689bf97f73d89b63f9f155eb62bb2f22ebf_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:b9a1f7c7625bfbf00137ad61d9995f3530fc8a513558370b4b7a3e37b22fc9c0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:c677f6574fd701f9dfce7cd73e939525a4c62c92868323f7876296865ff1ebe2_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:38d1eb001acb51af95e7f4a1878ae55818b1b9863a94c8e4b03e88ea4db2c5a0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54b01953ef2fe569136c577c4387eb405d246c452c35130063e810995ca1ff2f_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54e88e3d33688d3b36cc8fb93db865fd788fe1e8f2ae7300e6c3d4afd08fd7f0_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:86c090b24787fd0ffd1a17317743dcda4c7a5f37e62bc4772b1db7d71b547ff8_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:6182fc24309fa292404727e561a89ecc62a3e317874964e4c94b0ec1bc5088c3_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:7f49ad936046118702cef20ae073ede28c5ba8578f90cd70804942bd5c211c03_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:8eae4223d0f3f5439f3e0618eff6110eef4e4eb2f61df47c09ef2e4979086658_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:ea12410a2594e802d0c3a39b2353ffd79e1ea04aa4d128dc191502326ca33bb5_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:41312496ceeeb4d588f5cf67fd0bcfbebd819b9035315685ca6e66bf2f22c4d9_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:9bebc321f3a61a497f1e7b7543a49f5a679fec7c98326754dd85c2a27506fef6_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:c2fb5eb246becd8037834ee5a0e39f4e023767be59655771a545d9d7105e11cd_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:ee5529540a69ba43ea5c8fe703228242f1b36736cb3f99c4a0650cd9b6e91d29_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-39338"
},
{
"category": "external",
"summary": "RHBZ#2304369",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304369"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-39338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39338"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-39338",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39338"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/releases",
"url": "https://github.com/axios/axios/releases"
},
{
"category": "external",
"summary": "https://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.html",
"url": "https://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.html"
}
],
"release_date": "2024-08-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-09T14:44:53+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:6b3e1fb2d534596e811290912f44adc7e802f0b9221fdf99c040804741be51f4_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:97f4b5fe34f39729a6e5b0dae6992788e707e400bf5e0c7f6ef9e0a1751ffd81_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:abb7268ee2ce62b94b4dba0fc65207bcc7ac64338b10d15ccc57a0b077c56d5e_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d0e21023ff258a92b2b899089ac8245f6a7aaedf72596dd952bc6bc2072f07eb_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:5fcd0a7266ebb30fcb6522de7d46185f3c4effcf7aed2bdff9133180d8092e81_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:a9308b73e38d1784e7e0e85530494811a3a936581b0b15406a831cbca6b51d4d_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:d740f317b2fd15a7fdb8b5461bc3ee13d8eed50c29536fe4217b89340103f07f_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:ec8e4322d9d75fbaf2bbdf87d80f890af7e59b111a03138e2ea9e8e21a9841fc_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:458ff95d3645b3904d6ff93b5a2da1759a27e9d0d775c8adf598ab6886eba175_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:5cc1a8b7a7d6af4681e93dbcf378bc0b1cac853aa37172dd2e64950e33b0d390_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:6730b6c5d63b9fbd7e10150fcc5e62c0145320a949f0dda56ae0864561651729_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:ed1ecc41d06d040907ac59e0c39ddd6429770cba6628fb532228f3b1b4b1233d_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:5da6397f22e3ebd8a8d363f39d8cba2fdf15b13a2f8955488ac2b047a2ee3b90_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:93e0a7bcbef2432c645a0f7295035776950ff2018452b6a63bdd3af9312746c3_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a0c347a5c888baedebaa32eecf9cf6f625fcf37ade2f42702ff6bbfb306e68f8_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a1e781866d3c356f38e89a3937d6b96a3c15b7b880f1a5c35fe7e106f81213fe_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:43dc6d413eab18ba5fa27c8acbbc437dbb21294b47be41cb4e77bfa49ee6776e_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:60c70453cdda43c61fe75aac3e95ffde9b1c8cc06dae9749017020586dc334ef_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:72c17887a35bc880045ea9ef7d2fcdf5fda106f563853102582661698d71af74_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:c77bfce0abaac800970937b5348cf16b631a101f6e96c743d5782f6b420d191a_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:3dd3c388b1acf33c0d651b32bc0510395926e5e5444f6c3fd2e72c4ac00cb64d_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:72d9112a32a3e0598883a679cd2937fee73dffd502ddb2e44350e7e6625175e7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:81994abd500fe05fa9ebc1bb6ccfde573ca1e2acafa3a943f31dc2a5dc5599fd_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:acc4cacbb79098e2430a51abec6667bcd401591b9d8c250978328360e947caec_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:4f8fe30627b138387849db8b9e027c6600b4d8e8a9fb60898dd087ac04a3fd10_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:5fc0894cf8677cf0b4540dd45001085a1c6283666757196191311276ff1f52f7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:bc596235b5108185241212de4315eb2fd1d520586041704fe6ea0f0556682f9c_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:d1ef4d43c288a2e2be270932d8bee2ebabe08d1c05eaedf408e8d3f08bc37d3d_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:38df2ee7b5531f7d2539a9b43cb4dee79c9afc3c47a9acd7a53352381bc77e0c_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:9eeb9e5ad290a62fd14bbe09d9214a123a3eb790f05b80a6bb94c7e9f55ec865_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:bee7a94b145bb0ef379093ccfa0eb0305b849c38d3974a0e45a32f8df7e0ed25_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:dd34a7c660015f0b0e85cf29bf768b873c8ffd10b4f30551dd4b761d6e2f93b6_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4fa64c0356d5de6ba506f6e5fe0af5112a071407f7882a4b69624d77e20014f5_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:6827a3aaadf146c58909950974c674e8ada6b408ce5055d146ba9cc504a3d38a_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:81170bd47e3f6d2ff25a1862e59c6b115858aa77254fe938034651e41d063f7e_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:b694393f429516351f376b8083d292f47ed203c147d6c80d2368543c95ea8169_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:2bbbef20cf7cd9e25fdf2c85f8ee0d85456ecea9f6fe63e316e82d6aa458fd65_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:331d6aa12b6dbe31110d4df4167150dc113b5915be1ffbbd8b606070c487b5ad_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:940208d4dd7b2d9700afde7071d4a17a428c1986b25294e4795f15ff90155cfb_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:99d598d0da818321501ab77ffd36dfb56af3ce815cd16c99bfe66fcc6be2bac6_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:63abdb4c0068a84e59a3317ecff1357f022d2666e6471d2ebd54a877c528ea3a_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:b9be5c3803e158f1fc6f9c2ddc0a1dc23a9d58a44ba9a3d70c869482af3f339a_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:d85da0482a93a9ee65d55ae033f61e26fb9a6b8ce8f7c855bbd670c69ad20fa2_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:e1d319b4eba5225519607ad30ee4dd56756ab5e76c403f1dcc8b98b0ab6cb416_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:21fe3eae3fc1fe8c338d41746943152c972087c5bba0f8af1445af1d77ce27fb_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:5e5f0d91736d097226d32257d77e8efeffb52e6e0616c52d93ac066d7fbe3b03_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:8700e66a3fcd395fe9b7a6e1171568356edcc022d9ff721f995f40a78f320ca8_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:c47d0280add20fe510e2c74334b905363b16b04491198af0fe8ca54ff063929e_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:321705a23de2319617f327718c625682d0a9ca7499f056c2d0d1e2239a7533da_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:9db5800892c9c9d70a73ed369832711be57d34fb9deb801537d50df9bf1741d0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:a46b7990c0ad07dae78f43334c9bd5e6cba7b50ca60d3f880099b71e77bed214_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:be660e120bdda9b702ba6367c75c6eefa6c89ae6adfd7bd703bda0778b5c1060_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:089e54bad6d4cf04a40bef07321331364335e9b94f2895799dc20cc3b1d15b4f_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:6b79cc81807a4ba2eb1170d4c4341d4b3ec92b4e94c5de9837596bb082cc5628_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:799e7cb98798ab5c91f87dcce0817a3af253b038aeafd76eaf480f29e9009c92_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:d01bf0b31ad411e386a095817cd4b903613bfd2325040e91b92021b30be64c75_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:14ebd0e2b72184fd3cd064d464a66ff63dde432e4ec3297ab159ee46aa566da1_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:53ee7c53f046aeec9dc6250b776b5655758fe9d7b8028c43e36de2b82c7db4a5_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a1301dad903784986ba1940a67ef6cc5f6b9f2864fb290ac7a8f785a5d7ffb30_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a410ab1652167801e86452e024b30f9e3910a277c83a2111fac67fa4c05a8260_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:29f6ea3c582bb0a38e00988b1dcfff1a11697f2975454761812de03074855a77_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:42c8035b31fe78ed39d7fc4fcd344f02318ac3fa11b9bfa136412f44fd30c448_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:8e38fd058d78053b1a0dbe2bfb24e0dbef332e6fe1a53fef20d23c832088e20c_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:9da79600ffaf0fb23cd1222f3fb6de88e7c4d245b6cafc60a2806b8c5db66ac8_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:57a58a355f9f9cac3fcad5c30b6580cd445b5da23674895724308ce37609d245_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:6ab6080fe409b7a365d73923e4d5f3ec3e98a5a20dd7497be1d8dae78fec1532_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:832dc5f1fb97dcdd6b4d4734a3bdc922292807d555ea3c46b551440b82b3b024_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:d67ae06f23f7325531799ccef39d69c2967d0dae7bf7be560e65b02f0e1632a0_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:035e9b78ad832f30f15d9b75f7ae2faf220fe7d54b0cafcb184e242f77148a7b_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:074a8a5f28c8518daee6887b783046a0895ed65ddef29f1332f66598011695c1_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:1526233c99e74ac377c7c4c0b632a3755e468c9566b868330860ecf7bebac73c_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:bfbbccf02f9dbcbb0504188ba88605391e5e1ff5f09a8ba254867f74cf2385ff_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:4358bd5264994f7e2fefce583da0714fb9d4fb085eb1ab51b8309f0d94b9f153_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:a07c342c2e0cb85ab07527dd943cabfaac076ca3d541a94046fdaea882a1c627_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:cfec93f99516e4d29a0e3f4096a8063bce44f585b654582a189d41771cbd3f88_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:de6ec17ca6e1e523a0def395050a67592748b152af19ce957ffa992fd872124d_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26c4927f2c88031e4607387679416592eaf74466493a0421294b6e00a256add2_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:31f797b35537f16b4da2dabcc6fa8403540f2fa4fd2fb4756cc761db7d835eae_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:6966da8cb3686cd191d60224d93f74b5dfcfba4ccb398e5801614dd7d36f9c58_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:f7716e6bc3ce510d9c59818b189127b746ee9756c47e84b0005af0142c733279_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:819208b38462cb051ad4c758fe4abb083284969f9f31810d3ddaed0db03e5a18_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:aeb87311c1172e40165244e95f2a844f7079c39a65ac5edf23d1be31493193b9_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:bfe8d2e997c20941c14a88bc7b9ed630bbbfd639f094c651e63726dbfe432d53_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:d477979961e8bc28199454312d5147eb837fb17a193d3ea3f356fc6eb1881fa6_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:17ae245d343ebf0387352486690a78d351e66c9c4927f4b652173d70f6edf879_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:4d0584573dc88a4432e95ecd2e64dd92c1fc1c5a945939b47f0874a8704bd353_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:d0923360f8d0b918fe45fd89a0bccfb5066daa40a898aee8e5848cbfbab3a168_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:e79452acf8d3b269fbdc6e958cc0689afc7cedb90d871df1728f391bd4be2931_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:1b59e9e1281f15ac2c571b4b3accd841864161f23afb493cb8fee427b5e2a04f_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f9fa2c6058da4836d92fea2405296de1ed900179a60fd07ed14b9ae1705fdea_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:5bb94a87c3ac594474f1190bb157c8e6a79be4f73515d29b60b005a208c83543_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ec72a0e8654072f757fd9a1ca5385428d08cfd024e7bf59c59d78e5df3dce053_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:1629e75e8d18e5af47c71f6d156496a0ea9addeb476de6e79deb8ace47281e22_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:20ed8c365c2a3b3015b695c56eb091c9edfa1997e505694e19befbf96ab54417_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:27913ab5c9182e3345ddd4b2515fb80b94748d8b36b4902bdef0efd840e14604_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:731a38900bff389d0c3ff45d2b2326e390c40d09ad2bec0fa78b7fa4bd4dedf7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:0f610489ea55b796b0973d3b80878975a542b61c63b7a0848bbca256fe60bf30_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:2804679d3b6cc59d33e0ada55aab9689bf97f73d89b63f9f155eb62bb2f22ebf_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:b9a1f7c7625bfbf00137ad61d9995f3530fc8a513558370b4b7a3e37b22fc9c0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:c677f6574fd701f9dfce7cd73e939525a4c62c92868323f7876296865ff1ebe2_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:38d1eb001acb51af95e7f4a1878ae55818b1b9863a94c8e4b03e88ea4db2c5a0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54b01953ef2fe569136c577c4387eb405d246c452c35130063e810995ca1ff2f_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54e88e3d33688d3b36cc8fb93db865fd788fe1e8f2ae7300e6c3d4afd08fd7f0_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:86c090b24787fd0ffd1a17317743dcda4c7a5f37e62bc4772b1db7d71b547ff8_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:6182fc24309fa292404727e561a89ecc62a3e317874964e4c94b0ec1bc5088c3_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:7f49ad936046118702cef20ae073ede28c5ba8578f90cd70804942bd5c211c03_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:8eae4223d0f3f5439f3e0618eff6110eef4e4eb2f61df47c09ef2e4979086658_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:ea12410a2594e802d0c3a39b2353ffd79e1ea04aa4d128dc191502326ca33bb5_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:41312496ceeeb4d588f5cf67fd0bcfbebd819b9035315685ca6e66bf2f22c4d9_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:9bebc321f3a61a497f1e7b7543a49f5a679fec7c98326754dd85c2a27506fef6_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:c2fb5eb246becd8037834ee5a0e39f4e023767be59655771a545d9d7105e11cd_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:ee5529540a69ba43ea5c8fe703228242f1b36736cb3f99c4a0650cd9b6e91d29_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHEA-2024:7870"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:6b3e1fb2d534596e811290912f44adc7e802f0b9221fdf99c040804741be51f4_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:97f4b5fe34f39729a6e5b0dae6992788e707e400bf5e0c7f6ef9e0a1751ffd81_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:abb7268ee2ce62b94b4dba0fc65207bcc7ac64338b10d15ccc57a0b077c56d5e_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d0e21023ff258a92b2b899089ac8245f6a7aaedf72596dd952bc6bc2072f07eb_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:5fcd0a7266ebb30fcb6522de7d46185f3c4effcf7aed2bdff9133180d8092e81_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:a9308b73e38d1784e7e0e85530494811a3a936581b0b15406a831cbca6b51d4d_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:d740f317b2fd15a7fdb8b5461bc3ee13d8eed50c29536fe4217b89340103f07f_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:ec8e4322d9d75fbaf2bbdf87d80f890af7e59b111a03138e2ea9e8e21a9841fc_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:458ff95d3645b3904d6ff93b5a2da1759a27e9d0d775c8adf598ab6886eba175_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:5cc1a8b7a7d6af4681e93dbcf378bc0b1cac853aa37172dd2e64950e33b0d390_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:6730b6c5d63b9fbd7e10150fcc5e62c0145320a949f0dda56ae0864561651729_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:ed1ecc41d06d040907ac59e0c39ddd6429770cba6628fb532228f3b1b4b1233d_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:5da6397f22e3ebd8a8d363f39d8cba2fdf15b13a2f8955488ac2b047a2ee3b90_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:93e0a7bcbef2432c645a0f7295035776950ff2018452b6a63bdd3af9312746c3_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a0c347a5c888baedebaa32eecf9cf6f625fcf37ade2f42702ff6bbfb306e68f8_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a1e781866d3c356f38e89a3937d6b96a3c15b7b880f1a5c35fe7e106f81213fe_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:43dc6d413eab18ba5fa27c8acbbc437dbb21294b47be41cb4e77bfa49ee6776e_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:60c70453cdda43c61fe75aac3e95ffde9b1c8cc06dae9749017020586dc334ef_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:72c17887a35bc880045ea9ef7d2fcdf5fda106f563853102582661698d71af74_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:c77bfce0abaac800970937b5348cf16b631a101f6e96c743d5782f6b420d191a_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:3dd3c388b1acf33c0d651b32bc0510395926e5e5444f6c3fd2e72c4ac00cb64d_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:72d9112a32a3e0598883a679cd2937fee73dffd502ddb2e44350e7e6625175e7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:81994abd500fe05fa9ebc1bb6ccfde573ca1e2acafa3a943f31dc2a5dc5599fd_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:acc4cacbb79098e2430a51abec6667bcd401591b9d8c250978328360e947caec_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:4f8fe30627b138387849db8b9e027c6600b4d8e8a9fb60898dd087ac04a3fd10_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:5fc0894cf8677cf0b4540dd45001085a1c6283666757196191311276ff1f52f7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:bc596235b5108185241212de4315eb2fd1d520586041704fe6ea0f0556682f9c_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:d1ef4d43c288a2e2be270932d8bee2ebabe08d1c05eaedf408e8d3f08bc37d3d_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:38df2ee7b5531f7d2539a9b43cb4dee79c9afc3c47a9acd7a53352381bc77e0c_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:9eeb9e5ad290a62fd14bbe09d9214a123a3eb790f05b80a6bb94c7e9f55ec865_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:bee7a94b145bb0ef379093ccfa0eb0305b849c38d3974a0e45a32f8df7e0ed25_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:dd34a7c660015f0b0e85cf29bf768b873c8ffd10b4f30551dd4b761d6e2f93b6_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4fa64c0356d5de6ba506f6e5fe0af5112a071407f7882a4b69624d77e20014f5_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:6827a3aaadf146c58909950974c674e8ada6b408ce5055d146ba9cc504a3d38a_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:81170bd47e3f6d2ff25a1862e59c6b115858aa77254fe938034651e41d063f7e_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:b694393f429516351f376b8083d292f47ed203c147d6c80d2368543c95ea8169_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:2bbbef20cf7cd9e25fdf2c85f8ee0d85456ecea9f6fe63e316e82d6aa458fd65_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:331d6aa12b6dbe31110d4df4167150dc113b5915be1ffbbd8b606070c487b5ad_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:940208d4dd7b2d9700afde7071d4a17a428c1986b25294e4795f15ff90155cfb_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:99d598d0da818321501ab77ffd36dfb56af3ce815cd16c99bfe66fcc6be2bac6_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:63abdb4c0068a84e59a3317ecff1357f022d2666e6471d2ebd54a877c528ea3a_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:b9be5c3803e158f1fc6f9c2ddc0a1dc23a9d58a44ba9a3d70c869482af3f339a_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:d85da0482a93a9ee65d55ae033f61e26fb9a6b8ce8f7c855bbd670c69ad20fa2_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:e1d319b4eba5225519607ad30ee4dd56756ab5e76c403f1dcc8b98b0ab6cb416_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:21fe3eae3fc1fe8c338d41746943152c972087c5bba0f8af1445af1d77ce27fb_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:5e5f0d91736d097226d32257d77e8efeffb52e6e0616c52d93ac066d7fbe3b03_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:8700e66a3fcd395fe9b7a6e1171568356edcc022d9ff721f995f40a78f320ca8_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:c47d0280add20fe510e2c74334b905363b16b04491198af0fe8ca54ff063929e_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:321705a23de2319617f327718c625682d0a9ca7499f056c2d0d1e2239a7533da_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:9db5800892c9c9d70a73ed369832711be57d34fb9deb801537d50df9bf1741d0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:a46b7990c0ad07dae78f43334c9bd5e6cba7b50ca60d3f880099b71e77bed214_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:be660e120bdda9b702ba6367c75c6eefa6c89ae6adfd7bd703bda0778b5c1060_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:089e54bad6d4cf04a40bef07321331364335e9b94f2895799dc20cc3b1d15b4f_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:6b79cc81807a4ba2eb1170d4c4341d4b3ec92b4e94c5de9837596bb082cc5628_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:799e7cb98798ab5c91f87dcce0817a3af253b038aeafd76eaf480f29e9009c92_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:d01bf0b31ad411e386a095817cd4b903613bfd2325040e91b92021b30be64c75_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:14ebd0e2b72184fd3cd064d464a66ff63dde432e4ec3297ab159ee46aa566da1_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:53ee7c53f046aeec9dc6250b776b5655758fe9d7b8028c43e36de2b82c7db4a5_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a1301dad903784986ba1940a67ef6cc5f6b9f2864fb290ac7a8f785a5d7ffb30_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a410ab1652167801e86452e024b30f9e3910a277c83a2111fac67fa4c05a8260_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:29f6ea3c582bb0a38e00988b1dcfff1a11697f2975454761812de03074855a77_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:42c8035b31fe78ed39d7fc4fcd344f02318ac3fa11b9bfa136412f44fd30c448_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:8e38fd058d78053b1a0dbe2bfb24e0dbef332e6fe1a53fef20d23c832088e20c_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:9da79600ffaf0fb23cd1222f3fb6de88e7c4d245b6cafc60a2806b8c5db66ac8_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:57a58a355f9f9cac3fcad5c30b6580cd445b5da23674895724308ce37609d245_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:6ab6080fe409b7a365d73923e4d5f3ec3e98a5a20dd7497be1d8dae78fec1532_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:832dc5f1fb97dcdd6b4d4734a3bdc922292807d555ea3c46b551440b82b3b024_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:d67ae06f23f7325531799ccef39d69c2967d0dae7bf7be560e65b02f0e1632a0_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:035e9b78ad832f30f15d9b75f7ae2faf220fe7d54b0cafcb184e242f77148a7b_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:074a8a5f28c8518daee6887b783046a0895ed65ddef29f1332f66598011695c1_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:1526233c99e74ac377c7c4c0b632a3755e468c9566b868330860ecf7bebac73c_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:bfbbccf02f9dbcbb0504188ba88605391e5e1ff5f09a8ba254867f74cf2385ff_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:4358bd5264994f7e2fefce583da0714fb9d4fb085eb1ab51b8309f0d94b9f153_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:a07c342c2e0cb85ab07527dd943cabfaac076ca3d541a94046fdaea882a1c627_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:cfec93f99516e4d29a0e3f4096a8063bce44f585b654582a189d41771cbd3f88_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:de6ec17ca6e1e523a0def395050a67592748b152af19ce957ffa992fd872124d_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26c4927f2c88031e4607387679416592eaf74466493a0421294b6e00a256add2_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:31f797b35537f16b4da2dabcc6fa8403540f2fa4fd2fb4756cc761db7d835eae_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:6966da8cb3686cd191d60224d93f74b5dfcfba4ccb398e5801614dd7d36f9c58_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:f7716e6bc3ce510d9c59818b189127b746ee9756c47e84b0005af0142c733279_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:819208b38462cb051ad4c758fe4abb083284969f9f31810d3ddaed0db03e5a18_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:aeb87311c1172e40165244e95f2a844f7079c39a65ac5edf23d1be31493193b9_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:bfe8d2e997c20941c14a88bc7b9ed630bbbfd639f094c651e63726dbfe432d53_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:d477979961e8bc28199454312d5147eb837fb17a193d3ea3f356fc6eb1881fa6_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:17ae245d343ebf0387352486690a78d351e66c9c4927f4b652173d70f6edf879_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:4d0584573dc88a4432e95ecd2e64dd92c1fc1c5a945939b47f0874a8704bd353_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:d0923360f8d0b918fe45fd89a0bccfb5066daa40a898aee8e5848cbfbab3a168_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:e79452acf8d3b269fbdc6e958cc0689afc7cedb90d871df1728f391bd4be2931_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:1b59e9e1281f15ac2c571b4b3accd841864161f23afb493cb8fee427b5e2a04f_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f9fa2c6058da4836d92fea2405296de1ed900179a60fd07ed14b9ae1705fdea_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:5bb94a87c3ac594474f1190bb157c8e6a79be4f73515d29b60b005a208c83543_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ec72a0e8654072f757fd9a1ca5385428d08cfd024e7bf59c59d78e5df3dce053_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:1629e75e8d18e5af47c71f6d156496a0ea9addeb476de6e79deb8ace47281e22_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:20ed8c365c2a3b3015b695c56eb091c9edfa1997e505694e19befbf96ab54417_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:27913ab5c9182e3345ddd4b2515fb80b94748d8b36b4902bdef0efd840e14604_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:731a38900bff389d0c3ff45d2b2326e390c40d09ad2bec0fa78b7fa4bd4dedf7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:0f610489ea55b796b0973d3b80878975a542b61c63b7a0848bbca256fe60bf30_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:2804679d3b6cc59d33e0ada55aab9689bf97f73d89b63f9f155eb62bb2f22ebf_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:b9a1f7c7625bfbf00137ad61d9995f3530fc8a513558370b4b7a3e37b22fc9c0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:c677f6574fd701f9dfce7cd73e939525a4c62c92868323f7876296865ff1ebe2_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:38d1eb001acb51af95e7f4a1878ae55818b1b9863a94c8e4b03e88ea4db2c5a0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54b01953ef2fe569136c577c4387eb405d246c452c35130063e810995ca1ff2f_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54e88e3d33688d3b36cc8fb93db865fd788fe1e8f2ae7300e6c3d4afd08fd7f0_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:86c090b24787fd0ffd1a17317743dcda4c7a5f37e62bc4772b1db7d71b547ff8_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:6182fc24309fa292404727e561a89ecc62a3e317874964e4c94b0ec1bc5088c3_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:7f49ad936046118702cef20ae073ede28c5ba8578f90cd70804942bd5c211c03_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:8eae4223d0f3f5439f3e0618eff6110eef4e4eb2f61df47c09ef2e4979086658_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:ea12410a2594e802d0c3a39b2353ffd79e1ea04aa4d128dc191502326ca33bb5_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:41312496ceeeb4d588f5cf67fd0bcfbebd819b9035315685ca6e66bf2f22c4d9_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:9bebc321f3a61a497f1e7b7543a49f5a679fec7c98326754dd85c2a27506fef6_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:c2fb5eb246becd8037834ee5a0e39f4e023767be59655771a545d9d7105e11cd_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:ee5529540a69ba43ea5c8fe703228242f1b36736cb3f99c4a0650cd9b6e91d29_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:6b3e1fb2d534596e811290912f44adc7e802f0b9221fdf99c040804741be51f4_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:97f4b5fe34f39729a6e5b0dae6992788e707e400bf5e0c7f6ef9e0a1751ffd81_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:abb7268ee2ce62b94b4dba0fc65207bcc7ac64338b10d15ccc57a0b077c56d5e_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-chains-controller-rhel8@sha256:d0e21023ff258a92b2b899089ac8245f6a7aaedf72596dd952bc6bc2072f07eb_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:5fcd0a7266ebb30fcb6522de7d46185f3c4effcf7aed2bdff9133180d8092e81_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:a9308b73e38d1784e7e0e85530494811a3a936581b0b15406a831cbca6b51d4d_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:d740f317b2fd15a7fdb8b5461bc3ee13d8eed50c29536fe4217b89340103f07f_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-cli-tkn-rhel8@sha256:ec8e4322d9d75fbaf2bbdf87d80f890af7e59b111a03138e2ea9e8e21a9841fc_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:458ff95d3645b3904d6ff93b5a2da1759a27e9d0d775c8adf598ab6886eba175_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:5cc1a8b7a7d6af4681e93dbcf378bc0b1cac853aa37172dd2e64950e33b0d390_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:6730b6c5d63b9fbd7e10150fcc5e62c0145320a949f0dda56ae0864561651729_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-console-plugin-rhel8@sha256:ed1ecc41d06d040907ac59e0c39ddd6429770cba6628fb532228f3b1b4b1233d_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:5da6397f22e3ebd8a8d363f39d8cba2fdf15b13a2f8955488ac2b047a2ee3b90_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:93e0a7bcbef2432c645a0f7295035776950ff2018452b6a63bdd3af9312746c3_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a0c347a5c888baedebaa32eecf9cf6f625fcf37ade2f42702ff6bbfb306e68f8_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-controller-rhel8@sha256:a1e781866d3c356f38e89a3937d6b96a3c15b7b880f1a5c35fe7e106f81213fe_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:43dc6d413eab18ba5fa27c8acbbc437dbb21294b47be41cb4e77bfa49ee6776e_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:60c70453cdda43c61fe75aac3e95ffde9b1c8cc06dae9749017020586dc334ef_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:72c17887a35bc880045ea9ef7d2fcdf5fda106f563853102582661698d71af74_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-entrypoint-rhel8@sha256:c77bfce0abaac800970937b5348cf16b631a101f6e96c743d5782f6b420d191a_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:3dd3c388b1acf33c0d651b32bc0510395926e5e5444f6c3fd2e72c4ac00cb64d_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:72d9112a32a3e0598883a679cd2937fee73dffd502ddb2e44350e7e6625175e7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:81994abd500fe05fa9ebc1bb6ccfde573ca1e2acafa3a943f31dc2a5dc5599fd_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-events-rhel8@sha256:acc4cacbb79098e2430a51abec6667bcd401591b9d8c250978328360e947caec_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:4f8fe30627b138387849db8b9e027c6600b4d8e8a9fb60898dd087ac04a3fd10_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:5fc0894cf8677cf0b4540dd45001085a1c6283666757196191311276ff1f52f7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:bc596235b5108185241212de4315eb2fd1d520586041704fe6ea0f0556682f9c_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-git-init-rhel8@sha256:d1ef4d43c288a2e2be270932d8bee2ebabe08d1c05eaedf408e8d3f08bc37d3d_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:38df2ee7b5531f7d2539a9b43cb4dee79c9afc3c47a9acd7a53352381bc77e0c_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:9eeb9e5ad290a62fd14bbe09d9214a123a3eb790f05b80a6bb94c7e9f55ec865_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:bee7a94b145bb0ef379093ccfa0eb0305b849c38d3974a0e45a32f8df7e0ed25_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-api-rhel8@sha256:dd34a7c660015f0b0e85cf29bf768b873c8ffd10b4f30551dd4b761d6e2f93b6_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:4fa64c0356d5de6ba506f6e5fe0af5112a071407f7882a4b69624d77e20014f5_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:6827a3aaadf146c58909950974c674e8ada6b408ce5055d146ba9cc504a3d38a_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:81170bd47e3f6d2ff25a1862e59c6b115858aa77254fe938034651e41d063f7e_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-db-migration-rhel8@sha256:b694393f429516351f376b8083d292f47ed203c147d6c80d2368543c95ea8169_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:2bbbef20cf7cd9e25fdf2c85f8ee0d85456ecea9f6fe63e316e82d6aa458fd65_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:331d6aa12b6dbe31110d4df4167150dc113b5915be1ffbbd8b606070c487b5ad_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:940208d4dd7b2d9700afde7071d4a17a428c1986b25294e4795f15ff90155cfb_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-hub-ui-rhel8@sha256:99d598d0da818321501ab77ffd36dfb56af3ce815cd16c99bfe66fcc6be2bac6_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:63abdb4c0068a84e59a3317ecff1357f022d2666e6471d2ebd54a877c528ea3a_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:b9be5c3803e158f1fc6f9c2ddc0a1dc23a9d58a44ba9a3d70c869482af3f339a_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:d85da0482a93a9ee65d55ae033f61e26fb9a6b8ce8f7c855bbd670c69ad20fa2_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-manual-approval-gate-rhel8@sha256:e1d319b4eba5225519607ad30ee4dd56756ab5e76c403f1dcc8b98b0ab6cb416_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:21fe3eae3fc1fe8c338d41746943152c972087c5bba0f8af1445af1d77ce27fb_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:5e5f0d91736d097226d32257d77e8efeffb52e6e0616c52d93ac066d7fbe3b03_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:8700e66a3fcd395fe9b7a6e1171568356edcc022d9ff721f995f40a78f320ca8_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-nop-rhel8@sha256:c47d0280add20fe510e2c74334b905363b16b04491198af0fe8ca54ff063929e_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:321705a23de2319617f327718c625682d0a9ca7499f056c2d0d1e2239a7533da_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:9db5800892c9c9d70a73ed369832711be57d34fb9deb801537d50df9bf1741d0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:a46b7990c0ad07dae78f43334c9bd5e6cba7b50ca60d3f880099b71e77bed214_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-bundle@sha256:be660e120bdda9b702ba6367c75c6eefa6c89ae6adfd7bd703bda0778b5c1060_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:089e54bad6d4cf04a40bef07321331364335e9b94f2895799dc20cc3b1d15b4f_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:6b79cc81807a4ba2eb1170d4c4341d4b3ec92b4e94c5de9837596bb082cc5628_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:799e7cb98798ab5c91f87dcce0817a3af253b038aeafd76eaf480f29e9009c92_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-proxy-rhel8@sha256:d01bf0b31ad411e386a095817cd4b903613bfd2325040e91b92021b30be64c75_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:14ebd0e2b72184fd3cd064d464a66ff63dde432e4ec3297ab159ee46aa566da1_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:53ee7c53f046aeec9dc6250b776b5655758fe9d7b8028c43e36de2b82c7db4a5_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a1301dad903784986ba1940a67ef6cc5f6b9f2864fb290ac7a8f785a5d7ffb30_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-operator-webhook-rhel8@sha256:a410ab1652167801e86452e024b30f9e3910a277c83a2111fac67fa4c05a8260_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:29f6ea3c582bb0a38e00988b1dcfff1a11697f2975454761812de03074855a77_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:42c8035b31fe78ed39d7fc4fcd344f02318ac3fa11b9bfa136412f44fd30c448_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:8e38fd058d78053b1a0dbe2bfb24e0dbef332e6fe1a53fef20d23c832088e20c_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-pipelines-as-code-rhel8@sha256:9da79600ffaf0fb23cd1222f3fb6de88e7c4d245b6cafc60a2806b8c5db66ac8_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:57a58a355f9f9cac3fcad5c30b6580cd445b5da23674895724308ce37609d245_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:6ab6080fe409b7a365d73923e4d5f3ec3e98a5a20dd7497be1d8dae78fec1532_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:832dc5f1fb97dcdd6b4d4734a3bdc922292807d555ea3c46b551440b82b3b024_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-resolvers-rhel8@sha256:d67ae06f23f7325531799ccef39d69c2967d0dae7bf7be560e65b02f0e1632a0_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:035e9b78ad832f30f15d9b75f7ae2faf220fe7d54b0cafcb184e242f77148a7b_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:074a8a5f28c8518daee6887b783046a0895ed65ddef29f1332f66598011695c1_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:1526233c99e74ac377c7c4c0b632a3755e468c9566b868330860ecf7bebac73c_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-api-rhel8@sha256:bfbbccf02f9dbcbb0504188ba88605391e5e1ff5f09a8ba254867f74cf2385ff_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:4358bd5264994f7e2fefce583da0714fb9d4fb085eb1ab51b8309f0d94b9f153_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:a07c342c2e0cb85ab07527dd943cabfaac076ca3d541a94046fdaea882a1c627_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:cfec93f99516e4d29a0e3f4096a8063bce44f585b654582a189d41771cbd3f88_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-retention-policy-agent-rhel8@sha256:de6ec17ca6e1e523a0def395050a67592748b152af19ce957ffa992fd872124d_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:26c4927f2c88031e4607387679416592eaf74466493a0421294b6e00a256add2_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:31f797b35537f16b4da2dabcc6fa8403540f2fa4fd2fb4756cc761db7d835eae_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:6966da8cb3686cd191d60224d93f74b5dfcfba4ccb398e5801614dd7d36f9c58_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-results-watcher-rhel8@sha256:f7716e6bc3ce510d9c59818b189127b746ee9756c47e84b0005af0142c733279_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:819208b38462cb051ad4c758fe4abb083284969f9f31810d3ddaed0db03e5a18_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:aeb87311c1172e40165244e95f2a844f7079c39a65ac5edf23d1be31493193b9_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:bfe8d2e997c20941c14a88bc7b9ed630bbbfd639f094c651e63726dbfe432d53_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-rhel8-operator@sha256:d477979961e8bc28199454312d5147eb837fb17a193d3ea3f356fc6eb1881fa6_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:17ae245d343ebf0387352486690a78d351e66c9c4927f4b652173d70f6edf879_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:4d0584573dc88a4432e95ecd2e64dd92c1fc1c5a945939b47f0874a8704bd353_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:d0923360f8d0b918fe45fd89a0bccfb5066daa40a898aee8e5848cbfbab3a168_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-serve-tkn-cli-rhel8@sha256:e79452acf8d3b269fbdc6e958cc0689afc7cedb90d871df1728f391bd4be2931_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:1b59e9e1281f15ac2c571b4b3accd841864161f23afb493cb8fee427b5e2a04f_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:3f9fa2c6058da4836d92fea2405296de1ed900179a60fd07ed14b9ae1705fdea_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:5bb94a87c3ac594474f1190bb157c8e6a79be4f73515d29b60b005a208c83543_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-controller-rhel8@sha256:ec72a0e8654072f757fd9a1ca5385428d08cfd024e7bf59c59d78e5df3dce053_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:1629e75e8d18e5af47c71f6d156496a0ea9addeb476de6e79deb8ace47281e22_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:20ed8c365c2a3b3015b695c56eb091c9edfa1997e505694e19befbf96ab54417_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:27913ab5c9182e3345ddd4b2515fb80b94748d8b36b4902bdef0efd840e14604_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-core-interceptors-rhel8@sha256:731a38900bff389d0c3ff45d2b2326e390c40d09ad2bec0fa78b7fa4bd4dedf7_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:0f610489ea55b796b0973d3b80878975a542b61c63b7a0848bbca256fe60bf30_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:2804679d3b6cc59d33e0ada55aab9689bf97f73d89b63f9f155eb62bb2f22ebf_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:b9a1f7c7625bfbf00137ad61d9995f3530fc8a513558370b4b7a3e37b22fc9c0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8@sha256:c677f6574fd701f9dfce7cd73e939525a4c62c92868323f7876296865ff1ebe2_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:38d1eb001acb51af95e7f4a1878ae55818b1b9863a94c8e4b03e88ea4db2c5a0_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54b01953ef2fe569136c577c4387eb405d246c452c35130063e810995ca1ff2f_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:54e88e3d33688d3b36cc8fb93db865fd788fe1e8f2ae7300e6c3d4afd08fd7f0_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-triggers-webhook-rhel8@sha256:86c090b24787fd0ffd1a17317743dcda4c7a5f37e62bc4772b1db7d71b547ff8_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:6182fc24309fa292404727e561a89ecc62a3e317874964e4c94b0ec1bc5088c3_arm64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:7f49ad936046118702cef20ae073ede28c5ba8578f90cd70804942bd5c211c03_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:8eae4223d0f3f5439f3e0618eff6110eef4e4eb2f61df47c09ef2e4979086658_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-webhook-rhel8@sha256:ea12410a2594e802d0c3a39b2353ffd79e1ea04aa4d128dc191502326ca33bb5_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:41312496ceeeb4d588f5cf67fd0bcfbebd819b9035315685ca6e66bf2f22c4d9_ppc64le",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:9bebc321f3a61a497f1e7b7543a49f5a679fec7c98326754dd85c2a27506fef6_s390x",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:c2fb5eb246becd8037834ee5a0e39f4e023767be59655771a545d9d7105e11cd_amd64",
"8Base-PIPELINES-1.16:openshift-pipelines/pipelines-workingdirinit-rhel8@sha256:ee5529540a69ba43ea5c8fe703228242f1b36736cb3f99c4a0650cd9b6e91d29_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: axios: Server-Side Request Forgery"
}
]
}
RHSA-2024:6209
Vulnerability from csaf_redhat - Published: 2024-09-03 10:04 - Updated: 2026-06-02 23:02Summary
Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.4.10 security update
Severity
Moderate
Notes
Topic: Red Hat OpenShift Service Mesh Containers for 2.4.10
Red Hat Product Security has rated this update as having a security impact of
Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a
detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
Details: Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.
Security Fix(es):
* axios: Server-Side Request Forgery (CVE-2024-39338)
* elliptic: nodejs/elliptic: From NVD collector (CVE-2024-42459)
* ECDSA signature malleability due to missing checks (CVE-2024-42460)
* ECDSA implementation malleability due to BER-enconded signatures being allowed (CVE-2024-42461)
* jose-go: improper handling of highly compressed data (CVE-2024-28180)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A vulnerability was found in Jose due to improper handling of highly compressed data. This issue could allow an attacker to send a JWE containing compressed data that uses large amounts of memory and CPU when decompressed by Decrypt or DecryptMulti.
4.3 (Medium)
Affected products
Fixed
28 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:a22d6479a42218465760a1d69698becc8f9a52611b94dca2b0e6e6c4cd1f57e9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:ad11189a25220c34fb540897fb45cf249594e7620c289bbe96bff12503ad93b2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:bd78beca1f12e74496b8e50d102706a69fdb6761e5d27542ed215dffdeeda040_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:dcb3244a1174038bf6a15f5fa2af049051bc081a7954b5158d01ca62c1f4612c_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:34cde6f9ac5e0daabedd72d92bb7174f235f3788a5cd0da61ea02a4ed401d4c4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:3b7c8f8ae92239b749c9cf2ac8eefcddc1709228fba062c13c1f08b5ada8948d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:56eccfed504f353e9d93bcce4831454f78b42c22468c8c76bbd9f301db0302a0_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:8695969f7b7249befc05a5aa21872db62b62ce1d666dcbc46b413abaea1c8896_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:1174fe7492b61515788099876e47cf1ff1bc9f4acbd546bba11542d28d5633dd_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:5f4eeee81cf9de99fa94f3a30c18f16c8fb1d79f4758c7b558c7585f4d779459_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:b427b91446551d74f5602b6e644101f560885e580ca1e75dca38b752c031e7a6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:dc3c46edf33bb7ce827f6bec3bc76a6381346e053471984fd0dec127284079e2_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:3b7c60376ce1df8a387f55e5f5d97778b0d7d4df7def6ac47fb4b1be8e38a20d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:79f483dd161ee51e237eeb8f6c2b782fa4ffa01a63976529e09f5d43dfd4b705_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:b6294ac85755654fb6091a5d2b8456713279c263c9dbfac440ab0e6e41b40c35_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:bb7c59c89be24d5a763dee70bf1895175c8f14b8125774a6d6d7938ab164df6d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:24eedaba1a0848d04af90278aaaba1a2790231d7049ed39047768ceed591f806_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:616faca6fd7684383ce8df2ffe0e0e72d397ff86a96a90096fa9bbb707736a64_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:d63b3d2356e504ed5e63fee770e71405e9efebaa0687ff95c72087755eb63445_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:dce09ee679578ab559f925bb6bc17746f71f38a5809bdebe2a22d548b1055345_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:52bfe29d4b87e59e34de3620a9c78e2a964d81c91fe94bca2a4e6b5ae6773ab0_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:6968e0f1a5034efb7c86248153573a3403ea8f7da1aaaa6cc2ee815a32958ee2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:7e82f3597adb81ea86f8aaba8f7352bf20d5f533f948e5c86723871cb369e721_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:e63be81ffec6b125ae15a64b39c950e8b6d94c71fb3ebf3e59c36fd6a8708cd7_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:8b3c1cfa497893afa13413040ace41560f542136bfcc29fc4672527e646a385b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:930d626158c0affcb82bd8f7ec27750b6cd58ff136498c806ecb9f01b59dd697_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:b23e1cdef09c9ec88d48969666b7646068cc811e0b9dc6f16df08ba372764ce6_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ecf11409a26b7623eeb2d6a9928da13ef992e7d4e2cd9743b20a5a1a6412eb8e_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A vulnerability was found in the Axios HTTP Client. It is vulnerable to a server-side request forgery attack (SSRF) caused by unexpected behavior where requests for path-relative URLs get processed as protocol-relative URLs. This flaw allows an attacker to perform arbitrary requests from the server, potentially accessing internal systems or exfiltrating sensitive data.
7.5 (High)
Affected products
Fixed
28 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:a22d6479a42218465760a1d69698becc8f9a52611b94dca2b0e6e6c4cd1f57e9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:ad11189a25220c34fb540897fb45cf249594e7620c289bbe96bff12503ad93b2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:bd78beca1f12e74496b8e50d102706a69fdb6761e5d27542ed215dffdeeda040_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:dcb3244a1174038bf6a15f5fa2af049051bc081a7954b5158d01ca62c1f4612c_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:34cde6f9ac5e0daabedd72d92bb7174f235f3788a5cd0da61ea02a4ed401d4c4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:3b7c8f8ae92239b749c9cf2ac8eefcddc1709228fba062c13c1f08b5ada8948d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:56eccfed504f353e9d93bcce4831454f78b42c22468c8c76bbd9f301db0302a0_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:8695969f7b7249befc05a5aa21872db62b62ce1d666dcbc46b413abaea1c8896_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:1174fe7492b61515788099876e47cf1ff1bc9f4acbd546bba11542d28d5633dd_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:5f4eeee81cf9de99fa94f3a30c18f16c8fb1d79f4758c7b558c7585f4d779459_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:b427b91446551d74f5602b6e644101f560885e580ca1e75dca38b752c031e7a6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:dc3c46edf33bb7ce827f6bec3bc76a6381346e053471984fd0dec127284079e2_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:3b7c60376ce1df8a387f55e5f5d97778b0d7d4df7def6ac47fb4b1be8e38a20d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:79f483dd161ee51e237eeb8f6c2b782fa4ffa01a63976529e09f5d43dfd4b705_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:b6294ac85755654fb6091a5d2b8456713279c263c9dbfac440ab0e6e41b40c35_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:bb7c59c89be24d5a763dee70bf1895175c8f14b8125774a6d6d7938ab164df6d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:24eedaba1a0848d04af90278aaaba1a2790231d7049ed39047768ceed591f806_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:616faca6fd7684383ce8df2ffe0e0e72d397ff86a96a90096fa9bbb707736a64_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:d63b3d2356e504ed5e63fee770e71405e9efebaa0687ff95c72087755eb63445_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:dce09ee679578ab559f925bb6bc17746f71f38a5809bdebe2a22d548b1055345_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:52bfe29d4b87e59e34de3620a9c78e2a964d81c91fe94bca2a4e6b5ae6773ab0_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:6968e0f1a5034efb7c86248153573a3403ea8f7da1aaaa6cc2ee815a32958ee2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:7e82f3597adb81ea86f8aaba8f7352bf20d5f533f948e5c86723871cb369e721_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:e63be81ffec6b125ae15a64b39c950e8b6d94c71fb3ebf3e59c36fd6a8708cd7_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:8b3c1cfa497893afa13413040ace41560f542136bfcc29fc4672527e646a385b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:930d626158c0affcb82bd8f7ec27750b6cd58ff136498c806ecb9f01b59dd697_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:b23e1cdef09c9ec88d48969666b7646068cc811e0b9dc6f16df08ba372764ce6_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ecf11409a26b7623eeb2d6a9928da13ef992e7d4e2cd9743b20a5a1a6412eb8e_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in the NodeJS Elliptic package. When creating EDDSA signatures, the Elliptic package doesn't properly check the signature length, allowing zeros to be added or removed from the signature without invalidating it, which may result in confidentiality issues.
5.3 (Medium)
Affected products
Fixed
28 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:a22d6479a42218465760a1d69698becc8f9a52611b94dca2b0e6e6c4cd1f57e9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:ad11189a25220c34fb540897fb45cf249594e7620c289bbe96bff12503ad93b2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:bd78beca1f12e74496b8e50d102706a69fdb6761e5d27542ed215dffdeeda040_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:dcb3244a1174038bf6a15f5fa2af049051bc081a7954b5158d01ca62c1f4612c_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:34cde6f9ac5e0daabedd72d92bb7174f235f3788a5cd0da61ea02a4ed401d4c4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:3b7c8f8ae92239b749c9cf2ac8eefcddc1709228fba062c13c1f08b5ada8948d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:56eccfed504f353e9d93bcce4831454f78b42c22468c8c76bbd9f301db0302a0_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:8695969f7b7249befc05a5aa21872db62b62ce1d666dcbc46b413abaea1c8896_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:1174fe7492b61515788099876e47cf1ff1bc9f4acbd546bba11542d28d5633dd_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:5f4eeee81cf9de99fa94f3a30c18f16c8fb1d79f4758c7b558c7585f4d779459_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:b427b91446551d74f5602b6e644101f560885e580ca1e75dca38b752c031e7a6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:dc3c46edf33bb7ce827f6bec3bc76a6381346e053471984fd0dec127284079e2_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:3b7c60376ce1df8a387f55e5f5d97778b0d7d4df7def6ac47fb4b1be8e38a20d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:79f483dd161ee51e237eeb8f6c2b782fa4ffa01a63976529e09f5d43dfd4b705_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:b6294ac85755654fb6091a5d2b8456713279c263c9dbfac440ab0e6e41b40c35_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:bb7c59c89be24d5a763dee70bf1895175c8f14b8125774a6d6d7938ab164df6d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:24eedaba1a0848d04af90278aaaba1a2790231d7049ed39047768ceed591f806_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:616faca6fd7684383ce8df2ffe0e0e72d397ff86a96a90096fa9bbb707736a64_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:d63b3d2356e504ed5e63fee770e71405e9efebaa0687ff95c72087755eb63445_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:dce09ee679578ab559f925bb6bc17746f71f38a5809bdebe2a22d548b1055345_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:52bfe29d4b87e59e34de3620a9c78e2a964d81c91fe94bca2a4e6b5ae6773ab0_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:6968e0f1a5034efb7c86248153573a3403ea8f7da1aaaa6cc2ee815a32958ee2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:7e82f3597adb81ea86f8aaba8f7352bf20d5f533f948e5c86723871cb369e721_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:e63be81ffec6b125ae15a64b39c950e8b6d94c71fb3ebf3e59c36fd6a8708cd7_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:8b3c1cfa497893afa13413040ace41560f542136bfcc29fc4672527e646a385b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:930d626158c0affcb82bd8f7ec27750b6cd58ff136498c806ecb9f01b59dd697_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:b23e1cdef09c9ec88d48969666b7646068cc811e0b9dc6f16df08ba372764ce6_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ecf11409a26b7623eeb2d6a9928da13ef992e7d4e2cd9743b20a5a1a6412eb8e_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the Elliptic NodeJS package where it fails to properly verify the leading bit for the R and S values used in the ECDSA signature. This issue may lead to a scenario where an attacker can modify the signature without the Elliptic library being able to properly reject it, causing data confidentiality issues.
5.3 (Medium)
Affected products
Fixed
28 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:a22d6479a42218465760a1d69698becc8f9a52611b94dca2b0e6e6c4cd1f57e9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:ad11189a25220c34fb540897fb45cf249594e7620c289bbe96bff12503ad93b2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:bd78beca1f12e74496b8e50d102706a69fdb6761e5d27542ed215dffdeeda040_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:dcb3244a1174038bf6a15f5fa2af049051bc081a7954b5158d01ca62c1f4612c_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:34cde6f9ac5e0daabedd72d92bb7174f235f3788a5cd0da61ea02a4ed401d4c4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:3b7c8f8ae92239b749c9cf2ac8eefcddc1709228fba062c13c1f08b5ada8948d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:56eccfed504f353e9d93bcce4831454f78b42c22468c8c76bbd9f301db0302a0_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:8695969f7b7249befc05a5aa21872db62b62ce1d666dcbc46b413abaea1c8896_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:1174fe7492b61515788099876e47cf1ff1bc9f4acbd546bba11542d28d5633dd_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:5f4eeee81cf9de99fa94f3a30c18f16c8fb1d79f4758c7b558c7585f4d779459_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:b427b91446551d74f5602b6e644101f560885e580ca1e75dca38b752c031e7a6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:dc3c46edf33bb7ce827f6bec3bc76a6381346e053471984fd0dec127284079e2_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:3b7c60376ce1df8a387f55e5f5d97778b0d7d4df7def6ac47fb4b1be8e38a20d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:79f483dd161ee51e237eeb8f6c2b782fa4ffa01a63976529e09f5d43dfd4b705_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:b6294ac85755654fb6091a5d2b8456713279c263c9dbfac440ab0e6e41b40c35_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:bb7c59c89be24d5a763dee70bf1895175c8f14b8125774a6d6d7938ab164df6d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:24eedaba1a0848d04af90278aaaba1a2790231d7049ed39047768ceed591f806_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:616faca6fd7684383ce8df2ffe0e0e72d397ff86a96a90096fa9bbb707736a64_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:d63b3d2356e504ed5e63fee770e71405e9efebaa0687ff95c72087755eb63445_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:dce09ee679578ab559f925bb6bc17746f71f38a5809bdebe2a22d548b1055345_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:52bfe29d4b87e59e34de3620a9c78e2a964d81c91fe94bca2a4e6b5ae6773ab0_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:6968e0f1a5034efb7c86248153573a3403ea8f7da1aaaa6cc2ee815a32958ee2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:7e82f3597adb81ea86f8aaba8f7352bf20d5f533f948e5c86723871cb369e721_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:e63be81ffec6b125ae15a64b39c950e8b6d94c71fb3ebf3e59c36fd6a8708cd7_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:8b3c1cfa497893afa13413040ace41560f542136bfcc29fc4672527e646a385b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:930d626158c0affcb82bd8f7ec27750b6cd58ff136498c806ecb9f01b59dd697_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:b23e1cdef09c9ec88d48969666b7646068cc811e0b9dc6f16df08ba372764ce6_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ecf11409a26b7623eeb2d6a9928da13ef992e7d4e2cd9743b20a5a1a6412eb8e_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the Elliptic package for Node.js. ECDSA signatures encoded in BER format are improperly validated, allowing leading zeros to be added to the signature without invalidating it, resulting in confidentiality issues.
5.3 (Medium)
Affected products
Fixed
28 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:a22d6479a42218465760a1d69698becc8f9a52611b94dca2b0e6e6c4cd1f57e9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:ad11189a25220c34fb540897fb45cf249594e7620c289bbe96bff12503ad93b2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:bd78beca1f12e74496b8e50d102706a69fdb6761e5d27542ed215dffdeeda040_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:dcb3244a1174038bf6a15f5fa2af049051bc081a7954b5158d01ca62c1f4612c_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:34cde6f9ac5e0daabedd72d92bb7174f235f3788a5cd0da61ea02a4ed401d4c4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:3b7c8f8ae92239b749c9cf2ac8eefcddc1709228fba062c13c1f08b5ada8948d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:56eccfed504f353e9d93bcce4831454f78b42c22468c8c76bbd9f301db0302a0_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:8695969f7b7249befc05a5aa21872db62b62ce1d666dcbc46b413abaea1c8896_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:1174fe7492b61515788099876e47cf1ff1bc9f4acbd546bba11542d28d5633dd_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:5f4eeee81cf9de99fa94f3a30c18f16c8fb1d79f4758c7b558c7585f4d779459_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:b427b91446551d74f5602b6e644101f560885e580ca1e75dca38b752c031e7a6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:dc3c46edf33bb7ce827f6bec3bc76a6381346e053471984fd0dec127284079e2_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:3b7c60376ce1df8a387f55e5f5d97778b0d7d4df7def6ac47fb4b1be8e38a20d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:79f483dd161ee51e237eeb8f6c2b782fa4ffa01a63976529e09f5d43dfd4b705_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:b6294ac85755654fb6091a5d2b8456713279c263c9dbfac440ab0e6e41b40c35_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:bb7c59c89be24d5a763dee70bf1895175c8f14b8125774a6d6d7938ab164df6d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:24eedaba1a0848d04af90278aaaba1a2790231d7049ed39047768ceed591f806_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:616faca6fd7684383ce8df2ffe0e0e72d397ff86a96a90096fa9bbb707736a64_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:d63b3d2356e504ed5e63fee770e71405e9efebaa0687ff95c72087755eb63445_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:dce09ee679578ab559f925bb6bc17746f71f38a5809bdebe2a22d548b1055345_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:52bfe29d4b87e59e34de3620a9c78e2a964d81c91fe94bca2a4e6b5ae6773ab0_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:6968e0f1a5034efb7c86248153573a3403ea8f7da1aaaa6cc2ee815a32958ee2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:7e82f3597adb81ea86f8aaba8f7352bf20d5f533f948e5c86723871cb369e721_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:e63be81ffec6b125ae15a64b39c950e8b6d94c71fb3ebf3e59c36fd6a8708cd7_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:8b3c1cfa497893afa13413040ace41560f542136bfcc29fc4672527e646a385b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:930d626158c0affcb82bd8f7ec27750b6cd58ff136498c806ecb9f01b59dd697_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:b23e1cdef09c9ec88d48969666b7646068cc811e0b9dc6f16df08ba372764ce6_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ecf11409a26b7623eeb2d6a9928da13ef992e7d4e2cd9743b20a5a1a6412eb8e_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
28 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Service Mesh Containers for 2.4.10\n\nRed Hat Product Security has rated this update as having a security impact of\nModerate. A Common Vulnerability Scoring System (CVSS) base score, which gives a\ndetailed severity rating, is available for each vulnerability from the CVE\nlink(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Service Mesh is Red Hat\u0027s distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.\n\nSecurity Fix(es):\n* axios: Server-Side Request Forgery (CVE-2024-39338)\n* elliptic: nodejs/elliptic: From NVD collector (CVE-2024-42459)\n* ECDSA signature malleability due to missing checks (CVE-2024-42460)\n* ECDSA implementation malleability due to BER-enconded signatures being allowed (CVE-2024-42461)\n* jose-go: improper handling of highly compressed data (CVE-2024-28180)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:6209",
"url": "https://access.redhat.com/errata/RHSA-2024:6209"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_6209.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.4.10 security update",
"tracking": {
"current_release_date": "2026-06-02T23:02:38+00:00",
"generator": {
"date": "2026-06-02T23:02:38+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2024:6209",
"initial_release_date": "2024-09-03T10:04:55+00:00",
"revision_history": [
{
"date": "2024-09-03T10:04:55+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-09-03T10:04:55+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-02T23:02:38+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHOSSM 2.4 for RHEL 8",
"product": {
"name": "RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_mesh:2.4::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Service Mesh"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:3b7c8f8ae92239b749c9cf2ac8eefcddc1709228fba062c13c1f08b5ada8948d_s390x",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:3b7c8f8ae92239b749c9cf2ac8eefcddc1709228fba062c13c1f08b5ada8948d_s390x",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:3b7c8f8ae92239b749c9cf2ac8eefcddc1709228fba062c13c1f08b5ada8948d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:3b7c8f8ae92239b749c9cf2ac8eefcddc1709228fba062c13c1f08b5ada8948d?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.4.10-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:dcb3244a1174038bf6a15f5fa2af049051bc081a7954b5158d01ca62c1f4612c_s390x",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:dcb3244a1174038bf6a15f5fa2af049051bc081a7954b5158d01ca62c1f4612c_s390x",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:dcb3244a1174038bf6a15f5fa2af049051bc081a7954b5158d01ca62c1f4612c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:dcb3244a1174038bf6a15f5fa2af049051bc081a7954b5158d01ca62c1f4612c?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.4.10-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:79f483dd161ee51e237eeb8f6c2b782fa4ffa01a63976529e09f5d43dfd4b705_s390x",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:79f483dd161ee51e237eeb8f6c2b782fa4ffa01a63976529e09f5d43dfd4b705_s390x",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:79f483dd161ee51e237eeb8f6c2b782fa4ffa01a63976529e09f5d43dfd4b705_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:79f483dd161ee51e237eeb8f6c2b782fa4ffa01a63976529e09f5d43dfd4b705?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.65.15-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:5f4eeee81cf9de99fa94f3a30c18f16c8fb1d79f4758c7b558c7585f4d779459_s390x",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:5f4eeee81cf9de99fa94f3a30c18f16c8fb1d79f4758c7b558c7585f4d779459_s390x",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:5f4eeee81cf9de99fa94f3a30c18f16c8fb1d79f4758c7b558c7585f4d779459_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:5f4eeee81cf9de99fa94f3a30c18f16c8fb1d79f4758c7b558c7585f4d779459?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.4.10-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:616faca6fd7684383ce8df2ffe0e0e72d397ff86a96a90096fa9bbb707736a64_s390x",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:616faca6fd7684383ce8df2ffe0e0e72d397ff86a96a90096fa9bbb707736a64_s390x",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:616faca6fd7684383ce8df2ffe0e0e72d397ff86a96a90096fa9bbb707736a64_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:616faca6fd7684383ce8df2ffe0e0e72d397ff86a96a90096fa9bbb707736a64?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.4.10-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:7e82f3597adb81ea86f8aaba8f7352bf20d5f533f948e5c86723871cb369e721_s390x",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:7e82f3597adb81ea86f8aaba8f7352bf20d5f533f948e5c86723871cb369e721_s390x",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:7e82f3597adb81ea86f8aaba8f7352bf20d5f533f948e5c86723871cb369e721_s390x",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:7e82f3597adb81ea86f8aaba8f7352bf20d5f533f948e5c86723871cb369e721?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.4.10-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:930d626158c0affcb82bd8f7ec27750b6cd58ff136498c806ecb9f01b59dd697_s390x",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:930d626158c0affcb82bd8f7ec27750b6cd58ff136498c806ecb9f01b59dd697_s390x",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:930d626158c0affcb82bd8f7ec27750b6cd58ff136498c806ecb9f01b59dd697_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:930d626158c0affcb82bd8f7ec27750b6cd58ff136498c806ecb9f01b59dd697?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.4.10-3"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:56eccfed504f353e9d93bcce4831454f78b42c22468c8c76bbd9f301db0302a0_ppc64le",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:56eccfed504f353e9d93bcce4831454f78b42c22468c8c76bbd9f301db0302a0_ppc64le",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:56eccfed504f353e9d93bcce4831454f78b42c22468c8c76bbd9f301db0302a0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:56eccfed504f353e9d93bcce4831454f78b42c22468c8c76bbd9f301db0302a0?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.4.10-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:ad11189a25220c34fb540897fb45cf249594e7620c289bbe96bff12503ad93b2_ppc64le",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:ad11189a25220c34fb540897fb45cf249594e7620c289bbe96bff12503ad93b2_ppc64le",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:ad11189a25220c34fb540897fb45cf249594e7620c289bbe96bff12503ad93b2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:ad11189a25220c34fb540897fb45cf249594e7620c289bbe96bff12503ad93b2?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.4.10-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:bb7c59c89be24d5a763dee70bf1895175c8f14b8125774a6d6d7938ab164df6d_ppc64le",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:bb7c59c89be24d5a763dee70bf1895175c8f14b8125774a6d6d7938ab164df6d_ppc64le",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:bb7c59c89be24d5a763dee70bf1895175c8f14b8125774a6d6d7938ab164df6d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:bb7c59c89be24d5a763dee70bf1895175c8f14b8125774a6d6d7938ab164df6d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.65.15-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:b427b91446551d74f5602b6e644101f560885e580ca1e75dca38b752c031e7a6_ppc64le",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:b427b91446551d74f5602b6e644101f560885e580ca1e75dca38b752c031e7a6_ppc64le",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:b427b91446551d74f5602b6e644101f560885e580ca1e75dca38b752c031e7a6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:b427b91446551d74f5602b6e644101f560885e580ca1e75dca38b752c031e7a6?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.4.10-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:dce09ee679578ab559f925bb6bc17746f71f38a5809bdebe2a22d548b1055345_ppc64le",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:dce09ee679578ab559f925bb6bc17746f71f38a5809bdebe2a22d548b1055345_ppc64le",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:dce09ee679578ab559f925bb6bc17746f71f38a5809bdebe2a22d548b1055345_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:dce09ee679578ab559f925bb6bc17746f71f38a5809bdebe2a22d548b1055345?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.4.10-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:6968e0f1a5034efb7c86248153573a3403ea8f7da1aaaa6cc2ee815a32958ee2_ppc64le",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:6968e0f1a5034efb7c86248153573a3403ea8f7da1aaaa6cc2ee815a32958ee2_ppc64le",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:6968e0f1a5034efb7c86248153573a3403ea8f7da1aaaa6cc2ee815a32958ee2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:6968e0f1a5034efb7c86248153573a3403ea8f7da1aaaa6cc2ee815a32958ee2?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.4.10-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:8b3c1cfa497893afa13413040ace41560f542136bfcc29fc4672527e646a385b_ppc64le",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:8b3c1cfa497893afa13413040ace41560f542136bfcc29fc4672527e646a385b_ppc64le",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:8b3c1cfa497893afa13413040ace41560f542136bfcc29fc4672527e646a385b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:8b3c1cfa497893afa13413040ace41560f542136bfcc29fc4672527e646a385b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.4.10-3"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:8695969f7b7249befc05a5aa21872db62b62ce1d666dcbc46b413abaea1c8896_arm64",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:8695969f7b7249befc05a5aa21872db62b62ce1d666dcbc46b413abaea1c8896_arm64",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:8695969f7b7249befc05a5aa21872db62b62ce1d666dcbc46b413abaea1c8896_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:8695969f7b7249befc05a5aa21872db62b62ce1d666dcbc46b413abaea1c8896?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.4.10-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:bd78beca1f12e74496b8e50d102706a69fdb6761e5d27542ed215dffdeeda040_arm64",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:bd78beca1f12e74496b8e50d102706a69fdb6761e5d27542ed215dffdeeda040_arm64",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:bd78beca1f12e74496b8e50d102706a69fdb6761e5d27542ed215dffdeeda040_arm64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:bd78beca1f12e74496b8e50d102706a69fdb6761e5d27542ed215dffdeeda040?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.4.10-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:b6294ac85755654fb6091a5d2b8456713279c263c9dbfac440ab0e6e41b40c35_arm64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:b6294ac85755654fb6091a5d2b8456713279c263c9dbfac440ab0e6e41b40c35_arm64",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:b6294ac85755654fb6091a5d2b8456713279c263c9dbfac440ab0e6e41b40c35_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:b6294ac85755654fb6091a5d2b8456713279c263c9dbfac440ab0e6e41b40c35?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.65.15-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:dc3c46edf33bb7ce827f6bec3bc76a6381346e053471984fd0dec127284079e2_arm64",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:dc3c46edf33bb7ce827f6bec3bc76a6381346e053471984fd0dec127284079e2_arm64",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:dc3c46edf33bb7ce827f6bec3bc76a6381346e053471984fd0dec127284079e2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:dc3c46edf33bb7ce827f6bec3bc76a6381346e053471984fd0dec127284079e2?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.4.10-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:24eedaba1a0848d04af90278aaaba1a2790231d7049ed39047768ceed591f806_arm64",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:24eedaba1a0848d04af90278aaaba1a2790231d7049ed39047768ceed591f806_arm64",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:24eedaba1a0848d04af90278aaaba1a2790231d7049ed39047768ceed591f806_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:24eedaba1a0848d04af90278aaaba1a2790231d7049ed39047768ceed591f806?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.4.10-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:e63be81ffec6b125ae15a64b39c950e8b6d94c71fb3ebf3e59c36fd6a8708cd7_arm64",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:e63be81ffec6b125ae15a64b39c950e8b6d94c71fb3ebf3e59c36fd6a8708cd7_arm64",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:e63be81ffec6b125ae15a64b39c950e8b6d94c71fb3ebf3e59c36fd6a8708cd7_arm64",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:e63be81ffec6b125ae15a64b39c950e8b6d94c71fb3ebf3e59c36fd6a8708cd7?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.4.10-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:b23e1cdef09c9ec88d48969666b7646068cc811e0b9dc6f16df08ba372764ce6_arm64",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:b23e1cdef09c9ec88d48969666b7646068cc811e0b9dc6f16df08ba372764ce6_arm64",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:b23e1cdef09c9ec88d48969666b7646068cc811e0b9dc6f16df08ba372764ce6_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:b23e1cdef09c9ec88d48969666b7646068cc811e0b9dc6f16df08ba372764ce6?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.4.10-3"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:34cde6f9ac5e0daabedd72d92bb7174f235f3788a5cd0da61ea02a4ed401d4c4_amd64",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:34cde6f9ac5e0daabedd72d92bb7174f235f3788a5cd0da61ea02a4ed401d4c4_amd64",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:34cde6f9ac5e0daabedd72d92bb7174f235f3788a5cd0da61ea02a4ed401d4c4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:34cde6f9ac5e0daabedd72d92bb7174f235f3788a5cd0da61ea02a4ed401d4c4?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.4.10-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:a22d6479a42218465760a1d69698becc8f9a52611b94dca2b0e6e6c4cd1f57e9_amd64",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:a22d6479a42218465760a1d69698becc8f9a52611b94dca2b0e6e6c4cd1f57e9_amd64",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:a22d6479a42218465760a1d69698becc8f9a52611b94dca2b0e6e6c4cd1f57e9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:a22d6479a42218465760a1d69698becc8f9a52611b94dca2b0e6e6c4cd1f57e9?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.4.10-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:3b7c60376ce1df8a387f55e5f5d97778b0d7d4df7def6ac47fb4b1be8e38a20d_amd64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:3b7c60376ce1df8a387f55e5f5d97778b0d7d4df7def6ac47fb4b1be8e38a20d_amd64",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:3b7c60376ce1df8a387f55e5f5d97778b0d7d4df7def6ac47fb4b1be8e38a20d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:3b7c60376ce1df8a387f55e5f5d97778b0d7d4df7def6ac47fb4b1be8e38a20d?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.65.15-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:1174fe7492b61515788099876e47cf1ff1bc9f4acbd546bba11542d28d5633dd_amd64",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:1174fe7492b61515788099876e47cf1ff1bc9f4acbd546bba11542d28d5633dd_amd64",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:1174fe7492b61515788099876e47cf1ff1bc9f4acbd546bba11542d28d5633dd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:1174fe7492b61515788099876e47cf1ff1bc9f4acbd546bba11542d28d5633dd?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.4.10-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:d63b3d2356e504ed5e63fee770e71405e9efebaa0687ff95c72087755eb63445_amd64",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:d63b3d2356e504ed5e63fee770e71405e9efebaa0687ff95c72087755eb63445_amd64",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:d63b3d2356e504ed5e63fee770e71405e9efebaa0687ff95c72087755eb63445_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:d63b3d2356e504ed5e63fee770e71405e9efebaa0687ff95c72087755eb63445?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.4.10-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:52bfe29d4b87e59e34de3620a9c78e2a964d81c91fe94bca2a4e6b5ae6773ab0_amd64",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:52bfe29d4b87e59e34de3620a9c78e2a964d81c91fe94bca2a4e6b5ae6773ab0_amd64",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:52bfe29d4b87e59e34de3620a9c78e2a964d81c91fe94bca2a4e6b5ae6773ab0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:52bfe29d4b87e59e34de3620a9c78e2a964d81c91fe94bca2a4e6b5ae6773ab0?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.4.10-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:ecf11409a26b7623eeb2d6a9928da13ef992e7d4e2cd9743b20a5a1a6412eb8e_amd64",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:ecf11409a26b7623eeb2d6a9928da13ef992e7d4e2cd9743b20a5a1a6412eb8e_amd64",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:ecf11409a26b7623eeb2d6a9928da13ef992e7d4e2cd9743b20a5a1a6412eb8e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:ecf11409a26b7623eeb2d6a9928da13ef992e7d4e2cd9743b20a5a1a6412eb8e?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.4.10-3"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:a22d6479a42218465760a1d69698becc8f9a52611b94dca2b0e6e6c4cd1f57e9_amd64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:a22d6479a42218465760a1d69698becc8f9a52611b94dca2b0e6e6c4cd1f57e9_amd64"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:a22d6479a42218465760a1d69698becc8f9a52611b94dca2b0e6e6c4cd1f57e9_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:ad11189a25220c34fb540897fb45cf249594e7620c289bbe96bff12503ad93b2_ppc64le as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:ad11189a25220c34fb540897fb45cf249594e7620c289bbe96bff12503ad93b2_ppc64le"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:ad11189a25220c34fb540897fb45cf249594e7620c289bbe96bff12503ad93b2_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:bd78beca1f12e74496b8e50d102706a69fdb6761e5d27542ed215dffdeeda040_arm64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:bd78beca1f12e74496b8e50d102706a69fdb6761e5d27542ed215dffdeeda040_arm64"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:bd78beca1f12e74496b8e50d102706a69fdb6761e5d27542ed215dffdeeda040_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:dcb3244a1174038bf6a15f5fa2af049051bc081a7954b5158d01ca62c1f4612c_s390x as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:dcb3244a1174038bf6a15f5fa2af049051bc081a7954b5158d01ca62c1f4612c_s390x"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:dcb3244a1174038bf6a15f5fa2af049051bc081a7954b5158d01ca62c1f4612c_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:34cde6f9ac5e0daabedd72d92bb7174f235f3788a5cd0da61ea02a4ed401d4c4_amd64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:34cde6f9ac5e0daabedd72d92bb7174f235f3788a5cd0da61ea02a4ed401d4c4_amd64"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:34cde6f9ac5e0daabedd72d92bb7174f235f3788a5cd0da61ea02a4ed401d4c4_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:3b7c8f8ae92239b749c9cf2ac8eefcddc1709228fba062c13c1f08b5ada8948d_s390x as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:3b7c8f8ae92239b749c9cf2ac8eefcddc1709228fba062c13c1f08b5ada8948d_s390x"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:3b7c8f8ae92239b749c9cf2ac8eefcddc1709228fba062c13c1f08b5ada8948d_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:56eccfed504f353e9d93bcce4831454f78b42c22468c8c76bbd9f301db0302a0_ppc64le as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:56eccfed504f353e9d93bcce4831454f78b42c22468c8c76bbd9f301db0302a0_ppc64le"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:56eccfed504f353e9d93bcce4831454f78b42c22468c8c76bbd9f301db0302a0_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:8695969f7b7249befc05a5aa21872db62b62ce1d666dcbc46b413abaea1c8896_arm64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:8695969f7b7249befc05a5aa21872db62b62ce1d666dcbc46b413abaea1c8896_arm64"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:8695969f7b7249befc05a5aa21872db62b62ce1d666dcbc46b413abaea1c8896_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:1174fe7492b61515788099876e47cf1ff1bc9f4acbd546bba11542d28d5633dd_amd64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:1174fe7492b61515788099876e47cf1ff1bc9f4acbd546bba11542d28d5633dd_amd64"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:1174fe7492b61515788099876e47cf1ff1bc9f4acbd546bba11542d28d5633dd_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:5f4eeee81cf9de99fa94f3a30c18f16c8fb1d79f4758c7b558c7585f4d779459_s390x as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:5f4eeee81cf9de99fa94f3a30c18f16c8fb1d79f4758c7b558c7585f4d779459_s390x"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:5f4eeee81cf9de99fa94f3a30c18f16c8fb1d79f4758c7b558c7585f4d779459_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:b427b91446551d74f5602b6e644101f560885e580ca1e75dca38b752c031e7a6_ppc64le as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:b427b91446551d74f5602b6e644101f560885e580ca1e75dca38b752c031e7a6_ppc64le"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:b427b91446551d74f5602b6e644101f560885e580ca1e75dca38b752c031e7a6_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:dc3c46edf33bb7ce827f6bec3bc76a6381346e053471984fd0dec127284079e2_arm64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:dc3c46edf33bb7ce827f6bec3bc76a6381346e053471984fd0dec127284079e2_arm64"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:dc3c46edf33bb7ce827f6bec3bc76a6381346e053471984fd0dec127284079e2_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:3b7c60376ce1df8a387f55e5f5d97778b0d7d4df7def6ac47fb4b1be8e38a20d_amd64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:3b7c60376ce1df8a387f55e5f5d97778b0d7d4df7def6ac47fb4b1be8e38a20d_amd64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:3b7c60376ce1df8a387f55e5f5d97778b0d7d4df7def6ac47fb4b1be8e38a20d_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:79f483dd161ee51e237eeb8f6c2b782fa4ffa01a63976529e09f5d43dfd4b705_s390x as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:79f483dd161ee51e237eeb8f6c2b782fa4ffa01a63976529e09f5d43dfd4b705_s390x"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:79f483dd161ee51e237eeb8f6c2b782fa4ffa01a63976529e09f5d43dfd4b705_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:b6294ac85755654fb6091a5d2b8456713279c263c9dbfac440ab0e6e41b40c35_arm64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:b6294ac85755654fb6091a5d2b8456713279c263c9dbfac440ab0e6e41b40c35_arm64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:b6294ac85755654fb6091a5d2b8456713279c263c9dbfac440ab0e6e41b40c35_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:bb7c59c89be24d5a763dee70bf1895175c8f14b8125774a6d6d7938ab164df6d_ppc64le as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:bb7c59c89be24d5a763dee70bf1895175c8f14b8125774a6d6d7938ab164df6d_ppc64le"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:bb7c59c89be24d5a763dee70bf1895175c8f14b8125774a6d6d7938ab164df6d_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:24eedaba1a0848d04af90278aaaba1a2790231d7049ed39047768ceed591f806_arm64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:24eedaba1a0848d04af90278aaaba1a2790231d7049ed39047768ceed591f806_arm64"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:24eedaba1a0848d04af90278aaaba1a2790231d7049ed39047768ceed591f806_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:616faca6fd7684383ce8df2ffe0e0e72d397ff86a96a90096fa9bbb707736a64_s390x as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:616faca6fd7684383ce8df2ffe0e0e72d397ff86a96a90096fa9bbb707736a64_s390x"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:616faca6fd7684383ce8df2ffe0e0e72d397ff86a96a90096fa9bbb707736a64_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:d63b3d2356e504ed5e63fee770e71405e9efebaa0687ff95c72087755eb63445_amd64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:d63b3d2356e504ed5e63fee770e71405e9efebaa0687ff95c72087755eb63445_amd64"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:d63b3d2356e504ed5e63fee770e71405e9efebaa0687ff95c72087755eb63445_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:dce09ee679578ab559f925bb6bc17746f71f38a5809bdebe2a22d548b1055345_ppc64le as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:dce09ee679578ab559f925bb6bc17746f71f38a5809bdebe2a22d548b1055345_ppc64le"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:dce09ee679578ab559f925bb6bc17746f71f38a5809bdebe2a22d548b1055345_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:52bfe29d4b87e59e34de3620a9c78e2a964d81c91fe94bca2a4e6b5ae6773ab0_amd64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:52bfe29d4b87e59e34de3620a9c78e2a964d81c91fe94bca2a4e6b5ae6773ab0_amd64"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:52bfe29d4b87e59e34de3620a9c78e2a964d81c91fe94bca2a4e6b5ae6773ab0_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:6968e0f1a5034efb7c86248153573a3403ea8f7da1aaaa6cc2ee815a32958ee2_ppc64le as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:6968e0f1a5034efb7c86248153573a3403ea8f7da1aaaa6cc2ee815a32958ee2_ppc64le"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:6968e0f1a5034efb7c86248153573a3403ea8f7da1aaaa6cc2ee815a32958ee2_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:7e82f3597adb81ea86f8aaba8f7352bf20d5f533f948e5c86723871cb369e721_s390x as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:7e82f3597adb81ea86f8aaba8f7352bf20d5f533f948e5c86723871cb369e721_s390x"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:7e82f3597adb81ea86f8aaba8f7352bf20d5f533f948e5c86723871cb369e721_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:e63be81ffec6b125ae15a64b39c950e8b6d94c71fb3ebf3e59c36fd6a8708cd7_arm64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:e63be81ffec6b125ae15a64b39c950e8b6d94c71fb3ebf3e59c36fd6a8708cd7_arm64"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:e63be81ffec6b125ae15a64b39c950e8b6d94c71fb3ebf3e59c36fd6a8708cd7_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:8b3c1cfa497893afa13413040ace41560f542136bfcc29fc4672527e646a385b_ppc64le as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:8b3c1cfa497893afa13413040ace41560f542136bfcc29fc4672527e646a385b_ppc64le"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:8b3c1cfa497893afa13413040ace41560f542136bfcc29fc4672527e646a385b_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:930d626158c0affcb82bd8f7ec27750b6cd58ff136498c806ecb9f01b59dd697_s390x as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:930d626158c0affcb82bd8f7ec27750b6cd58ff136498c806ecb9f01b59dd697_s390x"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:930d626158c0affcb82bd8f7ec27750b6cd58ff136498c806ecb9f01b59dd697_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:b23e1cdef09c9ec88d48969666b7646068cc811e0b9dc6f16df08ba372764ce6_arm64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:b23e1cdef09c9ec88d48969666b7646068cc811e0b9dc6f16df08ba372764ce6_arm64"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:b23e1cdef09c9ec88d48969666b7646068cc811e0b9dc6f16df08ba372764ce6_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:ecf11409a26b7623eeb2d6a9928da13ef992e7d4e2cd9743b20a5a1a6412eb8e_amd64 as a component of RHOSSM 2.4 for RHEL 8",
"product_id": "8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ecf11409a26b7623eeb2d6a9928da13ef992e7d4e2cd9743b20a5a1a6412eb8e_amd64"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:ecf11409a26b7623eeb2d6a9928da13ef992e7d4e2cd9743b20a5a1a6412eb8e_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-28180",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2024-03-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268854"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Jose due to improper handling of highly compressed data. This issue could allow an attacker to send a JWE containing compressed data that uses large amounts of memory and CPU when decompressed by Decrypt or DecryptMulti.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jose-go: improper handling of highly compressed data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:a22d6479a42218465760a1d69698becc8f9a52611b94dca2b0e6e6c4cd1f57e9_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:ad11189a25220c34fb540897fb45cf249594e7620c289bbe96bff12503ad93b2_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:bd78beca1f12e74496b8e50d102706a69fdb6761e5d27542ed215dffdeeda040_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:dcb3244a1174038bf6a15f5fa2af049051bc081a7954b5158d01ca62c1f4612c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:34cde6f9ac5e0daabedd72d92bb7174f235f3788a5cd0da61ea02a4ed401d4c4_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:3b7c8f8ae92239b749c9cf2ac8eefcddc1709228fba062c13c1f08b5ada8948d_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:56eccfed504f353e9d93bcce4831454f78b42c22468c8c76bbd9f301db0302a0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:8695969f7b7249befc05a5aa21872db62b62ce1d666dcbc46b413abaea1c8896_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:1174fe7492b61515788099876e47cf1ff1bc9f4acbd546bba11542d28d5633dd_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:5f4eeee81cf9de99fa94f3a30c18f16c8fb1d79f4758c7b558c7585f4d779459_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:b427b91446551d74f5602b6e644101f560885e580ca1e75dca38b752c031e7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:dc3c46edf33bb7ce827f6bec3bc76a6381346e053471984fd0dec127284079e2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:3b7c60376ce1df8a387f55e5f5d97778b0d7d4df7def6ac47fb4b1be8e38a20d_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:79f483dd161ee51e237eeb8f6c2b782fa4ffa01a63976529e09f5d43dfd4b705_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:b6294ac85755654fb6091a5d2b8456713279c263c9dbfac440ab0e6e41b40c35_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:bb7c59c89be24d5a763dee70bf1895175c8f14b8125774a6d6d7938ab164df6d_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:24eedaba1a0848d04af90278aaaba1a2790231d7049ed39047768ceed591f806_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:616faca6fd7684383ce8df2ffe0e0e72d397ff86a96a90096fa9bbb707736a64_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:d63b3d2356e504ed5e63fee770e71405e9efebaa0687ff95c72087755eb63445_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:dce09ee679578ab559f925bb6bc17746f71f38a5809bdebe2a22d548b1055345_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:52bfe29d4b87e59e34de3620a9c78e2a964d81c91fe94bca2a4e6b5ae6773ab0_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:6968e0f1a5034efb7c86248153573a3403ea8f7da1aaaa6cc2ee815a32958ee2_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:7e82f3597adb81ea86f8aaba8f7352bf20d5f533f948e5c86723871cb369e721_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:e63be81ffec6b125ae15a64b39c950e8b6d94c71fb3ebf3e59c36fd6a8708cd7_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:8b3c1cfa497893afa13413040ace41560f542136bfcc29fc4672527e646a385b_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:930d626158c0affcb82bd8f7ec27750b6cd58ff136498c806ecb9f01b59dd697_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:b23e1cdef09c9ec88d48969666b7646068cc811e0b9dc6f16df08ba372764ce6_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ecf11409a26b7623eeb2d6a9928da13ef992e7d4e2cd9743b20a5a1a6412eb8e_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-28180"
},
{
"category": "external",
"summary": "RHBZ#2268854",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268854"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-28180",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28180"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-28180",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28180"
},
{
"category": "external",
"summary": "https://github.com/go-jose/go-jose/security/advisories/GHSA-c5q2-7r4c-mv6g",
"url": "https://github.com/go-jose/go-jose/security/advisories/GHSA-c5q2-7r4c-mv6g"
}
],
"release_date": "2024-03-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-03T10:04:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:a22d6479a42218465760a1d69698becc8f9a52611b94dca2b0e6e6c4cd1f57e9_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:ad11189a25220c34fb540897fb45cf249594e7620c289bbe96bff12503ad93b2_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:bd78beca1f12e74496b8e50d102706a69fdb6761e5d27542ed215dffdeeda040_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:dcb3244a1174038bf6a15f5fa2af049051bc081a7954b5158d01ca62c1f4612c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:34cde6f9ac5e0daabedd72d92bb7174f235f3788a5cd0da61ea02a4ed401d4c4_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:3b7c8f8ae92239b749c9cf2ac8eefcddc1709228fba062c13c1f08b5ada8948d_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:56eccfed504f353e9d93bcce4831454f78b42c22468c8c76bbd9f301db0302a0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:8695969f7b7249befc05a5aa21872db62b62ce1d666dcbc46b413abaea1c8896_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:1174fe7492b61515788099876e47cf1ff1bc9f4acbd546bba11542d28d5633dd_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:5f4eeee81cf9de99fa94f3a30c18f16c8fb1d79f4758c7b558c7585f4d779459_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:b427b91446551d74f5602b6e644101f560885e580ca1e75dca38b752c031e7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:dc3c46edf33bb7ce827f6bec3bc76a6381346e053471984fd0dec127284079e2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:3b7c60376ce1df8a387f55e5f5d97778b0d7d4df7def6ac47fb4b1be8e38a20d_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:79f483dd161ee51e237eeb8f6c2b782fa4ffa01a63976529e09f5d43dfd4b705_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:b6294ac85755654fb6091a5d2b8456713279c263c9dbfac440ab0e6e41b40c35_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:bb7c59c89be24d5a763dee70bf1895175c8f14b8125774a6d6d7938ab164df6d_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:24eedaba1a0848d04af90278aaaba1a2790231d7049ed39047768ceed591f806_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:616faca6fd7684383ce8df2ffe0e0e72d397ff86a96a90096fa9bbb707736a64_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:d63b3d2356e504ed5e63fee770e71405e9efebaa0687ff95c72087755eb63445_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:dce09ee679578ab559f925bb6bc17746f71f38a5809bdebe2a22d548b1055345_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:52bfe29d4b87e59e34de3620a9c78e2a964d81c91fe94bca2a4e6b5ae6773ab0_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:6968e0f1a5034efb7c86248153573a3403ea8f7da1aaaa6cc2ee815a32958ee2_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:7e82f3597adb81ea86f8aaba8f7352bf20d5f533f948e5c86723871cb369e721_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:e63be81ffec6b125ae15a64b39c950e8b6d94c71fb3ebf3e59c36fd6a8708cd7_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:8b3c1cfa497893afa13413040ace41560f542136bfcc29fc4672527e646a385b_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:930d626158c0affcb82bd8f7ec27750b6cd58ff136498c806ecb9f01b59dd697_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:b23e1cdef09c9ec88d48969666b7646068cc811e0b9dc6f16df08ba372764ce6_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ecf11409a26b7623eeb2d6a9928da13ef992e7d4e2cd9743b20a5a1a6412eb8e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6209"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:a22d6479a42218465760a1d69698becc8f9a52611b94dca2b0e6e6c4cd1f57e9_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:ad11189a25220c34fb540897fb45cf249594e7620c289bbe96bff12503ad93b2_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:bd78beca1f12e74496b8e50d102706a69fdb6761e5d27542ed215dffdeeda040_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:dcb3244a1174038bf6a15f5fa2af049051bc081a7954b5158d01ca62c1f4612c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:34cde6f9ac5e0daabedd72d92bb7174f235f3788a5cd0da61ea02a4ed401d4c4_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:3b7c8f8ae92239b749c9cf2ac8eefcddc1709228fba062c13c1f08b5ada8948d_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:56eccfed504f353e9d93bcce4831454f78b42c22468c8c76bbd9f301db0302a0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:8695969f7b7249befc05a5aa21872db62b62ce1d666dcbc46b413abaea1c8896_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:1174fe7492b61515788099876e47cf1ff1bc9f4acbd546bba11542d28d5633dd_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:5f4eeee81cf9de99fa94f3a30c18f16c8fb1d79f4758c7b558c7585f4d779459_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:b427b91446551d74f5602b6e644101f560885e580ca1e75dca38b752c031e7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:dc3c46edf33bb7ce827f6bec3bc76a6381346e053471984fd0dec127284079e2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:3b7c60376ce1df8a387f55e5f5d97778b0d7d4df7def6ac47fb4b1be8e38a20d_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:79f483dd161ee51e237eeb8f6c2b782fa4ffa01a63976529e09f5d43dfd4b705_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:b6294ac85755654fb6091a5d2b8456713279c263c9dbfac440ab0e6e41b40c35_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:bb7c59c89be24d5a763dee70bf1895175c8f14b8125774a6d6d7938ab164df6d_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:24eedaba1a0848d04af90278aaaba1a2790231d7049ed39047768ceed591f806_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:616faca6fd7684383ce8df2ffe0e0e72d397ff86a96a90096fa9bbb707736a64_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:d63b3d2356e504ed5e63fee770e71405e9efebaa0687ff95c72087755eb63445_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:dce09ee679578ab559f925bb6bc17746f71f38a5809bdebe2a22d548b1055345_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:52bfe29d4b87e59e34de3620a9c78e2a964d81c91fe94bca2a4e6b5ae6773ab0_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:6968e0f1a5034efb7c86248153573a3403ea8f7da1aaaa6cc2ee815a32958ee2_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:7e82f3597adb81ea86f8aaba8f7352bf20d5f533f948e5c86723871cb369e721_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:e63be81ffec6b125ae15a64b39c950e8b6d94c71fb3ebf3e59c36fd6a8708cd7_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:8b3c1cfa497893afa13413040ace41560f542136bfcc29fc4672527e646a385b_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:930d626158c0affcb82bd8f7ec27750b6cd58ff136498c806ecb9f01b59dd697_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:b23e1cdef09c9ec88d48969666b7646068cc811e0b9dc6f16df08ba372764ce6_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ecf11409a26b7623eeb2d6a9928da13ef992e7d4e2cd9743b20a5a1a6412eb8e_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:a22d6479a42218465760a1d69698becc8f9a52611b94dca2b0e6e6c4cd1f57e9_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:ad11189a25220c34fb540897fb45cf249594e7620c289bbe96bff12503ad93b2_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:bd78beca1f12e74496b8e50d102706a69fdb6761e5d27542ed215dffdeeda040_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:dcb3244a1174038bf6a15f5fa2af049051bc081a7954b5158d01ca62c1f4612c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:34cde6f9ac5e0daabedd72d92bb7174f235f3788a5cd0da61ea02a4ed401d4c4_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:3b7c8f8ae92239b749c9cf2ac8eefcddc1709228fba062c13c1f08b5ada8948d_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:56eccfed504f353e9d93bcce4831454f78b42c22468c8c76bbd9f301db0302a0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:8695969f7b7249befc05a5aa21872db62b62ce1d666dcbc46b413abaea1c8896_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:1174fe7492b61515788099876e47cf1ff1bc9f4acbd546bba11542d28d5633dd_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:5f4eeee81cf9de99fa94f3a30c18f16c8fb1d79f4758c7b558c7585f4d779459_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:b427b91446551d74f5602b6e644101f560885e580ca1e75dca38b752c031e7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:dc3c46edf33bb7ce827f6bec3bc76a6381346e053471984fd0dec127284079e2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:3b7c60376ce1df8a387f55e5f5d97778b0d7d4df7def6ac47fb4b1be8e38a20d_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:79f483dd161ee51e237eeb8f6c2b782fa4ffa01a63976529e09f5d43dfd4b705_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:b6294ac85755654fb6091a5d2b8456713279c263c9dbfac440ab0e6e41b40c35_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:bb7c59c89be24d5a763dee70bf1895175c8f14b8125774a6d6d7938ab164df6d_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:24eedaba1a0848d04af90278aaaba1a2790231d7049ed39047768ceed591f806_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:616faca6fd7684383ce8df2ffe0e0e72d397ff86a96a90096fa9bbb707736a64_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:d63b3d2356e504ed5e63fee770e71405e9efebaa0687ff95c72087755eb63445_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:dce09ee679578ab559f925bb6bc17746f71f38a5809bdebe2a22d548b1055345_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:52bfe29d4b87e59e34de3620a9c78e2a964d81c91fe94bca2a4e6b5ae6773ab0_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:6968e0f1a5034efb7c86248153573a3403ea8f7da1aaaa6cc2ee815a32958ee2_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:7e82f3597adb81ea86f8aaba8f7352bf20d5f533f948e5c86723871cb369e721_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:e63be81ffec6b125ae15a64b39c950e8b6d94c71fb3ebf3e59c36fd6a8708cd7_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:8b3c1cfa497893afa13413040ace41560f542136bfcc29fc4672527e646a385b_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:930d626158c0affcb82bd8f7ec27750b6cd58ff136498c806ecb9f01b59dd697_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:b23e1cdef09c9ec88d48969666b7646068cc811e0b9dc6f16df08ba372764ce6_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ecf11409a26b7623eeb2d6a9928da13ef992e7d4e2cd9743b20a5a1a6412eb8e_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jose-go: improper handling of highly compressed data"
},
{
"cve": "CVE-2024-39338",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2024-08-13T17:21:32.774718+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2304369"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Axios HTTP Client. It is vulnerable to a server-side request forgery attack (SSRF) caused by unexpected behavior where requests for path-relative URLs get processed as protocol-relative URLs. This flaw allows an attacker to perform arbitrary requests from the server, potentially accessing internal systems or exfiltrating sensitive data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: axios: Server-Side Request Forgery",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as IMPORTANT because it can be exploited remotely with low complexity and without user interaction, it poses a significant risk to confidentiality.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:a22d6479a42218465760a1d69698becc8f9a52611b94dca2b0e6e6c4cd1f57e9_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:ad11189a25220c34fb540897fb45cf249594e7620c289bbe96bff12503ad93b2_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:bd78beca1f12e74496b8e50d102706a69fdb6761e5d27542ed215dffdeeda040_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:dcb3244a1174038bf6a15f5fa2af049051bc081a7954b5158d01ca62c1f4612c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:34cde6f9ac5e0daabedd72d92bb7174f235f3788a5cd0da61ea02a4ed401d4c4_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:3b7c8f8ae92239b749c9cf2ac8eefcddc1709228fba062c13c1f08b5ada8948d_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:56eccfed504f353e9d93bcce4831454f78b42c22468c8c76bbd9f301db0302a0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:8695969f7b7249befc05a5aa21872db62b62ce1d666dcbc46b413abaea1c8896_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:1174fe7492b61515788099876e47cf1ff1bc9f4acbd546bba11542d28d5633dd_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:5f4eeee81cf9de99fa94f3a30c18f16c8fb1d79f4758c7b558c7585f4d779459_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:b427b91446551d74f5602b6e644101f560885e580ca1e75dca38b752c031e7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:dc3c46edf33bb7ce827f6bec3bc76a6381346e053471984fd0dec127284079e2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:3b7c60376ce1df8a387f55e5f5d97778b0d7d4df7def6ac47fb4b1be8e38a20d_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:79f483dd161ee51e237eeb8f6c2b782fa4ffa01a63976529e09f5d43dfd4b705_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:b6294ac85755654fb6091a5d2b8456713279c263c9dbfac440ab0e6e41b40c35_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:bb7c59c89be24d5a763dee70bf1895175c8f14b8125774a6d6d7938ab164df6d_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:24eedaba1a0848d04af90278aaaba1a2790231d7049ed39047768ceed591f806_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:616faca6fd7684383ce8df2ffe0e0e72d397ff86a96a90096fa9bbb707736a64_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:d63b3d2356e504ed5e63fee770e71405e9efebaa0687ff95c72087755eb63445_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:dce09ee679578ab559f925bb6bc17746f71f38a5809bdebe2a22d548b1055345_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:52bfe29d4b87e59e34de3620a9c78e2a964d81c91fe94bca2a4e6b5ae6773ab0_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:6968e0f1a5034efb7c86248153573a3403ea8f7da1aaaa6cc2ee815a32958ee2_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:7e82f3597adb81ea86f8aaba8f7352bf20d5f533f948e5c86723871cb369e721_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:e63be81ffec6b125ae15a64b39c950e8b6d94c71fb3ebf3e59c36fd6a8708cd7_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:8b3c1cfa497893afa13413040ace41560f542136bfcc29fc4672527e646a385b_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:930d626158c0affcb82bd8f7ec27750b6cd58ff136498c806ecb9f01b59dd697_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:b23e1cdef09c9ec88d48969666b7646068cc811e0b9dc6f16df08ba372764ce6_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ecf11409a26b7623eeb2d6a9928da13ef992e7d4e2cd9743b20a5a1a6412eb8e_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-39338"
},
{
"category": "external",
"summary": "RHBZ#2304369",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304369"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-39338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39338"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-39338",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39338"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/releases",
"url": "https://github.com/axios/axios/releases"
},
{
"category": "external",
"summary": "https://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.html",
"url": "https://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.html"
}
],
"release_date": "2024-08-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-03T10:04:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:a22d6479a42218465760a1d69698becc8f9a52611b94dca2b0e6e6c4cd1f57e9_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:ad11189a25220c34fb540897fb45cf249594e7620c289bbe96bff12503ad93b2_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:bd78beca1f12e74496b8e50d102706a69fdb6761e5d27542ed215dffdeeda040_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:dcb3244a1174038bf6a15f5fa2af049051bc081a7954b5158d01ca62c1f4612c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:34cde6f9ac5e0daabedd72d92bb7174f235f3788a5cd0da61ea02a4ed401d4c4_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:3b7c8f8ae92239b749c9cf2ac8eefcddc1709228fba062c13c1f08b5ada8948d_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:56eccfed504f353e9d93bcce4831454f78b42c22468c8c76bbd9f301db0302a0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:8695969f7b7249befc05a5aa21872db62b62ce1d666dcbc46b413abaea1c8896_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:1174fe7492b61515788099876e47cf1ff1bc9f4acbd546bba11542d28d5633dd_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:5f4eeee81cf9de99fa94f3a30c18f16c8fb1d79f4758c7b558c7585f4d779459_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:b427b91446551d74f5602b6e644101f560885e580ca1e75dca38b752c031e7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:dc3c46edf33bb7ce827f6bec3bc76a6381346e053471984fd0dec127284079e2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:3b7c60376ce1df8a387f55e5f5d97778b0d7d4df7def6ac47fb4b1be8e38a20d_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:79f483dd161ee51e237eeb8f6c2b782fa4ffa01a63976529e09f5d43dfd4b705_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:b6294ac85755654fb6091a5d2b8456713279c263c9dbfac440ab0e6e41b40c35_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:bb7c59c89be24d5a763dee70bf1895175c8f14b8125774a6d6d7938ab164df6d_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:24eedaba1a0848d04af90278aaaba1a2790231d7049ed39047768ceed591f806_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:616faca6fd7684383ce8df2ffe0e0e72d397ff86a96a90096fa9bbb707736a64_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:d63b3d2356e504ed5e63fee770e71405e9efebaa0687ff95c72087755eb63445_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:dce09ee679578ab559f925bb6bc17746f71f38a5809bdebe2a22d548b1055345_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:52bfe29d4b87e59e34de3620a9c78e2a964d81c91fe94bca2a4e6b5ae6773ab0_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:6968e0f1a5034efb7c86248153573a3403ea8f7da1aaaa6cc2ee815a32958ee2_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:7e82f3597adb81ea86f8aaba8f7352bf20d5f533f948e5c86723871cb369e721_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:e63be81ffec6b125ae15a64b39c950e8b6d94c71fb3ebf3e59c36fd6a8708cd7_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:8b3c1cfa497893afa13413040ace41560f542136bfcc29fc4672527e646a385b_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:930d626158c0affcb82bd8f7ec27750b6cd58ff136498c806ecb9f01b59dd697_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:b23e1cdef09c9ec88d48969666b7646068cc811e0b9dc6f16df08ba372764ce6_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ecf11409a26b7623eeb2d6a9928da13ef992e7d4e2cd9743b20a5a1a6412eb8e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6209"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:a22d6479a42218465760a1d69698becc8f9a52611b94dca2b0e6e6c4cd1f57e9_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:ad11189a25220c34fb540897fb45cf249594e7620c289bbe96bff12503ad93b2_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:bd78beca1f12e74496b8e50d102706a69fdb6761e5d27542ed215dffdeeda040_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:dcb3244a1174038bf6a15f5fa2af049051bc081a7954b5158d01ca62c1f4612c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:34cde6f9ac5e0daabedd72d92bb7174f235f3788a5cd0da61ea02a4ed401d4c4_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:3b7c8f8ae92239b749c9cf2ac8eefcddc1709228fba062c13c1f08b5ada8948d_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:56eccfed504f353e9d93bcce4831454f78b42c22468c8c76bbd9f301db0302a0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:8695969f7b7249befc05a5aa21872db62b62ce1d666dcbc46b413abaea1c8896_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:1174fe7492b61515788099876e47cf1ff1bc9f4acbd546bba11542d28d5633dd_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:5f4eeee81cf9de99fa94f3a30c18f16c8fb1d79f4758c7b558c7585f4d779459_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:b427b91446551d74f5602b6e644101f560885e580ca1e75dca38b752c031e7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:dc3c46edf33bb7ce827f6bec3bc76a6381346e053471984fd0dec127284079e2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:3b7c60376ce1df8a387f55e5f5d97778b0d7d4df7def6ac47fb4b1be8e38a20d_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:79f483dd161ee51e237eeb8f6c2b782fa4ffa01a63976529e09f5d43dfd4b705_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:b6294ac85755654fb6091a5d2b8456713279c263c9dbfac440ab0e6e41b40c35_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:bb7c59c89be24d5a763dee70bf1895175c8f14b8125774a6d6d7938ab164df6d_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:24eedaba1a0848d04af90278aaaba1a2790231d7049ed39047768ceed591f806_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:616faca6fd7684383ce8df2ffe0e0e72d397ff86a96a90096fa9bbb707736a64_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:d63b3d2356e504ed5e63fee770e71405e9efebaa0687ff95c72087755eb63445_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:dce09ee679578ab559f925bb6bc17746f71f38a5809bdebe2a22d548b1055345_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:52bfe29d4b87e59e34de3620a9c78e2a964d81c91fe94bca2a4e6b5ae6773ab0_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:6968e0f1a5034efb7c86248153573a3403ea8f7da1aaaa6cc2ee815a32958ee2_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:7e82f3597adb81ea86f8aaba8f7352bf20d5f533f948e5c86723871cb369e721_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:e63be81ffec6b125ae15a64b39c950e8b6d94c71fb3ebf3e59c36fd6a8708cd7_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:8b3c1cfa497893afa13413040ace41560f542136bfcc29fc4672527e646a385b_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:930d626158c0affcb82bd8f7ec27750b6cd58ff136498c806ecb9f01b59dd697_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:b23e1cdef09c9ec88d48969666b7646068cc811e0b9dc6f16df08ba372764ce6_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ecf11409a26b7623eeb2d6a9928da13ef992e7d4e2cd9743b20a5a1a6412eb8e_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:a22d6479a42218465760a1d69698becc8f9a52611b94dca2b0e6e6c4cd1f57e9_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:ad11189a25220c34fb540897fb45cf249594e7620c289bbe96bff12503ad93b2_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:bd78beca1f12e74496b8e50d102706a69fdb6761e5d27542ed215dffdeeda040_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:dcb3244a1174038bf6a15f5fa2af049051bc081a7954b5158d01ca62c1f4612c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:34cde6f9ac5e0daabedd72d92bb7174f235f3788a5cd0da61ea02a4ed401d4c4_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:3b7c8f8ae92239b749c9cf2ac8eefcddc1709228fba062c13c1f08b5ada8948d_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:56eccfed504f353e9d93bcce4831454f78b42c22468c8c76bbd9f301db0302a0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:8695969f7b7249befc05a5aa21872db62b62ce1d666dcbc46b413abaea1c8896_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:1174fe7492b61515788099876e47cf1ff1bc9f4acbd546bba11542d28d5633dd_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:5f4eeee81cf9de99fa94f3a30c18f16c8fb1d79f4758c7b558c7585f4d779459_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:b427b91446551d74f5602b6e644101f560885e580ca1e75dca38b752c031e7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:dc3c46edf33bb7ce827f6bec3bc76a6381346e053471984fd0dec127284079e2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:3b7c60376ce1df8a387f55e5f5d97778b0d7d4df7def6ac47fb4b1be8e38a20d_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:79f483dd161ee51e237eeb8f6c2b782fa4ffa01a63976529e09f5d43dfd4b705_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:b6294ac85755654fb6091a5d2b8456713279c263c9dbfac440ab0e6e41b40c35_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:bb7c59c89be24d5a763dee70bf1895175c8f14b8125774a6d6d7938ab164df6d_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:24eedaba1a0848d04af90278aaaba1a2790231d7049ed39047768ceed591f806_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:616faca6fd7684383ce8df2ffe0e0e72d397ff86a96a90096fa9bbb707736a64_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:d63b3d2356e504ed5e63fee770e71405e9efebaa0687ff95c72087755eb63445_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:dce09ee679578ab559f925bb6bc17746f71f38a5809bdebe2a22d548b1055345_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:52bfe29d4b87e59e34de3620a9c78e2a964d81c91fe94bca2a4e6b5ae6773ab0_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:6968e0f1a5034efb7c86248153573a3403ea8f7da1aaaa6cc2ee815a32958ee2_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:7e82f3597adb81ea86f8aaba8f7352bf20d5f533f948e5c86723871cb369e721_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:e63be81ffec6b125ae15a64b39c950e8b6d94c71fb3ebf3e59c36fd6a8708cd7_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:8b3c1cfa497893afa13413040ace41560f542136bfcc29fc4672527e646a385b_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:930d626158c0affcb82bd8f7ec27750b6cd58ff136498c806ecb9f01b59dd697_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:b23e1cdef09c9ec88d48969666b7646068cc811e0b9dc6f16df08ba372764ce6_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ecf11409a26b7623eeb2d6a9928da13ef992e7d4e2cd9743b20a5a1a6412eb8e_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: axios: Server-Side Request Forgery"
},
{
"cve": "CVE-2024-42459",
"cwe": {
"id": "CWE-325",
"name": "Missing Cryptographic Step"
},
"discovery_date": "2024-08-02T07:20:12+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2302458"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the NodeJS Elliptic package. When creating EDDSA signatures, the Elliptic package doesn\u0027t properly check the signature length, allowing zeros to be added or removed from the signature without invalidating it, which may result in confidentiality issues.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "elliptic: nodejs/elliptic: EDDSA signature malleability due to missing signature length check",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:a22d6479a42218465760a1d69698becc8f9a52611b94dca2b0e6e6c4cd1f57e9_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:ad11189a25220c34fb540897fb45cf249594e7620c289bbe96bff12503ad93b2_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:bd78beca1f12e74496b8e50d102706a69fdb6761e5d27542ed215dffdeeda040_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:dcb3244a1174038bf6a15f5fa2af049051bc081a7954b5158d01ca62c1f4612c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:34cde6f9ac5e0daabedd72d92bb7174f235f3788a5cd0da61ea02a4ed401d4c4_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:3b7c8f8ae92239b749c9cf2ac8eefcddc1709228fba062c13c1f08b5ada8948d_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:56eccfed504f353e9d93bcce4831454f78b42c22468c8c76bbd9f301db0302a0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:8695969f7b7249befc05a5aa21872db62b62ce1d666dcbc46b413abaea1c8896_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:1174fe7492b61515788099876e47cf1ff1bc9f4acbd546bba11542d28d5633dd_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:5f4eeee81cf9de99fa94f3a30c18f16c8fb1d79f4758c7b558c7585f4d779459_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:b427b91446551d74f5602b6e644101f560885e580ca1e75dca38b752c031e7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:dc3c46edf33bb7ce827f6bec3bc76a6381346e053471984fd0dec127284079e2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:3b7c60376ce1df8a387f55e5f5d97778b0d7d4df7def6ac47fb4b1be8e38a20d_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:79f483dd161ee51e237eeb8f6c2b782fa4ffa01a63976529e09f5d43dfd4b705_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:b6294ac85755654fb6091a5d2b8456713279c263c9dbfac440ab0e6e41b40c35_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:bb7c59c89be24d5a763dee70bf1895175c8f14b8125774a6d6d7938ab164df6d_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:24eedaba1a0848d04af90278aaaba1a2790231d7049ed39047768ceed591f806_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:616faca6fd7684383ce8df2ffe0e0e72d397ff86a96a90096fa9bbb707736a64_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:d63b3d2356e504ed5e63fee770e71405e9efebaa0687ff95c72087755eb63445_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:dce09ee679578ab559f925bb6bc17746f71f38a5809bdebe2a22d548b1055345_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:52bfe29d4b87e59e34de3620a9c78e2a964d81c91fe94bca2a4e6b5ae6773ab0_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:6968e0f1a5034efb7c86248153573a3403ea8f7da1aaaa6cc2ee815a32958ee2_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:7e82f3597adb81ea86f8aaba8f7352bf20d5f533f948e5c86723871cb369e721_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:e63be81ffec6b125ae15a64b39c950e8b6d94c71fb3ebf3e59c36fd6a8708cd7_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:8b3c1cfa497893afa13413040ace41560f542136bfcc29fc4672527e646a385b_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:930d626158c0affcb82bd8f7ec27750b6cd58ff136498c806ecb9f01b59dd697_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:b23e1cdef09c9ec88d48969666b7646068cc811e0b9dc6f16df08ba372764ce6_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ecf11409a26b7623eeb2d6a9928da13ef992e7d4e2cd9743b20a5a1a6412eb8e_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-42459"
},
{
"category": "external",
"summary": "RHBZ#2302458",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302458"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-42459",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42459"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-42459",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-42459"
},
{
"category": "external",
"summary": "https://github.com/indutny/elliptic/pull/317",
"url": "https://github.com/indutny/elliptic/pull/317"
}
],
"release_date": "2024-08-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-03T10:04:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:a22d6479a42218465760a1d69698becc8f9a52611b94dca2b0e6e6c4cd1f57e9_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:ad11189a25220c34fb540897fb45cf249594e7620c289bbe96bff12503ad93b2_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:bd78beca1f12e74496b8e50d102706a69fdb6761e5d27542ed215dffdeeda040_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:dcb3244a1174038bf6a15f5fa2af049051bc081a7954b5158d01ca62c1f4612c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:34cde6f9ac5e0daabedd72d92bb7174f235f3788a5cd0da61ea02a4ed401d4c4_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:3b7c8f8ae92239b749c9cf2ac8eefcddc1709228fba062c13c1f08b5ada8948d_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:56eccfed504f353e9d93bcce4831454f78b42c22468c8c76bbd9f301db0302a0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:8695969f7b7249befc05a5aa21872db62b62ce1d666dcbc46b413abaea1c8896_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:1174fe7492b61515788099876e47cf1ff1bc9f4acbd546bba11542d28d5633dd_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:5f4eeee81cf9de99fa94f3a30c18f16c8fb1d79f4758c7b558c7585f4d779459_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:b427b91446551d74f5602b6e644101f560885e580ca1e75dca38b752c031e7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:dc3c46edf33bb7ce827f6bec3bc76a6381346e053471984fd0dec127284079e2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:3b7c60376ce1df8a387f55e5f5d97778b0d7d4df7def6ac47fb4b1be8e38a20d_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:79f483dd161ee51e237eeb8f6c2b782fa4ffa01a63976529e09f5d43dfd4b705_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:b6294ac85755654fb6091a5d2b8456713279c263c9dbfac440ab0e6e41b40c35_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:bb7c59c89be24d5a763dee70bf1895175c8f14b8125774a6d6d7938ab164df6d_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:24eedaba1a0848d04af90278aaaba1a2790231d7049ed39047768ceed591f806_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:616faca6fd7684383ce8df2ffe0e0e72d397ff86a96a90096fa9bbb707736a64_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:d63b3d2356e504ed5e63fee770e71405e9efebaa0687ff95c72087755eb63445_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:dce09ee679578ab559f925bb6bc17746f71f38a5809bdebe2a22d548b1055345_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:52bfe29d4b87e59e34de3620a9c78e2a964d81c91fe94bca2a4e6b5ae6773ab0_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:6968e0f1a5034efb7c86248153573a3403ea8f7da1aaaa6cc2ee815a32958ee2_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:7e82f3597adb81ea86f8aaba8f7352bf20d5f533f948e5c86723871cb369e721_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:e63be81ffec6b125ae15a64b39c950e8b6d94c71fb3ebf3e59c36fd6a8708cd7_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:8b3c1cfa497893afa13413040ace41560f542136bfcc29fc4672527e646a385b_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:930d626158c0affcb82bd8f7ec27750b6cd58ff136498c806ecb9f01b59dd697_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:b23e1cdef09c9ec88d48969666b7646068cc811e0b9dc6f16df08ba372764ce6_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ecf11409a26b7623eeb2d6a9928da13ef992e7d4e2cd9743b20a5a1a6412eb8e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6209"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:a22d6479a42218465760a1d69698becc8f9a52611b94dca2b0e6e6c4cd1f57e9_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:ad11189a25220c34fb540897fb45cf249594e7620c289bbe96bff12503ad93b2_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:bd78beca1f12e74496b8e50d102706a69fdb6761e5d27542ed215dffdeeda040_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:dcb3244a1174038bf6a15f5fa2af049051bc081a7954b5158d01ca62c1f4612c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:34cde6f9ac5e0daabedd72d92bb7174f235f3788a5cd0da61ea02a4ed401d4c4_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:3b7c8f8ae92239b749c9cf2ac8eefcddc1709228fba062c13c1f08b5ada8948d_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:56eccfed504f353e9d93bcce4831454f78b42c22468c8c76bbd9f301db0302a0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:8695969f7b7249befc05a5aa21872db62b62ce1d666dcbc46b413abaea1c8896_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:1174fe7492b61515788099876e47cf1ff1bc9f4acbd546bba11542d28d5633dd_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:5f4eeee81cf9de99fa94f3a30c18f16c8fb1d79f4758c7b558c7585f4d779459_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:b427b91446551d74f5602b6e644101f560885e580ca1e75dca38b752c031e7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:dc3c46edf33bb7ce827f6bec3bc76a6381346e053471984fd0dec127284079e2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:3b7c60376ce1df8a387f55e5f5d97778b0d7d4df7def6ac47fb4b1be8e38a20d_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:79f483dd161ee51e237eeb8f6c2b782fa4ffa01a63976529e09f5d43dfd4b705_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:b6294ac85755654fb6091a5d2b8456713279c263c9dbfac440ab0e6e41b40c35_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:bb7c59c89be24d5a763dee70bf1895175c8f14b8125774a6d6d7938ab164df6d_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:24eedaba1a0848d04af90278aaaba1a2790231d7049ed39047768ceed591f806_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:616faca6fd7684383ce8df2ffe0e0e72d397ff86a96a90096fa9bbb707736a64_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:d63b3d2356e504ed5e63fee770e71405e9efebaa0687ff95c72087755eb63445_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:dce09ee679578ab559f925bb6bc17746f71f38a5809bdebe2a22d548b1055345_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:52bfe29d4b87e59e34de3620a9c78e2a964d81c91fe94bca2a4e6b5ae6773ab0_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:6968e0f1a5034efb7c86248153573a3403ea8f7da1aaaa6cc2ee815a32958ee2_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:7e82f3597adb81ea86f8aaba8f7352bf20d5f533f948e5c86723871cb369e721_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:e63be81ffec6b125ae15a64b39c950e8b6d94c71fb3ebf3e59c36fd6a8708cd7_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:8b3c1cfa497893afa13413040ace41560f542136bfcc29fc4672527e646a385b_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:930d626158c0affcb82bd8f7ec27750b6cd58ff136498c806ecb9f01b59dd697_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:b23e1cdef09c9ec88d48969666b7646068cc811e0b9dc6f16df08ba372764ce6_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ecf11409a26b7623eeb2d6a9928da13ef992e7d4e2cd9743b20a5a1a6412eb8e_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:a22d6479a42218465760a1d69698becc8f9a52611b94dca2b0e6e6c4cd1f57e9_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:ad11189a25220c34fb540897fb45cf249594e7620c289bbe96bff12503ad93b2_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:bd78beca1f12e74496b8e50d102706a69fdb6761e5d27542ed215dffdeeda040_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:dcb3244a1174038bf6a15f5fa2af049051bc081a7954b5158d01ca62c1f4612c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:34cde6f9ac5e0daabedd72d92bb7174f235f3788a5cd0da61ea02a4ed401d4c4_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:3b7c8f8ae92239b749c9cf2ac8eefcddc1709228fba062c13c1f08b5ada8948d_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:56eccfed504f353e9d93bcce4831454f78b42c22468c8c76bbd9f301db0302a0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:8695969f7b7249befc05a5aa21872db62b62ce1d666dcbc46b413abaea1c8896_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:1174fe7492b61515788099876e47cf1ff1bc9f4acbd546bba11542d28d5633dd_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:5f4eeee81cf9de99fa94f3a30c18f16c8fb1d79f4758c7b558c7585f4d779459_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:b427b91446551d74f5602b6e644101f560885e580ca1e75dca38b752c031e7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:dc3c46edf33bb7ce827f6bec3bc76a6381346e053471984fd0dec127284079e2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:3b7c60376ce1df8a387f55e5f5d97778b0d7d4df7def6ac47fb4b1be8e38a20d_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:79f483dd161ee51e237eeb8f6c2b782fa4ffa01a63976529e09f5d43dfd4b705_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:b6294ac85755654fb6091a5d2b8456713279c263c9dbfac440ab0e6e41b40c35_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:bb7c59c89be24d5a763dee70bf1895175c8f14b8125774a6d6d7938ab164df6d_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:24eedaba1a0848d04af90278aaaba1a2790231d7049ed39047768ceed591f806_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:616faca6fd7684383ce8df2ffe0e0e72d397ff86a96a90096fa9bbb707736a64_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:d63b3d2356e504ed5e63fee770e71405e9efebaa0687ff95c72087755eb63445_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:dce09ee679578ab559f925bb6bc17746f71f38a5809bdebe2a22d548b1055345_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:52bfe29d4b87e59e34de3620a9c78e2a964d81c91fe94bca2a4e6b5ae6773ab0_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:6968e0f1a5034efb7c86248153573a3403ea8f7da1aaaa6cc2ee815a32958ee2_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:7e82f3597adb81ea86f8aaba8f7352bf20d5f533f948e5c86723871cb369e721_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:e63be81ffec6b125ae15a64b39c950e8b6d94c71fb3ebf3e59c36fd6a8708cd7_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:8b3c1cfa497893afa13413040ace41560f542136bfcc29fc4672527e646a385b_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:930d626158c0affcb82bd8f7ec27750b6cd58ff136498c806ecb9f01b59dd697_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:b23e1cdef09c9ec88d48969666b7646068cc811e0b9dc6f16df08ba372764ce6_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ecf11409a26b7623eeb2d6a9928da13ef992e7d4e2cd9743b20a5a1a6412eb8e_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "elliptic: nodejs/elliptic: EDDSA signature malleability due to missing signature length check"
},
{
"cve": "CVE-2024-42460",
"cwe": {
"id": "CWE-325",
"name": "Missing Cryptographic Step"
},
"discovery_date": "2024-08-02T07:20:14+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2302459"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Elliptic NodeJS package where it fails to properly verify the leading bit for the R and S values used in the ECDSA signature. This issue may lead to a scenario where an attacker can modify the signature without the Elliptic library being able to properly reject it, causing data confidentiality issues.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "elliptic: nodejs/elliptic: ECDSA signature malleability due to missing checks",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:a22d6479a42218465760a1d69698becc8f9a52611b94dca2b0e6e6c4cd1f57e9_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:ad11189a25220c34fb540897fb45cf249594e7620c289bbe96bff12503ad93b2_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:bd78beca1f12e74496b8e50d102706a69fdb6761e5d27542ed215dffdeeda040_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:dcb3244a1174038bf6a15f5fa2af049051bc081a7954b5158d01ca62c1f4612c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:34cde6f9ac5e0daabedd72d92bb7174f235f3788a5cd0da61ea02a4ed401d4c4_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:3b7c8f8ae92239b749c9cf2ac8eefcddc1709228fba062c13c1f08b5ada8948d_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:56eccfed504f353e9d93bcce4831454f78b42c22468c8c76bbd9f301db0302a0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:8695969f7b7249befc05a5aa21872db62b62ce1d666dcbc46b413abaea1c8896_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:1174fe7492b61515788099876e47cf1ff1bc9f4acbd546bba11542d28d5633dd_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:5f4eeee81cf9de99fa94f3a30c18f16c8fb1d79f4758c7b558c7585f4d779459_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:b427b91446551d74f5602b6e644101f560885e580ca1e75dca38b752c031e7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:dc3c46edf33bb7ce827f6bec3bc76a6381346e053471984fd0dec127284079e2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:3b7c60376ce1df8a387f55e5f5d97778b0d7d4df7def6ac47fb4b1be8e38a20d_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:79f483dd161ee51e237eeb8f6c2b782fa4ffa01a63976529e09f5d43dfd4b705_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:b6294ac85755654fb6091a5d2b8456713279c263c9dbfac440ab0e6e41b40c35_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:bb7c59c89be24d5a763dee70bf1895175c8f14b8125774a6d6d7938ab164df6d_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:24eedaba1a0848d04af90278aaaba1a2790231d7049ed39047768ceed591f806_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:616faca6fd7684383ce8df2ffe0e0e72d397ff86a96a90096fa9bbb707736a64_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:d63b3d2356e504ed5e63fee770e71405e9efebaa0687ff95c72087755eb63445_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:dce09ee679578ab559f925bb6bc17746f71f38a5809bdebe2a22d548b1055345_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:52bfe29d4b87e59e34de3620a9c78e2a964d81c91fe94bca2a4e6b5ae6773ab0_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:6968e0f1a5034efb7c86248153573a3403ea8f7da1aaaa6cc2ee815a32958ee2_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:7e82f3597adb81ea86f8aaba8f7352bf20d5f533f948e5c86723871cb369e721_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:e63be81ffec6b125ae15a64b39c950e8b6d94c71fb3ebf3e59c36fd6a8708cd7_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:8b3c1cfa497893afa13413040ace41560f542136bfcc29fc4672527e646a385b_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:930d626158c0affcb82bd8f7ec27750b6cd58ff136498c806ecb9f01b59dd697_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:b23e1cdef09c9ec88d48969666b7646068cc811e0b9dc6f16df08ba372764ce6_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ecf11409a26b7623eeb2d6a9928da13ef992e7d4e2cd9743b20a5a1a6412eb8e_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-42460"
},
{
"category": "external",
"summary": "RHBZ#2302459",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302459"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-42460",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42460"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-42460",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-42460"
},
{
"category": "external",
"summary": "https://github.com/indutny/elliptic/pull/317",
"url": "https://github.com/indutny/elliptic/pull/317"
}
],
"release_date": "2024-08-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-03T10:04:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:a22d6479a42218465760a1d69698becc8f9a52611b94dca2b0e6e6c4cd1f57e9_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:ad11189a25220c34fb540897fb45cf249594e7620c289bbe96bff12503ad93b2_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:bd78beca1f12e74496b8e50d102706a69fdb6761e5d27542ed215dffdeeda040_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:dcb3244a1174038bf6a15f5fa2af049051bc081a7954b5158d01ca62c1f4612c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:34cde6f9ac5e0daabedd72d92bb7174f235f3788a5cd0da61ea02a4ed401d4c4_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:3b7c8f8ae92239b749c9cf2ac8eefcddc1709228fba062c13c1f08b5ada8948d_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:56eccfed504f353e9d93bcce4831454f78b42c22468c8c76bbd9f301db0302a0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:8695969f7b7249befc05a5aa21872db62b62ce1d666dcbc46b413abaea1c8896_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:1174fe7492b61515788099876e47cf1ff1bc9f4acbd546bba11542d28d5633dd_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:5f4eeee81cf9de99fa94f3a30c18f16c8fb1d79f4758c7b558c7585f4d779459_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:b427b91446551d74f5602b6e644101f560885e580ca1e75dca38b752c031e7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:dc3c46edf33bb7ce827f6bec3bc76a6381346e053471984fd0dec127284079e2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:3b7c60376ce1df8a387f55e5f5d97778b0d7d4df7def6ac47fb4b1be8e38a20d_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:79f483dd161ee51e237eeb8f6c2b782fa4ffa01a63976529e09f5d43dfd4b705_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:b6294ac85755654fb6091a5d2b8456713279c263c9dbfac440ab0e6e41b40c35_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:bb7c59c89be24d5a763dee70bf1895175c8f14b8125774a6d6d7938ab164df6d_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:24eedaba1a0848d04af90278aaaba1a2790231d7049ed39047768ceed591f806_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:616faca6fd7684383ce8df2ffe0e0e72d397ff86a96a90096fa9bbb707736a64_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:d63b3d2356e504ed5e63fee770e71405e9efebaa0687ff95c72087755eb63445_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:dce09ee679578ab559f925bb6bc17746f71f38a5809bdebe2a22d548b1055345_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:52bfe29d4b87e59e34de3620a9c78e2a964d81c91fe94bca2a4e6b5ae6773ab0_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:6968e0f1a5034efb7c86248153573a3403ea8f7da1aaaa6cc2ee815a32958ee2_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:7e82f3597adb81ea86f8aaba8f7352bf20d5f533f948e5c86723871cb369e721_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:e63be81ffec6b125ae15a64b39c950e8b6d94c71fb3ebf3e59c36fd6a8708cd7_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:8b3c1cfa497893afa13413040ace41560f542136bfcc29fc4672527e646a385b_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:930d626158c0affcb82bd8f7ec27750b6cd58ff136498c806ecb9f01b59dd697_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:b23e1cdef09c9ec88d48969666b7646068cc811e0b9dc6f16df08ba372764ce6_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ecf11409a26b7623eeb2d6a9928da13ef992e7d4e2cd9743b20a5a1a6412eb8e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6209"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:a22d6479a42218465760a1d69698becc8f9a52611b94dca2b0e6e6c4cd1f57e9_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:ad11189a25220c34fb540897fb45cf249594e7620c289bbe96bff12503ad93b2_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:bd78beca1f12e74496b8e50d102706a69fdb6761e5d27542ed215dffdeeda040_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:dcb3244a1174038bf6a15f5fa2af049051bc081a7954b5158d01ca62c1f4612c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:34cde6f9ac5e0daabedd72d92bb7174f235f3788a5cd0da61ea02a4ed401d4c4_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:3b7c8f8ae92239b749c9cf2ac8eefcddc1709228fba062c13c1f08b5ada8948d_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:56eccfed504f353e9d93bcce4831454f78b42c22468c8c76bbd9f301db0302a0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:8695969f7b7249befc05a5aa21872db62b62ce1d666dcbc46b413abaea1c8896_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:1174fe7492b61515788099876e47cf1ff1bc9f4acbd546bba11542d28d5633dd_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:5f4eeee81cf9de99fa94f3a30c18f16c8fb1d79f4758c7b558c7585f4d779459_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:b427b91446551d74f5602b6e644101f560885e580ca1e75dca38b752c031e7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:dc3c46edf33bb7ce827f6bec3bc76a6381346e053471984fd0dec127284079e2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:3b7c60376ce1df8a387f55e5f5d97778b0d7d4df7def6ac47fb4b1be8e38a20d_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:79f483dd161ee51e237eeb8f6c2b782fa4ffa01a63976529e09f5d43dfd4b705_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:b6294ac85755654fb6091a5d2b8456713279c263c9dbfac440ab0e6e41b40c35_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:bb7c59c89be24d5a763dee70bf1895175c8f14b8125774a6d6d7938ab164df6d_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:24eedaba1a0848d04af90278aaaba1a2790231d7049ed39047768ceed591f806_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:616faca6fd7684383ce8df2ffe0e0e72d397ff86a96a90096fa9bbb707736a64_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:d63b3d2356e504ed5e63fee770e71405e9efebaa0687ff95c72087755eb63445_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:dce09ee679578ab559f925bb6bc17746f71f38a5809bdebe2a22d548b1055345_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:52bfe29d4b87e59e34de3620a9c78e2a964d81c91fe94bca2a4e6b5ae6773ab0_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:6968e0f1a5034efb7c86248153573a3403ea8f7da1aaaa6cc2ee815a32958ee2_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:7e82f3597adb81ea86f8aaba8f7352bf20d5f533f948e5c86723871cb369e721_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:e63be81ffec6b125ae15a64b39c950e8b6d94c71fb3ebf3e59c36fd6a8708cd7_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:8b3c1cfa497893afa13413040ace41560f542136bfcc29fc4672527e646a385b_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:930d626158c0affcb82bd8f7ec27750b6cd58ff136498c806ecb9f01b59dd697_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:b23e1cdef09c9ec88d48969666b7646068cc811e0b9dc6f16df08ba372764ce6_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ecf11409a26b7623eeb2d6a9928da13ef992e7d4e2cd9743b20a5a1a6412eb8e_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:a22d6479a42218465760a1d69698becc8f9a52611b94dca2b0e6e6c4cd1f57e9_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:ad11189a25220c34fb540897fb45cf249594e7620c289bbe96bff12503ad93b2_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:bd78beca1f12e74496b8e50d102706a69fdb6761e5d27542ed215dffdeeda040_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:dcb3244a1174038bf6a15f5fa2af049051bc081a7954b5158d01ca62c1f4612c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:34cde6f9ac5e0daabedd72d92bb7174f235f3788a5cd0da61ea02a4ed401d4c4_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:3b7c8f8ae92239b749c9cf2ac8eefcddc1709228fba062c13c1f08b5ada8948d_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:56eccfed504f353e9d93bcce4831454f78b42c22468c8c76bbd9f301db0302a0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:8695969f7b7249befc05a5aa21872db62b62ce1d666dcbc46b413abaea1c8896_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:1174fe7492b61515788099876e47cf1ff1bc9f4acbd546bba11542d28d5633dd_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:5f4eeee81cf9de99fa94f3a30c18f16c8fb1d79f4758c7b558c7585f4d779459_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:b427b91446551d74f5602b6e644101f560885e580ca1e75dca38b752c031e7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:dc3c46edf33bb7ce827f6bec3bc76a6381346e053471984fd0dec127284079e2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:3b7c60376ce1df8a387f55e5f5d97778b0d7d4df7def6ac47fb4b1be8e38a20d_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:79f483dd161ee51e237eeb8f6c2b782fa4ffa01a63976529e09f5d43dfd4b705_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:b6294ac85755654fb6091a5d2b8456713279c263c9dbfac440ab0e6e41b40c35_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:bb7c59c89be24d5a763dee70bf1895175c8f14b8125774a6d6d7938ab164df6d_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:24eedaba1a0848d04af90278aaaba1a2790231d7049ed39047768ceed591f806_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:616faca6fd7684383ce8df2ffe0e0e72d397ff86a96a90096fa9bbb707736a64_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:d63b3d2356e504ed5e63fee770e71405e9efebaa0687ff95c72087755eb63445_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:dce09ee679578ab559f925bb6bc17746f71f38a5809bdebe2a22d548b1055345_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:52bfe29d4b87e59e34de3620a9c78e2a964d81c91fe94bca2a4e6b5ae6773ab0_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:6968e0f1a5034efb7c86248153573a3403ea8f7da1aaaa6cc2ee815a32958ee2_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:7e82f3597adb81ea86f8aaba8f7352bf20d5f533f948e5c86723871cb369e721_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:e63be81ffec6b125ae15a64b39c950e8b6d94c71fb3ebf3e59c36fd6a8708cd7_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:8b3c1cfa497893afa13413040ace41560f542136bfcc29fc4672527e646a385b_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:930d626158c0affcb82bd8f7ec27750b6cd58ff136498c806ecb9f01b59dd697_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:b23e1cdef09c9ec88d48969666b7646068cc811e0b9dc6f16df08ba372764ce6_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ecf11409a26b7623eeb2d6a9928da13ef992e7d4e2cd9743b20a5a1a6412eb8e_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "elliptic: nodejs/elliptic: ECDSA signature malleability due to missing checks"
},
{
"cve": "CVE-2024-42461",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2024-08-02T07:20:17+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2302460"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Elliptic package for Node.js. ECDSA signatures encoded in BER format are improperly validated, allowing leading zeros to be added to the signature without invalidating it, resulting in confidentiality issues.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "elliptic: nodejs/elliptic: ECDSA implementation malleability due to BER-enconded signatures being allowed",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability was found in the elliptic npm package, it is an Improper Verification of Cryptographic Signature that occurs because the library accepts non-strictly BER-encoded signatures.This allows an attacker to create another valid signature for the same message, which may cause issues in systems that rely on unique signatures for identifying transactions.The overall impact on confidentiality is low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:a22d6479a42218465760a1d69698becc8f9a52611b94dca2b0e6e6c4cd1f57e9_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:ad11189a25220c34fb540897fb45cf249594e7620c289bbe96bff12503ad93b2_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:bd78beca1f12e74496b8e50d102706a69fdb6761e5d27542ed215dffdeeda040_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:dcb3244a1174038bf6a15f5fa2af049051bc081a7954b5158d01ca62c1f4612c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:34cde6f9ac5e0daabedd72d92bb7174f235f3788a5cd0da61ea02a4ed401d4c4_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:3b7c8f8ae92239b749c9cf2ac8eefcddc1709228fba062c13c1f08b5ada8948d_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:56eccfed504f353e9d93bcce4831454f78b42c22468c8c76bbd9f301db0302a0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:8695969f7b7249befc05a5aa21872db62b62ce1d666dcbc46b413abaea1c8896_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:1174fe7492b61515788099876e47cf1ff1bc9f4acbd546bba11542d28d5633dd_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:5f4eeee81cf9de99fa94f3a30c18f16c8fb1d79f4758c7b558c7585f4d779459_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:b427b91446551d74f5602b6e644101f560885e580ca1e75dca38b752c031e7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:dc3c46edf33bb7ce827f6bec3bc76a6381346e053471984fd0dec127284079e2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:3b7c60376ce1df8a387f55e5f5d97778b0d7d4df7def6ac47fb4b1be8e38a20d_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:79f483dd161ee51e237eeb8f6c2b782fa4ffa01a63976529e09f5d43dfd4b705_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:b6294ac85755654fb6091a5d2b8456713279c263c9dbfac440ab0e6e41b40c35_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:bb7c59c89be24d5a763dee70bf1895175c8f14b8125774a6d6d7938ab164df6d_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:24eedaba1a0848d04af90278aaaba1a2790231d7049ed39047768ceed591f806_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:616faca6fd7684383ce8df2ffe0e0e72d397ff86a96a90096fa9bbb707736a64_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:d63b3d2356e504ed5e63fee770e71405e9efebaa0687ff95c72087755eb63445_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:dce09ee679578ab559f925bb6bc17746f71f38a5809bdebe2a22d548b1055345_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:52bfe29d4b87e59e34de3620a9c78e2a964d81c91fe94bca2a4e6b5ae6773ab0_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:6968e0f1a5034efb7c86248153573a3403ea8f7da1aaaa6cc2ee815a32958ee2_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:7e82f3597adb81ea86f8aaba8f7352bf20d5f533f948e5c86723871cb369e721_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:e63be81ffec6b125ae15a64b39c950e8b6d94c71fb3ebf3e59c36fd6a8708cd7_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:8b3c1cfa497893afa13413040ace41560f542136bfcc29fc4672527e646a385b_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:930d626158c0affcb82bd8f7ec27750b6cd58ff136498c806ecb9f01b59dd697_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:b23e1cdef09c9ec88d48969666b7646068cc811e0b9dc6f16df08ba372764ce6_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ecf11409a26b7623eeb2d6a9928da13ef992e7d4e2cd9743b20a5a1a6412eb8e_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-42461"
},
{
"category": "external",
"summary": "RHBZ#2302460",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302460"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-42461",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42461"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-42461",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-42461"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-49q7-c7j4-3p7m",
"url": "https://github.com/advisories/GHSA-49q7-c7j4-3p7m"
},
{
"category": "external",
"summary": "https://github.com/indutny/elliptic/pull/317",
"url": "https://github.com/indutny/elliptic/pull/317"
}
],
"release_date": "2024-08-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-03T10:04:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:a22d6479a42218465760a1d69698becc8f9a52611b94dca2b0e6e6c4cd1f57e9_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:ad11189a25220c34fb540897fb45cf249594e7620c289bbe96bff12503ad93b2_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:bd78beca1f12e74496b8e50d102706a69fdb6761e5d27542ed215dffdeeda040_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:dcb3244a1174038bf6a15f5fa2af049051bc081a7954b5158d01ca62c1f4612c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:34cde6f9ac5e0daabedd72d92bb7174f235f3788a5cd0da61ea02a4ed401d4c4_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:3b7c8f8ae92239b749c9cf2ac8eefcddc1709228fba062c13c1f08b5ada8948d_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:56eccfed504f353e9d93bcce4831454f78b42c22468c8c76bbd9f301db0302a0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:8695969f7b7249befc05a5aa21872db62b62ce1d666dcbc46b413abaea1c8896_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:1174fe7492b61515788099876e47cf1ff1bc9f4acbd546bba11542d28d5633dd_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:5f4eeee81cf9de99fa94f3a30c18f16c8fb1d79f4758c7b558c7585f4d779459_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:b427b91446551d74f5602b6e644101f560885e580ca1e75dca38b752c031e7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:dc3c46edf33bb7ce827f6bec3bc76a6381346e053471984fd0dec127284079e2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:3b7c60376ce1df8a387f55e5f5d97778b0d7d4df7def6ac47fb4b1be8e38a20d_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:79f483dd161ee51e237eeb8f6c2b782fa4ffa01a63976529e09f5d43dfd4b705_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:b6294ac85755654fb6091a5d2b8456713279c263c9dbfac440ab0e6e41b40c35_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:bb7c59c89be24d5a763dee70bf1895175c8f14b8125774a6d6d7938ab164df6d_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:24eedaba1a0848d04af90278aaaba1a2790231d7049ed39047768ceed591f806_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:616faca6fd7684383ce8df2ffe0e0e72d397ff86a96a90096fa9bbb707736a64_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:d63b3d2356e504ed5e63fee770e71405e9efebaa0687ff95c72087755eb63445_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:dce09ee679578ab559f925bb6bc17746f71f38a5809bdebe2a22d548b1055345_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:52bfe29d4b87e59e34de3620a9c78e2a964d81c91fe94bca2a4e6b5ae6773ab0_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:6968e0f1a5034efb7c86248153573a3403ea8f7da1aaaa6cc2ee815a32958ee2_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:7e82f3597adb81ea86f8aaba8f7352bf20d5f533f948e5c86723871cb369e721_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:e63be81ffec6b125ae15a64b39c950e8b6d94c71fb3ebf3e59c36fd6a8708cd7_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:8b3c1cfa497893afa13413040ace41560f542136bfcc29fc4672527e646a385b_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:930d626158c0affcb82bd8f7ec27750b6cd58ff136498c806ecb9f01b59dd697_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:b23e1cdef09c9ec88d48969666b7646068cc811e0b9dc6f16df08ba372764ce6_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ecf11409a26b7623eeb2d6a9928da13ef992e7d4e2cd9743b20a5a1a6412eb8e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6209"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:a22d6479a42218465760a1d69698becc8f9a52611b94dca2b0e6e6c4cd1f57e9_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:ad11189a25220c34fb540897fb45cf249594e7620c289bbe96bff12503ad93b2_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:bd78beca1f12e74496b8e50d102706a69fdb6761e5d27542ed215dffdeeda040_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:dcb3244a1174038bf6a15f5fa2af049051bc081a7954b5158d01ca62c1f4612c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:34cde6f9ac5e0daabedd72d92bb7174f235f3788a5cd0da61ea02a4ed401d4c4_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:3b7c8f8ae92239b749c9cf2ac8eefcddc1709228fba062c13c1f08b5ada8948d_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:56eccfed504f353e9d93bcce4831454f78b42c22468c8c76bbd9f301db0302a0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:8695969f7b7249befc05a5aa21872db62b62ce1d666dcbc46b413abaea1c8896_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:1174fe7492b61515788099876e47cf1ff1bc9f4acbd546bba11542d28d5633dd_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:5f4eeee81cf9de99fa94f3a30c18f16c8fb1d79f4758c7b558c7585f4d779459_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:b427b91446551d74f5602b6e644101f560885e580ca1e75dca38b752c031e7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:dc3c46edf33bb7ce827f6bec3bc76a6381346e053471984fd0dec127284079e2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:3b7c60376ce1df8a387f55e5f5d97778b0d7d4df7def6ac47fb4b1be8e38a20d_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:79f483dd161ee51e237eeb8f6c2b782fa4ffa01a63976529e09f5d43dfd4b705_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:b6294ac85755654fb6091a5d2b8456713279c263c9dbfac440ab0e6e41b40c35_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:bb7c59c89be24d5a763dee70bf1895175c8f14b8125774a6d6d7938ab164df6d_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:24eedaba1a0848d04af90278aaaba1a2790231d7049ed39047768ceed591f806_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:616faca6fd7684383ce8df2ffe0e0e72d397ff86a96a90096fa9bbb707736a64_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:d63b3d2356e504ed5e63fee770e71405e9efebaa0687ff95c72087755eb63445_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:dce09ee679578ab559f925bb6bc17746f71f38a5809bdebe2a22d548b1055345_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:52bfe29d4b87e59e34de3620a9c78e2a964d81c91fe94bca2a4e6b5ae6773ab0_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:6968e0f1a5034efb7c86248153573a3403ea8f7da1aaaa6cc2ee815a32958ee2_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:7e82f3597adb81ea86f8aaba8f7352bf20d5f533f948e5c86723871cb369e721_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:e63be81ffec6b125ae15a64b39c950e8b6d94c71fb3ebf3e59c36fd6a8708cd7_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:8b3c1cfa497893afa13413040ace41560f542136bfcc29fc4672527e646a385b_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:930d626158c0affcb82bd8f7ec27750b6cd58ff136498c806ecb9f01b59dd697_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:b23e1cdef09c9ec88d48969666b7646068cc811e0b9dc6f16df08ba372764ce6_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ecf11409a26b7623eeb2d6a9928da13ef992e7d4e2cd9743b20a5a1a6412eb8e_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:a22d6479a42218465760a1d69698becc8f9a52611b94dca2b0e6e6c4cd1f57e9_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:ad11189a25220c34fb540897fb45cf249594e7620c289bbe96bff12503ad93b2_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:bd78beca1f12e74496b8e50d102706a69fdb6761e5d27542ed215dffdeeda040_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/grafana-rhel8@sha256:dcb3244a1174038bf6a15f5fa2af049051bc081a7954b5158d01ca62c1f4612c_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:34cde6f9ac5e0daabedd72d92bb7174f235f3788a5cd0da61ea02a4ed401d4c4_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:3b7c8f8ae92239b749c9cf2ac8eefcddc1709228fba062c13c1f08b5ada8948d_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:56eccfed504f353e9d93bcce4831454f78b42c22468c8c76bbd9f301db0302a0_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-cni-rhel8@sha256:8695969f7b7249befc05a5aa21872db62b62ce1d666dcbc46b413abaea1c8896_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:1174fe7492b61515788099876e47cf1ff1bc9f4acbd546bba11542d28d5633dd_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:5f4eeee81cf9de99fa94f3a30c18f16c8fb1d79f4758c7b558c7585f4d779459_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:b427b91446551d74f5602b6e644101f560885e580ca1e75dca38b752c031e7a6_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/istio-must-gather-rhel8@sha256:dc3c46edf33bb7ce827f6bec3bc76a6381346e053471984fd0dec127284079e2_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:3b7c60376ce1df8a387f55e5f5d97778b0d7d4df7def6ac47fb4b1be8e38a20d_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:79f483dd161ee51e237eeb8f6c2b782fa4ffa01a63976529e09f5d43dfd4b705_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:b6294ac85755654fb6091a5d2b8456713279c263c9dbfac440ab0e6e41b40c35_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/kiali-rhel8@sha256:bb7c59c89be24d5a763dee70bf1895175c8f14b8125774a6d6d7938ab164df6d_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:24eedaba1a0848d04af90278aaaba1a2790231d7049ed39047768ceed591f806_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:616faca6fd7684383ce8df2ffe0e0e72d397ff86a96a90096fa9bbb707736a64_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:d63b3d2356e504ed5e63fee770e71405e9efebaa0687ff95c72087755eb63445_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/pilot-rhel8@sha256:dce09ee679578ab559f925bb6bc17746f71f38a5809bdebe2a22d548b1055345_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:52bfe29d4b87e59e34de3620a9c78e2a964d81c91fe94bca2a4e6b5ae6773ab0_amd64",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:6968e0f1a5034efb7c86248153573a3403ea8f7da1aaaa6cc2ee815a32958ee2_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:7e82f3597adb81ea86f8aaba8f7352bf20d5f533f948e5c86723871cb369e721_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/proxyv2-rhel8@sha256:e63be81ffec6b125ae15a64b39c950e8b6d94c71fb3ebf3e59c36fd6a8708cd7_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:8b3c1cfa497893afa13413040ace41560f542136bfcc29fc4672527e646a385b_ppc64le",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:930d626158c0affcb82bd8f7ec27750b6cd58ff136498c806ecb9f01b59dd697_s390x",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:b23e1cdef09c9ec88d48969666b7646068cc811e0b9dc6f16df08ba372764ce6_arm64",
"8Base-RHOSSM-2.4:openshift-service-mesh/ratelimit-rhel8@sha256:ecf11409a26b7623eeb2d6a9928da13ef992e7d4e2cd9743b20a5a1a6412eb8e_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "elliptic: nodejs/elliptic: ECDSA implementation malleability due to BER-enconded signatures being allowed"
}
]
}
RHSA-2024:6210
Vulnerability from csaf_redhat - Published: 2024-09-03 10:05 - Updated: 2026-06-02 17:43Summary
Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.5.4 security update
Severity
Low
Notes
Topic: Red Hat OpenShift Service Mesh Containers for 2.5.4
Red Hat Product Security has rated this update as having a security impact of
Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a
detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
Details: Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.
Security Fix(es):
* axios: Server-Side Request Forgery (CVE-2024-39338)
* elliptic: nodejs/elliptic: From NVD collector (CVE-2024-42459)
* ECDSA signature malleability due to missing checks (CVE-2024-42460)
* elliptic: nodejs/elliptic: From NVD collector (CVE-2024-42461)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A vulnerability was found in the Axios HTTP Client. It is vulnerable to a server-side request forgery attack (SSRF) caused by unexpected behavior where requests for path-relative URLs get processed as protocol-relative URLs. This flaw allows an attacker to perform arbitrary requests from the server, potentially accessing internal systems or exfiltrating sensitive data.
7.5 (High)
Affected products
Fixed
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:0e5a5f9e98b1181a4624abaeae779a52a9f23b885bf5c49b501cb89b47ea57e8_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:650a7a328845a5614844e5121d3fb643860f851985c263759d8b3fc4d3837fed_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:880dc5db1971ed397af223519a8a43b513dbba90eae5fd09f173b0051f159c22_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:a64c67b2bb9cddc99836dd93c169043b3ee048cfca7d7ad4ec28fada75c3240a_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:30451a29ff2f14bf8c4f210ebf000679ce0ffa4af5fb6d7e931402ca4c0698f6_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:3c32da67d342a74b171f28049ff997014ed7ba4a9a63bcddf1bcd4761df91d6d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:4de88f118f7f0f9c82dedb534d2201a969a6eb7129862fbe99d977619346a91e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:7e8ec2e701f32afd8502a40809cf7d707679cfc7bced4b7545d4c828617809ba_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:10a472f7556e95753ed1ed78e68107539a4fa21edd99c5c971442ad9f8ea6160_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:2fa038769856650e23d56871f3b9746f82f7b1d0ae20287779e4d8c895642212_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:95a0d1e8765e6e983635c0ed5e7ba7c5ce8deaa3f702d41557b7cce20755f997_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:fcceb12b4878f180a9e4263c22e04a3b048a88951b9b4dbf735dc59bbe92cedc_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:55220093363a18cdb2da2183df4c645831c20a070fae3ffa8ddb163cd1a0dd1c_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9e39df1296cd22c9ee4c9fe291bd8d2555466d212a32047b3f6c64ca993563f0_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce777a4c38bef7988300446caaea03e9eef9ea6e5260a9558e09af81a9b866b2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:e12ca81c2bf4f7d29444833e92a06eec5da433e931803e89c5315fa61afa0f04_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:68588cd4073be83b9e42fbde29656bbb9e007b53c47d1b943d19aebe624e61c1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:8a1dbff7cea816ea96546e6d1647b5ab439c85ec2a76c3d74dadb462da71000f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:c07e3a2ac395e06468105553dce097334f262c3f94d96cafc500660ed29eb91d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:e2be27500e84f830a79c1a8f141d9efb33bd02464239e5611b6e1aafa82af302_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:0ffb28605471f52ffb11c090e3ac49c58ee96a6dc4fe13d851ee8a647e413f15_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:28dd159630562c2cf106fd9c90ee2f0eb6c27eb20f44a0ad89aa62df28ba5686_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:4346d91114d23b5e794c67fff10560730b51a38376cdbae0787c4d9cde7a419a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:977f445a5a4e5cab65df2ea078ff36b58c25198ee914e5aa7e91533e1d9b7cb5_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:30735e400419bb8c08bfcdc302d3ab97786e7825e89f604e3f6a1f42d727e3ca_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:99cdf691126ba1bd8c3f0279a95dda1c8c76fe257a72f59a479a926a0ac7eba5_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:cbf2da4bfb39ff37c0028bbcae621b5e8e37e32f8b7c622139fbce3f1cc0f8de_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:f4ae7819aab6a853500b54577955ec9433280b1d839b145971a3a1764a59b52c_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:1b33e9cab1b582ad850c95a008c23065a917a53b82d540680884da19e12b99b2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:5960f10bd4d8367edaa123af5adc2186408c21cdf547ce623796a41647269590_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:9df5c5f0b8760d015216140a11ca25cb36dd77a51d8a1804670f942cf5372803_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:fcaf1df1c9c3b91a3a8342fb1ee44f1928f4d5adc168435dafb72c0ab0a7e124_arm64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in the NodeJS Elliptic package. When creating EDDSA signatures, the Elliptic package doesn't properly check the signature length, allowing zeros to be added or removed from the signature without invalidating it, which may result in confidentiality issues.
5.3 (Medium)
Affected products
Fixed
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:0e5a5f9e98b1181a4624abaeae779a52a9f23b885bf5c49b501cb89b47ea57e8_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:650a7a328845a5614844e5121d3fb643860f851985c263759d8b3fc4d3837fed_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:880dc5db1971ed397af223519a8a43b513dbba90eae5fd09f173b0051f159c22_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:a64c67b2bb9cddc99836dd93c169043b3ee048cfca7d7ad4ec28fada75c3240a_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:30451a29ff2f14bf8c4f210ebf000679ce0ffa4af5fb6d7e931402ca4c0698f6_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:3c32da67d342a74b171f28049ff997014ed7ba4a9a63bcddf1bcd4761df91d6d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:4de88f118f7f0f9c82dedb534d2201a969a6eb7129862fbe99d977619346a91e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:7e8ec2e701f32afd8502a40809cf7d707679cfc7bced4b7545d4c828617809ba_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:10a472f7556e95753ed1ed78e68107539a4fa21edd99c5c971442ad9f8ea6160_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:2fa038769856650e23d56871f3b9746f82f7b1d0ae20287779e4d8c895642212_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:95a0d1e8765e6e983635c0ed5e7ba7c5ce8deaa3f702d41557b7cce20755f997_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:fcceb12b4878f180a9e4263c22e04a3b048a88951b9b4dbf735dc59bbe92cedc_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:55220093363a18cdb2da2183df4c645831c20a070fae3ffa8ddb163cd1a0dd1c_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9e39df1296cd22c9ee4c9fe291bd8d2555466d212a32047b3f6c64ca993563f0_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce777a4c38bef7988300446caaea03e9eef9ea6e5260a9558e09af81a9b866b2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:e12ca81c2bf4f7d29444833e92a06eec5da433e931803e89c5315fa61afa0f04_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:68588cd4073be83b9e42fbde29656bbb9e007b53c47d1b943d19aebe624e61c1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:8a1dbff7cea816ea96546e6d1647b5ab439c85ec2a76c3d74dadb462da71000f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:c07e3a2ac395e06468105553dce097334f262c3f94d96cafc500660ed29eb91d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:e2be27500e84f830a79c1a8f141d9efb33bd02464239e5611b6e1aafa82af302_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:0ffb28605471f52ffb11c090e3ac49c58ee96a6dc4fe13d851ee8a647e413f15_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:28dd159630562c2cf106fd9c90ee2f0eb6c27eb20f44a0ad89aa62df28ba5686_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:4346d91114d23b5e794c67fff10560730b51a38376cdbae0787c4d9cde7a419a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:977f445a5a4e5cab65df2ea078ff36b58c25198ee914e5aa7e91533e1d9b7cb5_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:30735e400419bb8c08bfcdc302d3ab97786e7825e89f604e3f6a1f42d727e3ca_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:99cdf691126ba1bd8c3f0279a95dda1c8c76fe257a72f59a479a926a0ac7eba5_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:cbf2da4bfb39ff37c0028bbcae621b5e8e37e32f8b7c622139fbce3f1cc0f8de_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:f4ae7819aab6a853500b54577955ec9433280b1d839b145971a3a1764a59b52c_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:1b33e9cab1b582ad850c95a008c23065a917a53b82d540680884da19e12b99b2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:5960f10bd4d8367edaa123af5adc2186408c21cdf547ce623796a41647269590_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:9df5c5f0b8760d015216140a11ca25cb36dd77a51d8a1804670f942cf5372803_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:fcaf1df1c9c3b91a3a8342fb1ee44f1928f4d5adc168435dafb72c0ab0a7e124_arm64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the Elliptic NodeJS package where it fails to properly verify the leading bit for the R and S values used in the ECDSA signature. This issue may lead to a scenario where an attacker can modify the signature without the Elliptic library being able to properly reject it, causing data confidentiality issues.
5.3 (Medium)
Affected products
Fixed
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:0e5a5f9e98b1181a4624abaeae779a52a9f23b885bf5c49b501cb89b47ea57e8_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:650a7a328845a5614844e5121d3fb643860f851985c263759d8b3fc4d3837fed_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:880dc5db1971ed397af223519a8a43b513dbba90eae5fd09f173b0051f159c22_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:a64c67b2bb9cddc99836dd93c169043b3ee048cfca7d7ad4ec28fada75c3240a_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:30451a29ff2f14bf8c4f210ebf000679ce0ffa4af5fb6d7e931402ca4c0698f6_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:3c32da67d342a74b171f28049ff997014ed7ba4a9a63bcddf1bcd4761df91d6d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:4de88f118f7f0f9c82dedb534d2201a969a6eb7129862fbe99d977619346a91e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:7e8ec2e701f32afd8502a40809cf7d707679cfc7bced4b7545d4c828617809ba_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:10a472f7556e95753ed1ed78e68107539a4fa21edd99c5c971442ad9f8ea6160_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:2fa038769856650e23d56871f3b9746f82f7b1d0ae20287779e4d8c895642212_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:95a0d1e8765e6e983635c0ed5e7ba7c5ce8deaa3f702d41557b7cce20755f997_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:fcceb12b4878f180a9e4263c22e04a3b048a88951b9b4dbf735dc59bbe92cedc_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:55220093363a18cdb2da2183df4c645831c20a070fae3ffa8ddb163cd1a0dd1c_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9e39df1296cd22c9ee4c9fe291bd8d2555466d212a32047b3f6c64ca993563f0_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce777a4c38bef7988300446caaea03e9eef9ea6e5260a9558e09af81a9b866b2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:e12ca81c2bf4f7d29444833e92a06eec5da433e931803e89c5315fa61afa0f04_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:68588cd4073be83b9e42fbde29656bbb9e007b53c47d1b943d19aebe624e61c1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:8a1dbff7cea816ea96546e6d1647b5ab439c85ec2a76c3d74dadb462da71000f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:c07e3a2ac395e06468105553dce097334f262c3f94d96cafc500660ed29eb91d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:e2be27500e84f830a79c1a8f141d9efb33bd02464239e5611b6e1aafa82af302_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:0ffb28605471f52ffb11c090e3ac49c58ee96a6dc4fe13d851ee8a647e413f15_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:28dd159630562c2cf106fd9c90ee2f0eb6c27eb20f44a0ad89aa62df28ba5686_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:4346d91114d23b5e794c67fff10560730b51a38376cdbae0787c4d9cde7a419a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:977f445a5a4e5cab65df2ea078ff36b58c25198ee914e5aa7e91533e1d9b7cb5_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:30735e400419bb8c08bfcdc302d3ab97786e7825e89f604e3f6a1f42d727e3ca_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:99cdf691126ba1bd8c3f0279a95dda1c8c76fe257a72f59a479a926a0ac7eba5_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:cbf2da4bfb39ff37c0028bbcae621b5e8e37e32f8b7c622139fbce3f1cc0f8de_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:f4ae7819aab6a853500b54577955ec9433280b1d839b145971a3a1764a59b52c_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:1b33e9cab1b582ad850c95a008c23065a917a53b82d540680884da19e12b99b2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:5960f10bd4d8367edaa123af5adc2186408c21cdf547ce623796a41647269590_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:9df5c5f0b8760d015216140a11ca25cb36dd77a51d8a1804670f942cf5372803_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:fcaf1df1c9c3b91a3a8342fb1ee44f1928f4d5adc168435dafb72c0ab0a7e124_arm64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the Elliptic package for Node.js. ECDSA signatures encoded in BER format are improperly validated, allowing leading zeros to be added to the signature without invalidating it, resulting in confidentiality issues.
5.3 (Medium)
Affected products
Fixed
32 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:0e5a5f9e98b1181a4624abaeae779a52a9f23b885bf5c49b501cb89b47ea57e8_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:650a7a328845a5614844e5121d3fb643860f851985c263759d8b3fc4d3837fed_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:880dc5db1971ed397af223519a8a43b513dbba90eae5fd09f173b0051f159c22_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:a64c67b2bb9cddc99836dd93c169043b3ee048cfca7d7ad4ec28fada75c3240a_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:30451a29ff2f14bf8c4f210ebf000679ce0ffa4af5fb6d7e931402ca4c0698f6_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:3c32da67d342a74b171f28049ff997014ed7ba4a9a63bcddf1bcd4761df91d6d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:4de88f118f7f0f9c82dedb534d2201a969a6eb7129862fbe99d977619346a91e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:7e8ec2e701f32afd8502a40809cf7d707679cfc7bced4b7545d4c828617809ba_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:10a472f7556e95753ed1ed78e68107539a4fa21edd99c5c971442ad9f8ea6160_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:2fa038769856650e23d56871f3b9746f82f7b1d0ae20287779e4d8c895642212_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:95a0d1e8765e6e983635c0ed5e7ba7c5ce8deaa3f702d41557b7cce20755f997_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:fcceb12b4878f180a9e4263c22e04a3b048a88951b9b4dbf735dc59bbe92cedc_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:55220093363a18cdb2da2183df4c645831c20a070fae3ffa8ddb163cd1a0dd1c_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9e39df1296cd22c9ee4c9fe291bd8d2555466d212a32047b3f6c64ca993563f0_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce777a4c38bef7988300446caaea03e9eef9ea6e5260a9558e09af81a9b866b2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:e12ca81c2bf4f7d29444833e92a06eec5da433e931803e89c5315fa61afa0f04_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:68588cd4073be83b9e42fbde29656bbb9e007b53c47d1b943d19aebe624e61c1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:8a1dbff7cea816ea96546e6d1647b5ab439c85ec2a76c3d74dadb462da71000f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:c07e3a2ac395e06468105553dce097334f262c3f94d96cafc500660ed29eb91d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:e2be27500e84f830a79c1a8f141d9efb33bd02464239e5611b6e1aafa82af302_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:0ffb28605471f52ffb11c090e3ac49c58ee96a6dc4fe13d851ee8a647e413f15_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:28dd159630562c2cf106fd9c90ee2f0eb6c27eb20f44a0ad89aa62df28ba5686_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:4346d91114d23b5e794c67fff10560730b51a38376cdbae0787c4d9cde7a419a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:977f445a5a4e5cab65df2ea078ff36b58c25198ee914e5aa7e91533e1d9b7cb5_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:30735e400419bb8c08bfcdc302d3ab97786e7825e89f604e3f6a1f42d727e3ca_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:99cdf691126ba1bd8c3f0279a95dda1c8c76fe257a72f59a479a926a0ac7eba5_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:cbf2da4bfb39ff37c0028bbcae621b5e8e37e32f8b7c622139fbce3f1cc0f8de_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:f4ae7819aab6a853500b54577955ec9433280b1d839b145971a3a1764a59b52c_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:1b33e9cab1b582ad850c95a008c23065a917a53b82d540680884da19e12b99b2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:5960f10bd4d8367edaa123af5adc2186408c21cdf547ce623796a41647269590_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:9df5c5f0b8760d015216140a11ca25cb36dd77a51d8a1804670f942cf5372803_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:fcaf1df1c9c3b91a3a8342fb1ee44f1928f4d5adc168435dafb72c0ab0a7e124_arm64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
24 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Low"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Service Mesh Containers for 2.5.4 \n\nRed Hat Product Security has rated this update as having a security impact of\nLow. A Common Vulnerability Scoring System (CVSS) base score, which gives a\ndetailed severity rating, is available for each vulnerability from the CVE\nlink(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Service Mesh is Red Hat\u0027s distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.\n\nSecurity Fix(es):\n* axios: Server-Side Request Forgery (CVE-2024-39338)\n* elliptic: nodejs/elliptic: From NVD collector (CVE-2024-42459)\n* ECDSA signature malleability due to missing checks (CVE-2024-42460)\n* elliptic: nodejs/elliptic: From NVD collector (CVE-2024-42461)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:6210",
"url": "https://access.redhat.com/errata/RHSA-2024:6210"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#low",
"url": "https://access.redhat.com/security/updates/classification/#low"
},
{
"category": "external",
"summary": "OSSM-6766",
"url": "https://issues.redhat.com/browse/OSSM-6766"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_6210.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.5.4 security update",
"tracking": {
"current_release_date": "2026-06-02T17:43:12+00:00",
"generator": {
"date": "2026-06-02T17:43:12+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2024:6210",
"initial_release_date": "2024-09-03T10:05:02+00:00",
"revision_history": [
{
"date": "2024-09-03T10:05:02+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-09-03T10:05:02+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-02T17:43:12+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHOSSM 2.5 for RHEL 8",
"product": {
"name": "RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_mesh:2.5::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Service Mesh"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:55220093363a18cdb2da2183df4c645831c20a070fae3ffa8ddb163cd1a0dd1c_arm64",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:55220093363a18cdb2da2183df4c645831c20a070fae3ffa8ddb163cd1a0dd1c_arm64",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:55220093363a18cdb2da2183df4c645831c20a070fae3ffa8ddb163cd1a0dd1c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:55220093363a18cdb2da2183df4c645831c20a070fae3ffa8ddb163cd1a0dd1c?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.73.13-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:7e8ec2e701f32afd8502a40809cf7d707679cfc7bced4b7545d4c828617809ba_arm64",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:7e8ec2e701f32afd8502a40809cf7d707679cfc7bced4b7545d4c828617809ba_arm64",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:7e8ec2e701f32afd8502a40809cf7d707679cfc7bced4b7545d4c828617809ba_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:7e8ec2e701f32afd8502a40809cf7d707679cfc7bced4b7545d4c828617809ba?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.5.4-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:a64c67b2bb9cddc99836dd93c169043b3ee048cfca7d7ad4ec28fada75c3240a_arm64",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:a64c67b2bb9cddc99836dd93c169043b3ee048cfca7d7ad4ec28fada75c3240a_arm64",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:a64c67b2bb9cddc99836dd93c169043b3ee048cfca7d7ad4ec28fada75c3240a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:a64c67b2bb9cddc99836dd93c169043b3ee048cfca7d7ad4ec28fada75c3240a?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.5.4-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:8a1dbff7cea816ea96546e6d1647b5ab439c85ec2a76c3d74dadb462da71000f_arm64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:8a1dbff7cea816ea96546e6d1647b5ab439c85ec2a76c3d74dadb462da71000f_arm64",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:8a1dbff7cea816ea96546e6d1647b5ab439c85ec2a76c3d74dadb462da71000f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:8a1dbff7cea816ea96546e6d1647b5ab439c85ec2a76c3d74dadb462da71000f?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.73.14-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:2fa038769856650e23d56871f3b9746f82f7b1d0ae20287779e4d8c895642212_arm64",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:2fa038769856650e23d56871f3b9746f82f7b1d0ae20287779e4d8c895642212_arm64",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:2fa038769856650e23d56871f3b9746f82f7b1d0ae20287779e4d8c895642212_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:2fa038769856650e23d56871f3b9746f82f7b1d0ae20287779e4d8c895642212?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.5.4-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:28dd159630562c2cf106fd9c90ee2f0eb6c27eb20f44a0ad89aa62df28ba5686_arm64",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:28dd159630562c2cf106fd9c90ee2f0eb6c27eb20f44a0ad89aa62df28ba5686_arm64",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:28dd159630562c2cf106fd9c90ee2f0eb6c27eb20f44a0ad89aa62df28ba5686_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:28dd159630562c2cf106fd9c90ee2f0eb6c27eb20f44a0ad89aa62df28ba5686?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.5.4-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:cbf2da4bfb39ff37c0028bbcae621b5e8e37e32f8b7c622139fbce3f1cc0f8de_arm64",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:cbf2da4bfb39ff37c0028bbcae621b5e8e37e32f8b7c622139fbce3f1cc0f8de_arm64",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:cbf2da4bfb39ff37c0028bbcae621b5e8e37e32f8b7c622139fbce3f1cc0f8de_arm64",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:cbf2da4bfb39ff37c0028bbcae621b5e8e37e32f8b7c622139fbce3f1cc0f8de?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.5.4-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:fcaf1df1c9c3b91a3a8342fb1ee44f1928f4d5adc168435dafb72c0ab0a7e124_arm64",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:fcaf1df1c9c3b91a3a8342fb1ee44f1928f4d5adc168435dafb72c0ab0a7e124_arm64",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:fcaf1df1c9c3b91a3a8342fb1ee44f1928f4d5adc168435dafb72c0ab0a7e124_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:fcaf1df1c9c3b91a3a8342fb1ee44f1928f4d5adc168435dafb72c0ab0a7e124?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.5.4-3"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce777a4c38bef7988300446caaea03e9eef9ea6e5260a9558e09af81a9b866b2_amd64",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce777a4c38bef7988300446caaea03e9eef9ea6e5260a9558e09af81a9b866b2_amd64",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce777a4c38bef7988300446caaea03e9eef9ea6e5260a9558e09af81a9b866b2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:ce777a4c38bef7988300446caaea03e9eef9ea6e5260a9558e09af81a9b866b2?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.73.13-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:4de88f118f7f0f9c82dedb534d2201a969a6eb7129862fbe99d977619346a91e_amd64",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:4de88f118f7f0f9c82dedb534d2201a969a6eb7129862fbe99d977619346a91e_amd64",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:4de88f118f7f0f9c82dedb534d2201a969a6eb7129862fbe99d977619346a91e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:4de88f118f7f0f9c82dedb534d2201a969a6eb7129862fbe99d977619346a91e?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.5.4-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:0e5a5f9e98b1181a4624abaeae779a52a9f23b885bf5c49b501cb89b47ea57e8_amd64",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:0e5a5f9e98b1181a4624abaeae779a52a9f23b885bf5c49b501cb89b47ea57e8_amd64",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:0e5a5f9e98b1181a4624abaeae779a52a9f23b885bf5c49b501cb89b47ea57e8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:0e5a5f9e98b1181a4624abaeae779a52a9f23b885bf5c49b501cb89b47ea57e8?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.5.4-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:68588cd4073be83b9e42fbde29656bbb9e007b53c47d1b943d19aebe624e61c1_amd64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:68588cd4073be83b9e42fbde29656bbb9e007b53c47d1b943d19aebe624e61c1_amd64",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:68588cd4073be83b9e42fbde29656bbb9e007b53c47d1b943d19aebe624e61c1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:68588cd4073be83b9e42fbde29656bbb9e007b53c47d1b943d19aebe624e61c1?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.73.14-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:fcceb12b4878f180a9e4263c22e04a3b048a88951b9b4dbf735dc59bbe92cedc_amd64",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:fcceb12b4878f180a9e4263c22e04a3b048a88951b9b4dbf735dc59bbe92cedc_amd64",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:fcceb12b4878f180a9e4263c22e04a3b048a88951b9b4dbf735dc59bbe92cedc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:fcceb12b4878f180a9e4263c22e04a3b048a88951b9b4dbf735dc59bbe92cedc?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.5.4-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:0ffb28605471f52ffb11c090e3ac49c58ee96a6dc4fe13d851ee8a647e413f15_amd64",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:0ffb28605471f52ffb11c090e3ac49c58ee96a6dc4fe13d851ee8a647e413f15_amd64",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:0ffb28605471f52ffb11c090e3ac49c58ee96a6dc4fe13d851ee8a647e413f15_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:0ffb28605471f52ffb11c090e3ac49c58ee96a6dc4fe13d851ee8a647e413f15?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.5.4-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:30735e400419bb8c08bfcdc302d3ab97786e7825e89f604e3f6a1f42d727e3ca_amd64",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:30735e400419bb8c08bfcdc302d3ab97786e7825e89f604e3f6a1f42d727e3ca_amd64",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:30735e400419bb8c08bfcdc302d3ab97786e7825e89f604e3f6a1f42d727e3ca_amd64",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:30735e400419bb8c08bfcdc302d3ab97786e7825e89f604e3f6a1f42d727e3ca?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.5.4-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:1b33e9cab1b582ad850c95a008c23065a917a53b82d540680884da19e12b99b2_amd64",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:1b33e9cab1b582ad850c95a008c23065a917a53b82d540680884da19e12b99b2_amd64",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:1b33e9cab1b582ad850c95a008c23065a917a53b82d540680884da19e12b99b2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:1b33e9cab1b582ad850c95a008c23065a917a53b82d540680884da19e12b99b2?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.5.4-3"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:9e39df1296cd22c9ee4c9fe291bd8d2555466d212a32047b3f6c64ca993563f0_s390x",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:9e39df1296cd22c9ee4c9fe291bd8d2555466d212a32047b3f6c64ca993563f0_s390x",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:9e39df1296cd22c9ee4c9fe291bd8d2555466d212a32047b3f6c64ca993563f0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:9e39df1296cd22c9ee4c9fe291bd8d2555466d212a32047b3f6c64ca993563f0?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.73.13-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:30451a29ff2f14bf8c4f210ebf000679ce0ffa4af5fb6d7e931402ca4c0698f6_s390x",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:30451a29ff2f14bf8c4f210ebf000679ce0ffa4af5fb6d7e931402ca4c0698f6_s390x",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:30451a29ff2f14bf8c4f210ebf000679ce0ffa4af5fb6d7e931402ca4c0698f6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:30451a29ff2f14bf8c4f210ebf000679ce0ffa4af5fb6d7e931402ca4c0698f6?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.5.4-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:880dc5db1971ed397af223519a8a43b513dbba90eae5fd09f173b0051f159c22_s390x",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:880dc5db1971ed397af223519a8a43b513dbba90eae5fd09f173b0051f159c22_s390x",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:880dc5db1971ed397af223519a8a43b513dbba90eae5fd09f173b0051f159c22_s390x",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:880dc5db1971ed397af223519a8a43b513dbba90eae5fd09f173b0051f159c22?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.5.4-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:c07e3a2ac395e06468105553dce097334f262c3f94d96cafc500660ed29eb91d_s390x",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:c07e3a2ac395e06468105553dce097334f262c3f94d96cafc500660ed29eb91d_s390x",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:c07e3a2ac395e06468105553dce097334f262c3f94d96cafc500660ed29eb91d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:c07e3a2ac395e06468105553dce097334f262c3f94d96cafc500660ed29eb91d?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.73.14-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:10a472f7556e95753ed1ed78e68107539a4fa21edd99c5c971442ad9f8ea6160_s390x",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:10a472f7556e95753ed1ed78e68107539a4fa21edd99c5c971442ad9f8ea6160_s390x",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:10a472f7556e95753ed1ed78e68107539a4fa21edd99c5c971442ad9f8ea6160_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:10a472f7556e95753ed1ed78e68107539a4fa21edd99c5c971442ad9f8ea6160?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.5.4-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:4346d91114d23b5e794c67fff10560730b51a38376cdbae0787c4d9cde7a419a_s390x",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:4346d91114d23b5e794c67fff10560730b51a38376cdbae0787c4d9cde7a419a_s390x",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:4346d91114d23b5e794c67fff10560730b51a38376cdbae0787c4d9cde7a419a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:4346d91114d23b5e794c67fff10560730b51a38376cdbae0787c4d9cde7a419a?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.5.4-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:f4ae7819aab6a853500b54577955ec9433280b1d839b145971a3a1764a59b52c_s390x",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:f4ae7819aab6a853500b54577955ec9433280b1d839b145971a3a1764a59b52c_s390x",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:f4ae7819aab6a853500b54577955ec9433280b1d839b145971a3a1764a59b52c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:f4ae7819aab6a853500b54577955ec9433280b1d839b145971a3a1764a59b52c?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.5.4-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:5960f10bd4d8367edaa123af5adc2186408c21cdf547ce623796a41647269590_s390x",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:5960f10bd4d8367edaa123af5adc2186408c21cdf547ce623796a41647269590_s390x",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:5960f10bd4d8367edaa123af5adc2186408c21cdf547ce623796a41647269590_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:5960f10bd4d8367edaa123af5adc2186408c21cdf547ce623796a41647269590?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.5.4-3"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:e12ca81c2bf4f7d29444833e92a06eec5da433e931803e89c5315fa61afa0f04_ppc64le",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:e12ca81c2bf4f7d29444833e92a06eec5da433e931803e89c5315fa61afa0f04_ppc64le",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:e12ca81c2bf4f7d29444833e92a06eec5da433e931803e89c5315fa61afa0f04_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:e12ca81c2bf4f7d29444833e92a06eec5da433e931803e89c5315fa61afa0f04?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.73.13-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:3c32da67d342a74b171f28049ff997014ed7ba4a9a63bcddf1bcd4761df91d6d_ppc64le",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:3c32da67d342a74b171f28049ff997014ed7ba4a9a63bcddf1bcd4761df91d6d_ppc64le",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:3c32da67d342a74b171f28049ff997014ed7ba4a9a63bcddf1bcd4761df91d6d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:3c32da67d342a74b171f28049ff997014ed7ba4a9a63bcddf1bcd4761df91d6d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.5.4-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:650a7a328845a5614844e5121d3fb643860f851985c263759d8b3fc4d3837fed_ppc64le",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:650a7a328845a5614844e5121d3fb643860f851985c263759d8b3fc4d3837fed_ppc64le",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:650a7a328845a5614844e5121d3fb643860f851985c263759d8b3fc4d3837fed_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:650a7a328845a5614844e5121d3fb643860f851985c263759d8b3fc4d3837fed?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.5.4-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:e2be27500e84f830a79c1a8f141d9efb33bd02464239e5611b6e1aafa82af302_ppc64le",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:e2be27500e84f830a79c1a8f141d9efb33bd02464239e5611b6e1aafa82af302_ppc64le",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:e2be27500e84f830a79c1a8f141d9efb33bd02464239e5611b6e1aafa82af302_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:e2be27500e84f830a79c1a8f141d9efb33bd02464239e5611b6e1aafa82af302?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.73.14-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:95a0d1e8765e6e983635c0ed5e7ba7c5ce8deaa3f702d41557b7cce20755f997_ppc64le",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:95a0d1e8765e6e983635c0ed5e7ba7c5ce8deaa3f702d41557b7cce20755f997_ppc64le",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:95a0d1e8765e6e983635c0ed5e7ba7c5ce8deaa3f702d41557b7cce20755f997_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:95a0d1e8765e6e983635c0ed5e7ba7c5ce8deaa3f702d41557b7cce20755f997?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.5.4-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:977f445a5a4e5cab65df2ea078ff36b58c25198ee914e5aa7e91533e1d9b7cb5_ppc64le",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:977f445a5a4e5cab65df2ea078ff36b58c25198ee914e5aa7e91533e1d9b7cb5_ppc64le",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:977f445a5a4e5cab65df2ea078ff36b58c25198ee914e5aa7e91533e1d9b7cb5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:977f445a5a4e5cab65df2ea078ff36b58c25198ee914e5aa7e91533e1d9b7cb5?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.5.4-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:99cdf691126ba1bd8c3f0279a95dda1c8c76fe257a72f59a479a926a0ac7eba5_ppc64le",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:99cdf691126ba1bd8c3f0279a95dda1c8c76fe257a72f59a479a926a0ac7eba5_ppc64le",
"product_id": "openshift-service-mesh/proxyv2-rhel8@sha256:99cdf691126ba1bd8c3f0279a95dda1c8c76fe257a72f59a479a926a0ac7eba5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel8@sha256:99cdf691126ba1bd8c3f0279a95dda1c8c76fe257a72f59a479a926a0ac7eba5?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel8\u0026tag=2.5.4-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:9df5c5f0b8760d015216140a11ca25cb36dd77a51d8a1804670f942cf5372803_ppc64le",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:9df5c5f0b8760d015216140a11ca25cb36dd77a51d8a1804670f942cf5372803_ppc64le",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:9df5c5f0b8760d015216140a11ca25cb36dd77a51d8a1804670f942cf5372803_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:9df5c5f0b8760d015216140a11ca25cb36dd77a51d8a1804670f942cf5372803?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.5.4-3"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:0e5a5f9e98b1181a4624abaeae779a52a9f23b885bf5c49b501cb89b47ea57e8_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:0e5a5f9e98b1181a4624abaeae779a52a9f23b885bf5c49b501cb89b47ea57e8_amd64"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:0e5a5f9e98b1181a4624abaeae779a52a9f23b885bf5c49b501cb89b47ea57e8_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:650a7a328845a5614844e5121d3fb643860f851985c263759d8b3fc4d3837fed_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:650a7a328845a5614844e5121d3fb643860f851985c263759d8b3fc4d3837fed_ppc64le"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:650a7a328845a5614844e5121d3fb643860f851985c263759d8b3fc4d3837fed_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:880dc5db1971ed397af223519a8a43b513dbba90eae5fd09f173b0051f159c22_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:880dc5db1971ed397af223519a8a43b513dbba90eae5fd09f173b0051f159c22_s390x"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:880dc5db1971ed397af223519a8a43b513dbba90eae5fd09f173b0051f159c22_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:a64c67b2bb9cddc99836dd93c169043b3ee048cfca7d7ad4ec28fada75c3240a_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:a64c67b2bb9cddc99836dd93c169043b3ee048cfca7d7ad4ec28fada75c3240a_arm64"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:a64c67b2bb9cddc99836dd93c169043b3ee048cfca7d7ad4ec28fada75c3240a_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:30451a29ff2f14bf8c4f210ebf000679ce0ffa4af5fb6d7e931402ca4c0698f6_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:30451a29ff2f14bf8c4f210ebf000679ce0ffa4af5fb6d7e931402ca4c0698f6_s390x"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:30451a29ff2f14bf8c4f210ebf000679ce0ffa4af5fb6d7e931402ca4c0698f6_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:3c32da67d342a74b171f28049ff997014ed7ba4a9a63bcddf1bcd4761df91d6d_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:3c32da67d342a74b171f28049ff997014ed7ba4a9a63bcddf1bcd4761df91d6d_ppc64le"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:3c32da67d342a74b171f28049ff997014ed7ba4a9a63bcddf1bcd4761df91d6d_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:4de88f118f7f0f9c82dedb534d2201a969a6eb7129862fbe99d977619346a91e_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:4de88f118f7f0f9c82dedb534d2201a969a6eb7129862fbe99d977619346a91e_amd64"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:4de88f118f7f0f9c82dedb534d2201a969a6eb7129862fbe99d977619346a91e_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:7e8ec2e701f32afd8502a40809cf7d707679cfc7bced4b7545d4c828617809ba_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:7e8ec2e701f32afd8502a40809cf7d707679cfc7bced4b7545d4c828617809ba_arm64"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:7e8ec2e701f32afd8502a40809cf7d707679cfc7bced4b7545d4c828617809ba_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:10a472f7556e95753ed1ed78e68107539a4fa21edd99c5c971442ad9f8ea6160_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:10a472f7556e95753ed1ed78e68107539a4fa21edd99c5c971442ad9f8ea6160_s390x"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:10a472f7556e95753ed1ed78e68107539a4fa21edd99c5c971442ad9f8ea6160_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:2fa038769856650e23d56871f3b9746f82f7b1d0ae20287779e4d8c895642212_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:2fa038769856650e23d56871f3b9746f82f7b1d0ae20287779e4d8c895642212_arm64"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:2fa038769856650e23d56871f3b9746f82f7b1d0ae20287779e4d8c895642212_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:95a0d1e8765e6e983635c0ed5e7ba7c5ce8deaa3f702d41557b7cce20755f997_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:95a0d1e8765e6e983635c0ed5e7ba7c5ce8deaa3f702d41557b7cce20755f997_ppc64le"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:95a0d1e8765e6e983635c0ed5e7ba7c5ce8deaa3f702d41557b7cce20755f997_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:fcceb12b4878f180a9e4263c22e04a3b048a88951b9b4dbf735dc59bbe92cedc_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:fcceb12b4878f180a9e4263c22e04a3b048a88951b9b4dbf735dc59bbe92cedc_amd64"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:fcceb12b4878f180a9e4263c22e04a3b048a88951b9b4dbf735dc59bbe92cedc_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:55220093363a18cdb2da2183df4c645831c20a070fae3ffa8ddb163cd1a0dd1c_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:55220093363a18cdb2da2183df4c645831c20a070fae3ffa8ddb163cd1a0dd1c_arm64"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:55220093363a18cdb2da2183df4c645831c20a070fae3ffa8ddb163cd1a0dd1c_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:9e39df1296cd22c9ee4c9fe291bd8d2555466d212a32047b3f6c64ca993563f0_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9e39df1296cd22c9ee4c9fe291bd8d2555466d212a32047b3f6c64ca993563f0_s390x"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:9e39df1296cd22c9ee4c9fe291bd8d2555466d212a32047b3f6c64ca993563f0_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce777a4c38bef7988300446caaea03e9eef9ea6e5260a9558e09af81a9b866b2_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce777a4c38bef7988300446caaea03e9eef9ea6e5260a9558e09af81a9b866b2_amd64"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce777a4c38bef7988300446caaea03e9eef9ea6e5260a9558e09af81a9b866b2_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:e12ca81c2bf4f7d29444833e92a06eec5da433e931803e89c5315fa61afa0f04_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:e12ca81c2bf4f7d29444833e92a06eec5da433e931803e89c5315fa61afa0f04_ppc64le"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:e12ca81c2bf4f7d29444833e92a06eec5da433e931803e89c5315fa61afa0f04_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:68588cd4073be83b9e42fbde29656bbb9e007b53c47d1b943d19aebe624e61c1_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:68588cd4073be83b9e42fbde29656bbb9e007b53c47d1b943d19aebe624e61c1_amd64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:68588cd4073be83b9e42fbde29656bbb9e007b53c47d1b943d19aebe624e61c1_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:8a1dbff7cea816ea96546e6d1647b5ab439c85ec2a76c3d74dadb462da71000f_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:8a1dbff7cea816ea96546e6d1647b5ab439c85ec2a76c3d74dadb462da71000f_arm64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:8a1dbff7cea816ea96546e6d1647b5ab439c85ec2a76c3d74dadb462da71000f_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:c07e3a2ac395e06468105553dce097334f262c3f94d96cafc500660ed29eb91d_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:c07e3a2ac395e06468105553dce097334f262c3f94d96cafc500660ed29eb91d_s390x"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:c07e3a2ac395e06468105553dce097334f262c3f94d96cafc500660ed29eb91d_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:e2be27500e84f830a79c1a8f141d9efb33bd02464239e5611b6e1aafa82af302_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:e2be27500e84f830a79c1a8f141d9efb33bd02464239e5611b6e1aafa82af302_ppc64le"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:e2be27500e84f830a79c1a8f141d9efb33bd02464239e5611b6e1aafa82af302_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:0ffb28605471f52ffb11c090e3ac49c58ee96a6dc4fe13d851ee8a647e413f15_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:0ffb28605471f52ffb11c090e3ac49c58ee96a6dc4fe13d851ee8a647e413f15_amd64"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:0ffb28605471f52ffb11c090e3ac49c58ee96a6dc4fe13d851ee8a647e413f15_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:28dd159630562c2cf106fd9c90ee2f0eb6c27eb20f44a0ad89aa62df28ba5686_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:28dd159630562c2cf106fd9c90ee2f0eb6c27eb20f44a0ad89aa62df28ba5686_arm64"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:28dd159630562c2cf106fd9c90ee2f0eb6c27eb20f44a0ad89aa62df28ba5686_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:4346d91114d23b5e794c67fff10560730b51a38376cdbae0787c4d9cde7a419a_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:4346d91114d23b5e794c67fff10560730b51a38376cdbae0787c4d9cde7a419a_s390x"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:4346d91114d23b5e794c67fff10560730b51a38376cdbae0787c4d9cde7a419a_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:977f445a5a4e5cab65df2ea078ff36b58c25198ee914e5aa7e91533e1d9b7cb5_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:977f445a5a4e5cab65df2ea078ff36b58c25198ee914e5aa7e91533e1d9b7cb5_ppc64le"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:977f445a5a4e5cab65df2ea078ff36b58c25198ee914e5aa7e91533e1d9b7cb5_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:30735e400419bb8c08bfcdc302d3ab97786e7825e89f604e3f6a1f42d727e3ca_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:30735e400419bb8c08bfcdc302d3ab97786e7825e89f604e3f6a1f42d727e3ca_amd64"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:30735e400419bb8c08bfcdc302d3ab97786e7825e89f604e3f6a1f42d727e3ca_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:99cdf691126ba1bd8c3f0279a95dda1c8c76fe257a72f59a479a926a0ac7eba5_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:99cdf691126ba1bd8c3f0279a95dda1c8c76fe257a72f59a479a926a0ac7eba5_ppc64le"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:99cdf691126ba1bd8c3f0279a95dda1c8c76fe257a72f59a479a926a0ac7eba5_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:cbf2da4bfb39ff37c0028bbcae621b5e8e37e32f8b7c622139fbce3f1cc0f8de_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:cbf2da4bfb39ff37c0028bbcae621b5e8e37e32f8b7c622139fbce3f1cc0f8de_arm64"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:cbf2da4bfb39ff37c0028bbcae621b5e8e37e32f8b7c622139fbce3f1cc0f8de_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel8@sha256:f4ae7819aab6a853500b54577955ec9433280b1d839b145971a3a1764a59b52c_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:f4ae7819aab6a853500b54577955ec9433280b1d839b145971a3a1764a59b52c_s390x"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel8@sha256:f4ae7819aab6a853500b54577955ec9433280b1d839b145971a3a1764a59b52c_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:1b33e9cab1b582ad850c95a008c23065a917a53b82d540680884da19e12b99b2_amd64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:1b33e9cab1b582ad850c95a008c23065a917a53b82d540680884da19e12b99b2_amd64"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:1b33e9cab1b582ad850c95a008c23065a917a53b82d540680884da19e12b99b2_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:5960f10bd4d8367edaa123af5adc2186408c21cdf547ce623796a41647269590_s390x as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:5960f10bd4d8367edaa123af5adc2186408c21cdf547ce623796a41647269590_s390x"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:5960f10bd4d8367edaa123af5adc2186408c21cdf547ce623796a41647269590_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:9df5c5f0b8760d015216140a11ca25cb36dd77a51d8a1804670f942cf5372803_ppc64le as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:9df5c5f0b8760d015216140a11ca25cb36dd77a51d8a1804670f942cf5372803_ppc64le"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:9df5c5f0b8760d015216140a11ca25cb36dd77a51d8a1804670f942cf5372803_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:fcaf1df1c9c3b91a3a8342fb1ee44f1928f4d5adc168435dafb72c0ab0a7e124_arm64 as a component of RHOSSM 2.5 for RHEL 8",
"product_id": "8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:fcaf1df1c9c3b91a3a8342fb1ee44f1928f4d5adc168435dafb72c0ab0a7e124_arm64"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:fcaf1df1c9c3b91a3a8342fb1ee44f1928f4d5adc168435dafb72c0ab0a7e124_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-39338",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2024-08-13T17:21:32.774718+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2304369"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Axios HTTP Client. It is vulnerable to a server-side request forgery attack (SSRF) caused by unexpected behavior where requests for path-relative URLs get processed as protocol-relative URLs. This flaw allows an attacker to perform arbitrary requests from the server, potentially accessing internal systems or exfiltrating sensitive data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: axios: Server-Side Request Forgery",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as IMPORTANT because it can be exploited remotely with low complexity and without user interaction, it poses a significant risk to confidentiality.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:0e5a5f9e98b1181a4624abaeae779a52a9f23b885bf5c49b501cb89b47ea57e8_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:650a7a328845a5614844e5121d3fb643860f851985c263759d8b3fc4d3837fed_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:880dc5db1971ed397af223519a8a43b513dbba90eae5fd09f173b0051f159c22_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:a64c67b2bb9cddc99836dd93c169043b3ee048cfca7d7ad4ec28fada75c3240a_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:30451a29ff2f14bf8c4f210ebf000679ce0ffa4af5fb6d7e931402ca4c0698f6_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:3c32da67d342a74b171f28049ff997014ed7ba4a9a63bcddf1bcd4761df91d6d_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:4de88f118f7f0f9c82dedb534d2201a969a6eb7129862fbe99d977619346a91e_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:7e8ec2e701f32afd8502a40809cf7d707679cfc7bced4b7545d4c828617809ba_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:10a472f7556e95753ed1ed78e68107539a4fa21edd99c5c971442ad9f8ea6160_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:2fa038769856650e23d56871f3b9746f82f7b1d0ae20287779e4d8c895642212_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:95a0d1e8765e6e983635c0ed5e7ba7c5ce8deaa3f702d41557b7cce20755f997_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:fcceb12b4878f180a9e4263c22e04a3b048a88951b9b4dbf735dc59bbe92cedc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:55220093363a18cdb2da2183df4c645831c20a070fae3ffa8ddb163cd1a0dd1c_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9e39df1296cd22c9ee4c9fe291bd8d2555466d212a32047b3f6c64ca993563f0_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce777a4c38bef7988300446caaea03e9eef9ea6e5260a9558e09af81a9b866b2_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:e12ca81c2bf4f7d29444833e92a06eec5da433e931803e89c5315fa61afa0f04_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:68588cd4073be83b9e42fbde29656bbb9e007b53c47d1b943d19aebe624e61c1_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:8a1dbff7cea816ea96546e6d1647b5ab439c85ec2a76c3d74dadb462da71000f_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:c07e3a2ac395e06468105553dce097334f262c3f94d96cafc500660ed29eb91d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:e2be27500e84f830a79c1a8f141d9efb33bd02464239e5611b6e1aafa82af302_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:0ffb28605471f52ffb11c090e3ac49c58ee96a6dc4fe13d851ee8a647e413f15_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:28dd159630562c2cf106fd9c90ee2f0eb6c27eb20f44a0ad89aa62df28ba5686_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:4346d91114d23b5e794c67fff10560730b51a38376cdbae0787c4d9cde7a419a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:977f445a5a4e5cab65df2ea078ff36b58c25198ee914e5aa7e91533e1d9b7cb5_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:30735e400419bb8c08bfcdc302d3ab97786e7825e89f604e3f6a1f42d727e3ca_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:99cdf691126ba1bd8c3f0279a95dda1c8c76fe257a72f59a479a926a0ac7eba5_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:cbf2da4bfb39ff37c0028bbcae621b5e8e37e32f8b7c622139fbce3f1cc0f8de_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:f4ae7819aab6a853500b54577955ec9433280b1d839b145971a3a1764a59b52c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:1b33e9cab1b582ad850c95a008c23065a917a53b82d540680884da19e12b99b2_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:5960f10bd4d8367edaa123af5adc2186408c21cdf547ce623796a41647269590_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:9df5c5f0b8760d015216140a11ca25cb36dd77a51d8a1804670f942cf5372803_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:fcaf1df1c9c3b91a3a8342fb1ee44f1928f4d5adc168435dafb72c0ab0a7e124_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-39338"
},
{
"category": "external",
"summary": "RHBZ#2304369",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304369"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-39338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39338"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-39338",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39338"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/releases",
"url": "https://github.com/axios/axios/releases"
},
{
"category": "external",
"summary": "https://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.html",
"url": "https://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.html"
}
],
"release_date": "2024-08-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-03T10:05:02+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:0e5a5f9e98b1181a4624abaeae779a52a9f23b885bf5c49b501cb89b47ea57e8_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:650a7a328845a5614844e5121d3fb643860f851985c263759d8b3fc4d3837fed_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:880dc5db1971ed397af223519a8a43b513dbba90eae5fd09f173b0051f159c22_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:a64c67b2bb9cddc99836dd93c169043b3ee048cfca7d7ad4ec28fada75c3240a_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:30451a29ff2f14bf8c4f210ebf000679ce0ffa4af5fb6d7e931402ca4c0698f6_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:3c32da67d342a74b171f28049ff997014ed7ba4a9a63bcddf1bcd4761df91d6d_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:4de88f118f7f0f9c82dedb534d2201a969a6eb7129862fbe99d977619346a91e_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:7e8ec2e701f32afd8502a40809cf7d707679cfc7bced4b7545d4c828617809ba_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:10a472f7556e95753ed1ed78e68107539a4fa21edd99c5c971442ad9f8ea6160_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:2fa038769856650e23d56871f3b9746f82f7b1d0ae20287779e4d8c895642212_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:95a0d1e8765e6e983635c0ed5e7ba7c5ce8deaa3f702d41557b7cce20755f997_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:fcceb12b4878f180a9e4263c22e04a3b048a88951b9b4dbf735dc59bbe92cedc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:55220093363a18cdb2da2183df4c645831c20a070fae3ffa8ddb163cd1a0dd1c_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9e39df1296cd22c9ee4c9fe291bd8d2555466d212a32047b3f6c64ca993563f0_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce777a4c38bef7988300446caaea03e9eef9ea6e5260a9558e09af81a9b866b2_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:e12ca81c2bf4f7d29444833e92a06eec5da433e931803e89c5315fa61afa0f04_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:68588cd4073be83b9e42fbde29656bbb9e007b53c47d1b943d19aebe624e61c1_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:8a1dbff7cea816ea96546e6d1647b5ab439c85ec2a76c3d74dadb462da71000f_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:c07e3a2ac395e06468105553dce097334f262c3f94d96cafc500660ed29eb91d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:e2be27500e84f830a79c1a8f141d9efb33bd02464239e5611b6e1aafa82af302_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:0ffb28605471f52ffb11c090e3ac49c58ee96a6dc4fe13d851ee8a647e413f15_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:28dd159630562c2cf106fd9c90ee2f0eb6c27eb20f44a0ad89aa62df28ba5686_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:4346d91114d23b5e794c67fff10560730b51a38376cdbae0787c4d9cde7a419a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:977f445a5a4e5cab65df2ea078ff36b58c25198ee914e5aa7e91533e1d9b7cb5_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:30735e400419bb8c08bfcdc302d3ab97786e7825e89f604e3f6a1f42d727e3ca_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:99cdf691126ba1bd8c3f0279a95dda1c8c76fe257a72f59a479a926a0ac7eba5_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:cbf2da4bfb39ff37c0028bbcae621b5e8e37e32f8b7c622139fbce3f1cc0f8de_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:f4ae7819aab6a853500b54577955ec9433280b1d839b145971a3a1764a59b52c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:1b33e9cab1b582ad850c95a008c23065a917a53b82d540680884da19e12b99b2_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:5960f10bd4d8367edaa123af5adc2186408c21cdf547ce623796a41647269590_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:9df5c5f0b8760d015216140a11ca25cb36dd77a51d8a1804670f942cf5372803_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:fcaf1df1c9c3b91a3a8342fb1ee44f1928f4d5adc168435dafb72c0ab0a7e124_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6210"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:0e5a5f9e98b1181a4624abaeae779a52a9f23b885bf5c49b501cb89b47ea57e8_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:650a7a328845a5614844e5121d3fb643860f851985c263759d8b3fc4d3837fed_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:880dc5db1971ed397af223519a8a43b513dbba90eae5fd09f173b0051f159c22_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:a64c67b2bb9cddc99836dd93c169043b3ee048cfca7d7ad4ec28fada75c3240a_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:30451a29ff2f14bf8c4f210ebf000679ce0ffa4af5fb6d7e931402ca4c0698f6_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:3c32da67d342a74b171f28049ff997014ed7ba4a9a63bcddf1bcd4761df91d6d_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:4de88f118f7f0f9c82dedb534d2201a969a6eb7129862fbe99d977619346a91e_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:7e8ec2e701f32afd8502a40809cf7d707679cfc7bced4b7545d4c828617809ba_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:10a472f7556e95753ed1ed78e68107539a4fa21edd99c5c971442ad9f8ea6160_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:2fa038769856650e23d56871f3b9746f82f7b1d0ae20287779e4d8c895642212_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:95a0d1e8765e6e983635c0ed5e7ba7c5ce8deaa3f702d41557b7cce20755f997_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:fcceb12b4878f180a9e4263c22e04a3b048a88951b9b4dbf735dc59bbe92cedc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:55220093363a18cdb2da2183df4c645831c20a070fae3ffa8ddb163cd1a0dd1c_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9e39df1296cd22c9ee4c9fe291bd8d2555466d212a32047b3f6c64ca993563f0_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce777a4c38bef7988300446caaea03e9eef9ea6e5260a9558e09af81a9b866b2_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:e12ca81c2bf4f7d29444833e92a06eec5da433e931803e89c5315fa61afa0f04_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:68588cd4073be83b9e42fbde29656bbb9e007b53c47d1b943d19aebe624e61c1_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:8a1dbff7cea816ea96546e6d1647b5ab439c85ec2a76c3d74dadb462da71000f_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:c07e3a2ac395e06468105553dce097334f262c3f94d96cafc500660ed29eb91d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:e2be27500e84f830a79c1a8f141d9efb33bd02464239e5611b6e1aafa82af302_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:0ffb28605471f52ffb11c090e3ac49c58ee96a6dc4fe13d851ee8a647e413f15_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:28dd159630562c2cf106fd9c90ee2f0eb6c27eb20f44a0ad89aa62df28ba5686_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:4346d91114d23b5e794c67fff10560730b51a38376cdbae0787c4d9cde7a419a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:977f445a5a4e5cab65df2ea078ff36b58c25198ee914e5aa7e91533e1d9b7cb5_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:30735e400419bb8c08bfcdc302d3ab97786e7825e89f604e3f6a1f42d727e3ca_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:99cdf691126ba1bd8c3f0279a95dda1c8c76fe257a72f59a479a926a0ac7eba5_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:cbf2da4bfb39ff37c0028bbcae621b5e8e37e32f8b7c622139fbce3f1cc0f8de_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:f4ae7819aab6a853500b54577955ec9433280b1d839b145971a3a1764a59b52c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:1b33e9cab1b582ad850c95a008c23065a917a53b82d540680884da19e12b99b2_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:5960f10bd4d8367edaa123af5adc2186408c21cdf547ce623796a41647269590_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:9df5c5f0b8760d015216140a11ca25cb36dd77a51d8a1804670f942cf5372803_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:fcaf1df1c9c3b91a3a8342fb1ee44f1928f4d5adc168435dafb72c0ab0a7e124_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:0e5a5f9e98b1181a4624abaeae779a52a9f23b885bf5c49b501cb89b47ea57e8_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:650a7a328845a5614844e5121d3fb643860f851985c263759d8b3fc4d3837fed_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:880dc5db1971ed397af223519a8a43b513dbba90eae5fd09f173b0051f159c22_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:a64c67b2bb9cddc99836dd93c169043b3ee048cfca7d7ad4ec28fada75c3240a_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:30451a29ff2f14bf8c4f210ebf000679ce0ffa4af5fb6d7e931402ca4c0698f6_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:3c32da67d342a74b171f28049ff997014ed7ba4a9a63bcddf1bcd4761df91d6d_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:4de88f118f7f0f9c82dedb534d2201a969a6eb7129862fbe99d977619346a91e_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:7e8ec2e701f32afd8502a40809cf7d707679cfc7bced4b7545d4c828617809ba_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:10a472f7556e95753ed1ed78e68107539a4fa21edd99c5c971442ad9f8ea6160_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:2fa038769856650e23d56871f3b9746f82f7b1d0ae20287779e4d8c895642212_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:95a0d1e8765e6e983635c0ed5e7ba7c5ce8deaa3f702d41557b7cce20755f997_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:fcceb12b4878f180a9e4263c22e04a3b048a88951b9b4dbf735dc59bbe92cedc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:55220093363a18cdb2da2183df4c645831c20a070fae3ffa8ddb163cd1a0dd1c_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9e39df1296cd22c9ee4c9fe291bd8d2555466d212a32047b3f6c64ca993563f0_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce777a4c38bef7988300446caaea03e9eef9ea6e5260a9558e09af81a9b866b2_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:e12ca81c2bf4f7d29444833e92a06eec5da433e931803e89c5315fa61afa0f04_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:68588cd4073be83b9e42fbde29656bbb9e007b53c47d1b943d19aebe624e61c1_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:8a1dbff7cea816ea96546e6d1647b5ab439c85ec2a76c3d74dadb462da71000f_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:c07e3a2ac395e06468105553dce097334f262c3f94d96cafc500660ed29eb91d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:e2be27500e84f830a79c1a8f141d9efb33bd02464239e5611b6e1aafa82af302_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:0ffb28605471f52ffb11c090e3ac49c58ee96a6dc4fe13d851ee8a647e413f15_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:28dd159630562c2cf106fd9c90ee2f0eb6c27eb20f44a0ad89aa62df28ba5686_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:4346d91114d23b5e794c67fff10560730b51a38376cdbae0787c4d9cde7a419a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:977f445a5a4e5cab65df2ea078ff36b58c25198ee914e5aa7e91533e1d9b7cb5_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:30735e400419bb8c08bfcdc302d3ab97786e7825e89f604e3f6a1f42d727e3ca_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:99cdf691126ba1bd8c3f0279a95dda1c8c76fe257a72f59a479a926a0ac7eba5_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:cbf2da4bfb39ff37c0028bbcae621b5e8e37e32f8b7c622139fbce3f1cc0f8de_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:f4ae7819aab6a853500b54577955ec9433280b1d839b145971a3a1764a59b52c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:1b33e9cab1b582ad850c95a008c23065a917a53b82d540680884da19e12b99b2_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:5960f10bd4d8367edaa123af5adc2186408c21cdf547ce623796a41647269590_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:9df5c5f0b8760d015216140a11ca25cb36dd77a51d8a1804670f942cf5372803_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:fcaf1df1c9c3b91a3a8342fb1ee44f1928f4d5adc168435dafb72c0ab0a7e124_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: axios: Server-Side Request Forgery"
},
{
"cve": "CVE-2024-42459",
"cwe": {
"id": "CWE-325",
"name": "Missing Cryptographic Step"
},
"discovery_date": "2024-08-02T07:20:12+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2302458"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the NodeJS Elliptic package. When creating EDDSA signatures, the Elliptic package doesn\u0027t properly check the signature length, allowing zeros to be added or removed from the signature without invalidating it, which may result in confidentiality issues.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "elliptic: nodejs/elliptic: EDDSA signature malleability due to missing signature length check",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:0e5a5f9e98b1181a4624abaeae779a52a9f23b885bf5c49b501cb89b47ea57e8_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:650a7a328845a5614844e5121d3fb643860f851985c263759d8b3fc4d3837fed_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:880dc5db1971ed397af223519a8a43b513dbba90eae5fd09f173b0051f159c22_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:a64c67b2bb9cddc99836dd93c169043b3ee048cfca7d7ad4ec28fada75c3240a_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:30451a29ff2f14bf8c4f210ebf000679ce0ffa4af5fb6d7e931402ca4c0698f6_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:3c32da67d342a74b171f28049ff997014ed7ba4a9a63bcddf1bcd4761df91d6d_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:4de88f118f7f0f9c82dedb534d2201a969a6eb7129862fbe99d977619346a91e_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:7e8ec2e701f32afd8502a40809cf7d707679cfc7bced4b7545d4c828617809ba_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:10a472f7556e95753ed1ed78e68107539a4fa21edd99c5c971442ad9f8ea6160_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:2fa038769856650e23d56871f3b9746f82f7b1d0ae20287779e4d8c895642212_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:95a0d1e8765e6e983635c0ed5e7ba7c5ce8deaa3f702d41557b7cce20755f997_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:fcceb12b4878f180a9e4263c22e04a3b048a88951b9b4dbf735dc59bbe92cedc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:55220093363a18cdb2da2183df4c645831c20a070fae3ffa8ddb163cd1a0dd1c_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9e39df1296cd22c9ee4c9fe291bd8d2555466d212a32047b3f6c64ca993563f0_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce777a4c38bef7988300446caaea03e9eef9ea6e5260a9558e09af81a9b866b2_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:e12ca81c2bf4f7d29444833e92a06eec5da433e931803e89c5315fa61afa0f04_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:68588cd4073be83b9e42fbde29656bbb9e007b53c47d1b943d19aebe624e61c1_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:8a1dbff7cea816ea96546e6d1647b5ab439c85ec2a76c3d74dadb462da71000f_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:c07e3a2ac395e06468105553dce097334f262c3f94d96cafc500660ed29eb91d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:e2be27500e84f830a79c1a8f141d9efb33bd02464239e5611b6e1aafa82af302_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:0ffb28605471f52ffb11c090e3ac49c58ee96a6dc4fe13d851ee8a647e413f15_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:28dd159630562c2cf106fd9c90ee2f0eb6c27eb20f44a0ad89aa62df28ba5686_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:4346d91114d23b5e794c67fff10560730b51a38376cdbae0787c4d9cde7a419a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:977f445a5a4e5cab65df2ea078ff36b58c25198ee914e5aa7e91533e1d9b7cb5_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:30735e400419bb8c08bfcdc302d3ab97786e7825e89f604e3f6a1f42d727e3ca_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:99cdf691126ba1bd8c3f0279a95dda1c8c76fe257a72f59a479a926a0ac7eba5_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:cbf2da4bfb39ff37c0028bbcae621b5e8e37e32f8b7c622139fbce3f1cc0f8de_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:f4ae7819aab6a853500b54577955ec9433280b1d839b145971a3a1764a59b52c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:1b33e9cab1b582ad850c95a008c23065a917a53b82d540680884da19e12b99b2_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:5960f10bd4d8367edaa123af5adc2186408c21cdf547ce623796a41647269590_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:9df5c5f0b8760d015216140a11ca25cb36dd77a51d8a1804670f942cf5372803_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:fcaf1df1c9c3b91a3a8342fb1ee44f1928f4d5adc168435dafb72c0ab0a7e124_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-42459"
},
{
"category": "external",
"summary": "RHBZ#2302458",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302458"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-42459",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42459"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-42459",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-42459"
},
{
"category": "external",
"summary": "https://github.com/indutny/elliptic/pull/317",
"url": "https://github.com/indutny/elliptic/pull/317"
}
],
"release_date": "2024-08-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-03T10:05:02+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:0e5a5f9e98b1181a4624abaeae779a52a9f23b885bf5c49b501cb89b47ea57e8_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:650a7a328845a5614844e5121d3fb643860f851985c263759d8b3fc4d3837fed_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:880dc5db1971ed397af223519a8a43b513dbba90eae5fd09f173b0051f159c22_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:a64c67b2bb9cddc99836dd93c169043b3ee048cfca7d7ad4ec28fada75c3240a_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:30451a29ff2f14bf8c4f210ebf000679ce0ffa4af5fb6d7e931402ca4c0698f6_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:3c32da67d342a74b171f28049ff997014ed7ba4a9a63bcddf1bcd4761df91d6d_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:4de88f118f7f0f9c82dedb534d2201a969a6eb7129862fbe99d977619346a91e_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:7e8ec2e701f32afd8502a40809cf7d707679cfc7bced4b7545d4c828617809ba_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:10a472f7556e95753ed1ed78e68107539a4fa21edd99c5c971442ad9f8ea6160_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:2fa038769856650e23d56871f3b9746f82f7b1d0ae20287779e4d8c895642212_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:95a0d1e8765e6e983635c0ed5e7ba7c5ce8deaa3f702d41557b7cce20755f997_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:fcceb12b4878f180a9e4263c22e04a3b048a88951b9b4dbf735dc59bbe92cedc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:55220093363a18cdb2da2183df4c645831c20a070fae3ffa8ddb163cd1a0dd1c_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9e39df1296cd22c9ee4c9fe291bd8d2555466d212a32047b3f6c64ca993563f0_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce777a4c38bef7988300446caaea03e9eef9ea6e5260a9558e09af81a9b866b2_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:e12ca81c2bf4f7d29444833e92a06eec5da433e931803e89c5315fa61afa0f04_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:68588cd4073be83b9e42fbde29656bbb9e007b53c47d1b943d19aebe624e61c1_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:8a1dbff7cea816ea96546e6d1647b5ab439c85ec2a76c3d74dadb462da71000f_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:c07e3a2ac395e06468105553dce097334f262c3f94d96cafc500660ed29eb91d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:e2be27500e84f830a79c1a8f141d9efb33bd02464239e5611b6e1aafa82af302_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:0ffb28605471f52ffb11c090e3ac49c58ee96a6dc4fe13d851ee8a647e413f15_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:28dd159630562c2cf106fd9c90ee2f0eb6c27eb20f44a0ad89aa62df28ba5686_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:4346d91114d23b5e794c67fff10560730b51a38376cdbae0787c4d9cde7a419a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:977f445a5a4e5cab65df2ea078ff36b58c25198ee914e5aa7e91533e1d9b7cb5_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:30735e400419bb8c08bfcdc302d3ab97786e7825e89f604e3f6a1f42d727e3ca_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:99cdf691126ba1bd8c3f0279a95dda1c8c76fe257a72f59a479a926a0ac7eba5_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:cbf2da4bfb39ff37c0028bbcae621b5e8e37e32f8b7c622139fbce3f1cc0f8de_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:f4ae7819aab6a853500b54577955ec9433280b1d839b145971a3a1764a59b52c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:1b33e9cab1b582ad850c95a008c23065a917a53b82d540680884da19e12b99b2_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:5960f10bd4d8367edaa123af5adc2186408c21cdf547ce623796a41647269590_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:9df5c5f0b8760d015216140a11ca25cb36dd77a51d8a1804670f942cf5372803_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:fcaf1df1c9c3b91a3a8342fb1ee44f1928f4d5adc168435dafb72c0ab0a7e124_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6210"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:0e5a5f9e98b1181a4624abaeae779a52a9f23b885bf5c49b501cb89b47ea57e8_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:650a7a328845a5614844e5121d3fb643860f851985c263759d8b3fc4d3837fed_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:880dc5db1971ed397af223519a8a43b513dbba90eae5fd09f173b0051f159c22_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:a64c67b2bb9cddc99836dd93c169043b3ee048cfca7d7ad4ec28fada75c3240a_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:30451a29ff2f14bf8c4f210ebf000679ce0ffa4af5fb6d7e931402ca4c0698f6_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:3c32da67d342a74b171f28049ff997014ed7ba4a9a63bcddf1bcd4761df91d6d_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:4de88f118f7f0f9c82dedb534d2201a969a6eb7129862fbe99d977619346a91e_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:7e8ec2e701f32afd8502a40809cf7d707679cfc7bced4b7545d4c828617809ba_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:10a472f7556e95753ed1ed78e68107539a4fa21edd99c5c971442ad9f8ea6160_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:2fa038769856650e23d56871f3b9746f82f7b1d0ae20287779e4d8c895642212_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:95a0d1e8765e6e983635c0ed5e7ba7c5ce8deaa3f702d41557b7cce20755f997_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:fcceb12b4878f180a9e4263c22e04a3b048a88951b9b4dbf735dc59bbe92cedc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:55220093363a18cdb2da2183df4c645831c20a070fae3ffa8ddb163cd1a0dd1c_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9e39df1296cd22c9ee4c9fe291bd8d2555466d212a32047b3f6c64ca993563f0_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce777a4c38bef7988300446caaea03e9eef9ea6e5260a9558e09af81a9b866b2_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:e12ca81c2bf4f7d29444833e92a06eec5da433e931803e89c5315fa61afa0f04_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:68588cd4073be83b9e42fbde29656bbb9e007b53c47d1b943d19aebe624e61c1_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:8a1dbff7cea816ea96546e6d1647b5ab439c85ec2a76c3d74dadb462da71000f_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:c07e3a2ac395e06468105553dce097334f262c3f94d96cafc500660ed29eb91d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:e2be27500e84f830a79c1a8f141d9efb33bd02464239e5611b6e1aafa82af302_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:0ffb28605471f52ffb11c090e3ac49c58ee96a6dc4fe13d851ee8a647e413f15_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:28dd159630562c2cf106fd9c90ee2f0eb6c27eb20f44a0ad89aa62df28ba5686_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:4346d91114d23b5e794c67fff10560730b51a38376cdbae0787c4d9cde7a419a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:977f445a5a4e5cab65df2ea078ff36b58c25198ee914e5aa7e91533e1d9b7cb5_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:30735e400419bb8c08bfcdc302d3ab97786e7825e89f604e3f6a1f42d727e3ca_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:99cdf691126ba1bd8c3f0279a95dda1c8c76fe257a72f59a479a926a0ac7eba5_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:cbf2da4bfb39ff37c0028bbcae621b5e8e37e32f8b7c622139fbce3f1cc0f8de_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:f4ae7819aab6a853500b54577955ec9433280b1d839b145971a3a1764a59b52c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:1b33e9cab1b582ad850c95a008c23065a917a53b82d540680884da19e12b99b2_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:5960f10bd4d8367edaa123af5adc2186408c21cdf547ce623796a41647269590_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:9df5c5f0b8760d015216140a11ca25cb36dd77a51d8a1804670f942cf5372803_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:fcaf1df1c9c3b91a3a8342fb1ee44f1928f4d5adc168435dafb72c0ab0a7e124_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:0e5a5f9e98b1181a4624abaeae779a52a9f23b885bf5c49b501cb89b47ea57e8_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:650a7a328845a5614844e5121d3fb643860f851985c263759d8b3fc4d3837fed_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:880dc5db1971ed397af223519a8a43b513dbba90eae5fd09f173b0051f159c22_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:a64c67b2bb9cddc99836dd93c169043b3ee048cfca7d7ad4ec28fada75c3240a_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:30451a29ff2f14bf8c4f210ebf000679ce0ffa4af5fb6d7e931402ca4c0698f6_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:3c32da67d342a74b171f28049ff997014ed7ba4a9a63bcddf1bcd4761df91d6d_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:4de88f118f7f0f9c82dedb534d2201a969a6eb7129862fbe99d977619346a91e_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:7e8ec2e701f32afd8502a40809cf7d707679cfc7bced4b7545d4c828617809ba_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:10a472f7556e95753ed1ed78e68107539a4fa21edd99c5c971442ad9f8ea6160_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:2fa038769856650e23d56871f3b9746f82f7b1d0ae20287779e4d8c895642212_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:95a0d1e8765e6e983635c0ed5e7ba7c5ce8deaa3f702d41557b7cce20755f997_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:fcceb12b4878f180a9e4263c22e04a3b048a88951b9b4dbf735dc59bbe92cedc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:55220093363a18cdb2da2183df4c645831c20a070fae3ffa8ddb163cd1a0dd1c_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9e39df1296cd22c9ee4c9fe291bd8d2555466d212a32047b3f6c64ca993563f0_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce777a4c38bef7988300446caaea03e9eef9ea6e5260a9558e09af81a9b866b2_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:e12ca81c2bf4f7d29444833e92a06eec5da433e931803e89c5315fa61afa0f04_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:68588cd4073be83b9e42fbde29656bbb9e007b53c47d1b943d19aebe624e61c1_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:8a1dbff7cea816ea96546e6d1647b5ab439c85ec2a76c3d74dadb462da71000f_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:c07e3a2ac395e06468105553dce097334f262c3f94d96cafc500660ed29eb91d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:e2be27500e84f830a79c1a8f141d9efb33bd02464239e5611b6e1aafa82af302_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:0ffb28605471f52ffb11c090e3ac49c58ee96a6dc4fe13d851ee8a647e413f15_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:28dd159630562c2cf106fd9c90ee2f0eb6c27eb20f44a0ad89aa62df28ba5686_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:4346d91114d23b5e794c67fff10560730b51a38376cdbae0787c4d9cde7a419a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:977f445a5a4e5cab65df2ea078ff36b58c25198ee914e5aa7e91533e1d9b7cb5_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:30735e400419bb8c08bfcdc302d3ab97786e7825e89f604e3f6a1f42d727e3ca_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:99cdf691126ba1bd8c3f0279a95dda1c8c76fe257a72f59a479a926a0ac7eba5_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:cbf2da4bfb39ff37c0028bbcae621b5e8e37e32f8b7c622139fbce3f1cc0f8de_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:f4ae7819aab6a853500b54577955ec9433280b1d839b145971a3a1764a59b52c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:1b33e9cab1b582ad850c95a008c23065a917a53b82d540680884da19e12b99b2_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:5960f10bd4d8367edaa123af5adc2186408c21cdf547ce623796a41647269590_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:9df5c5f0b8760d015216140a11ca25cb36dd77a51d8a1804670f942cf5372803_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:fcaf1df1c9c3b91a3a8342fb1ee44f1928f4d5adc168435dafb72c0ab0a7e124_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "elliptic: nodejs/elliptic: EDDSA signature malleability due to missing signature length check"
},
{
"cve": "CVE-2024-42460",
"cwe": {
"id": "CWE-325",
"name": "Missing Cryptographic Step"
},
"discovery_date": "2024-08-02T07:20:14+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2302459"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Elliptic NodeJS package where it fails to properly verify the leading bit for the R and S values used in the ECDSA signature. This issue may lead to a scenario where an attacker can modify the signature without the Elliptic library being able to properly reject it, causing data confidentiality issues.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "elliptic: nodejs/elliptic: ECDSA signature malleability due to missing checks",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:0e5a5f9e98b1181a4624abaeae779a52a9f23b885bf5c49b501cb89b47ea57e8_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:650a7a328845a5614844e5121d3fb643860f851985c263759d8b3fc4d3837fed_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:880dc5db1971ed397af223519a8a43b513dbba90eae5fd09f173b0051f159c22_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:a64c67b2bb9cddc99836dd93c169043b3ee048cfca7d7ad4ec28fada75c3240a_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:30451a29ff2f14bf8c4f210ebf000679ce0ffa4af5fb6d7e931402ca4c0698f6_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:3c32da67d342a74b171f28049ff997014ed7ba4a9a63bcddf1bcd4761df91d6d_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:4de88f118f7f0f9c82dedb534d2201a969a6eb7129862fbe99d977619346a91e_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:7e8ec2e701f32afd8502a40809cf7d707679cfc7bced4b7545d4c828617809ba_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:10a472f7556e95753ed1ed78e68107539a4fa21edd99c5c971442ad9f8ea6160_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:2fa038769856650e23d56871f3b9746f82f7b1d0ae20287779e4d8c895642212_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:95a0d1e8765e6e983635c0ed5e7ba7c5ce8deaa3f702d41557b7cce20755f997_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:fcceb12b4878f180a9e4263c22e04a3b048a88951b9b4dbf735dc59bbe92cedc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:55220093363a18cdb2da2183df4c645831c20a070fae3ffa8ddb163cd1a0dd1c_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9e39df1296cd22c9ee4c9fe291bd8d2555466d212a32047b3f6c64ca993563f0_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce777a4c38bef7988300446caaea03e9eef9ea6e5260a9558e09af81a9b866b2_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:e12ca81c2bf4f7d29444833e92a06eec5da433e931803e89c5315fa61afa0f04_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:68588cd4073be83b9e42fbde29656bbb9e007b53c47d1b943d19aebe624e61c1_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:8a1dbff7cea816ea96546e6d1647b5ab439c85ec2a76c3d74dadb462da71000f_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:c07e3a2ac395e06468105553dce097334f262c3f94d96cafc500660ed29eb91d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:e2be27500e84f830a79c1a8f141d9efb33bd02464239e5611b6e1aafa82af302_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:0ffb28605471f52ffb11c090e3ac49c58ee96a6dc4fe13d851ee8a647e413f15_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:28dd159630562c2cf106fd9c90ee2f0eb6c27eb20f44a0ad89aa62df28ba5686_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:4346d91114d23b5e794c67fff10560730b51a38376cdbae0787c4d9cde7a419a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:977f445a5a4e5cab65df2ea078ff36b58c25198ee914e5aa7e91533e1d9b7cb5_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:30735e400419bb8c08bfcdc302d3ab97786e7825e89f604e3f6a1f42d727e3ca_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:99cdf691126ba1bd8c3f0279a95dda1c8c76fe257a72f59a479a926a0ac7eba5_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:cbf2da4bfb39ff37c0028bbcae621b5e8e37e32f8b7c622139fbce3f1cc0f8de_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:f4ae7819aab6a853500b54577955ec9433280b1d839b145971a3a1764a59b52c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:1b33e9cab1b582ad850c95a008c23065a917a53b82d540680884da19e12b99b2_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:5960f10bd4d8367edaa123af5adc2186408c21cdf547ce623796a41647269590_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:9df5c5f0b8760d015216140a11ca25cb36dd77a51d8a1804670f942cf5372803_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:fcaf1df1c9c3b91a3a8342fb1ee44f1928f4d5adc168435dafb72c0ab0a7e124_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-42460"
},
{
"category": "external",
"summary": "RHBZ#2302459",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302459"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-42460",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42460"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-42460",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-42460"
},
{
"category": "external",
"summary": "https://github.com/indutny/elliptic/pull/317",
"url": "https://github.com/indutny/elliptic/pull/317"
}
],
"release_date": "2024-08-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-03T10:05:02+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:0e5a5f9e98b1181a4624abaeae779a52a9f23b885bf5c49b501cb89b47ea57e8_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:650a7a328845a5614844e5121d3fb643860f851985c263759d8b3fc4d3837fed_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:880dc5db1971ed397af223519a8a43b513dbba90eae5fd09f173b0051f159c22_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:a64c67b2bb9cddc99836dd93c169043b3ee048cfca7d7ad4ec28fada75c3240a_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:30451a29ff2f14bf8c4f210ebf000679ce0ffa4af5fb6d7e931402ca4c0698f6_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:3c32da67d342a74b171f28049ff997014ed7ba4a9a63bcddf1bcd4761df91d6d_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:4de88f118f7f0f9c82dedb534d2201a969a6eb7129862fbe99d977619346a91e_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:7e8ec2e701f32afd8502a40809cf7d707679cfc7bced4b7545d4c828617809ba_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:10a472f7556e95753ed1ed78e68107539a4fa21edd99c5c971442ad9f8ea6160_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:2fa038769856650e23d56871f3b9746f82f7b1d0ae20287779e4d8c895642212_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:95a0d1e8765e6e983635c0ed5e7ba7c5ce8deaa3f702d41557b7cce20755f997_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:fcceb12b4878f180a9e4263c22e04a3b048a88951b9b4dbf735dc59bbe92cedc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:55220093363a18cdb2da2183df4c645831c20a070fae3ffa8ddb163cd1a0dd1c_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9e39df1296cd22c9ee4c9fe291bd8d2555466d212a32047b3f6c64ca993563f0_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce777a4c38bef7988300446caaea03e9eef9ea6e5260a9558e09af81a9b866b2_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:e12ca81c2bf4f7d29444833e92a06eec5da433e931803e89c5315fa61afa0f04_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:68588cd4073be83b9e42fbde29656bbb9e007b53c47d1b943d19aebe624e61c1_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:8a1dbff7cea816ea96546e6d1647b5ab439c85ec2a76c3d74dadb462da71000f_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:c07e3a2ac395e06468105553dce097334f262c3f94d96cafc500660ed29eb91d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:e2be27500e84f830a79c1a8f141d9efb33bd02464239e5611b6e1aafa82af302_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:0ffb28605471f52ffb11c090e3ac49c58ee96a6dc4fe13d851ee8a647e413f15_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:28dd159630562c2cf106fd9c90ee2f0eb6c27eb20f44a0ad89aa62df28ba5686_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:4346d91114d23b5e794c67fff10560730b51a38376cdbae0787c4d9cde7a419a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:977f445a5a4e5cab65df2ea078ff36b58c25198ee914e5aa7e91533e1d9b7cb5_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:30735e400419bb8c08bfcdc302d3ab97786e7825e89f604e3f6a1f42d727e3ca_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:99cdf691126ba1bd8c3f0279a95dda1c8c76fe257a72f59a479a926a0ac7eba5_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:cbf2da4bfb39ff37c0028bbcae621b5e8e37e32f8b7c622139fbce3f1cc0f8de_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:f4ae7819aab6a853500b54577955ec9433280b1d839b145971a3a1764a59b52c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:1b33e9cab1b582ad850c95a008c23065a917a53b82d540680884da19e12b99b2_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:5960f10bd4d8367edaa123af5adc2186408c21cdf547ce623796a41647269590_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:9df5c5f0b8760d015216140a11ca25cb36dd77a51d8a1804670f942cf5372803_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:fcaf1df1c9c3b91a3a8342fb1ee44f1928f4d5adc168435dafb72c0ab0a7e124_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6210"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:0e5a5f9e98b1181a4624abaeae779a52a9f23b885bf5c49b501cb89b47ea57e8_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:650a7a328845a5614844e5121d3fb643860f851985c263759d8b3fc4d3837fed_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:880dc5db1971ed397af223519a8a43b513dbba90eae5fd09f173b0051f159c22_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:a64c67b2bb9cddc99836dd93c169043b3ee048cfca7d7ad4ec28fada75c3240a_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:30451a29ff2f14bf8c4f210ebf000679ce0ffa4af5fb6d7e931402ca4c0698f6_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:3c32da67d342a74b171f28049ff997014ed7ba4a9a63bcddf1bcd4761df91d6d_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:4de88f118f7f0f9c82dedb534d2201a969a6eb7129862fbe99d977619346a91e_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:7e8ec2e701f32afd8502a40809cf7d707679cfc7bced4b7545d4c828617809ba_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:10a472f7556e95753ed1ed78e68107539a4fa21edd99c5c971442ad9f8ea6160_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:2fa038769856650e23d56871f3b9746f82f7b1d0ae20287779e4d8c895642212_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:95a0d1e8765e6e983635c0ed5e7ba7c5ce8deaa3f702d41557b7cce20755f997_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:fcceb12b4878f180a9e4263c22e04a3b048a88951b9b4dbf735dc59bbe92cedc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:55220093363a18cdb2da2183df4c645831c20a070fae3ffa8ddb163cd1a0dd1c_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9e39df1296cd22c9ee4c9fe291bd8d2555466d212a32047b3f6c64ca993563f0_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce777a4c38bef7988300446caaea03e9eef9ea6e5260a9558e09af81a9b866b2_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:e12ca81c2bf4f7d29444833e92a06eec5da433e931803e89c5315fa61afa0f04_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:68588cd4073be83b9e42fbde29656bbb9e007b53c47d1b943d19aebe624e61c1_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:8a1dbff7cea816ea96546e6d1647b5ab439c85ec2a76c3d74dadb462da71000f_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:c07e3a2ac395e06468105553dce097334f262c3f94d96cafc500660ed29eb91d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:e2be27500e84f830a79c1a8f141d9efb33bd02464239e5611b6e1aafa82af302_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:0ffb28605471f52ffb11c090e3ac49c58ee96a6dc4fe13d851ee8a647e413f15_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:28dd159630562c2cf106fd9c90ee2f0eb6c27eb20f44a0ad89aa62df28ba5686_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:4346d91114d23b5e794c67fff10560730b51a38376cdbae0787c4d9cde7a419a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:977f445a5a4e5cab65df2ea078ff36b58c25198ee914e5aa7e91533e1d9b7cb5_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:30735e400419bb8c08bfcdc302d3ab97786e7825e89f604e3f6a1f42d727e3ca_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:99cdf691126ba1bd8c3f0279a95dda1c8c76fe257a72f59a479a926a0ac7eba5_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:cbf2da4bfb39ff37c0028bbcae621b5e8e37e32f8b7c622139fbce3f1cc0f8de_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:f4ae7819aab6a853500b54577955ec9433280b1d839b145971a3a1764a59b52c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:1b33e9cab1b582ad850c95a008c23065a917a53b82d540680884da19e12b99b2_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:5960f10bd4d8367edaa123af5adc2186408c21cdf547ce623796a41647269590_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:9df5c5f0b8760d015216140a11ca25cb36dd77a51d8a1804670f942cf5372803_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:fcaf1df1c9c3b91a3a8342fb1ee44f1928f4d5adc168435dafb72c0ab0a7e124_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:0e5a5f9e98b1181a4624abaeae779a52a9f23b885bf5c49b501cb89b47ea57e8_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:650a7a328845a5614844e5121d3fb643860f851985c263759d8b3fc4d3837fed_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:880dc5db1971ed397af223519a8a43b513dbba90eae5fd09f173b0051f159c22_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:a64c67b2bb9cddc99836dd93c169043b3ee048cfca7d7ad4ec28fada75c3240a_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:30451a29ff2f14bf8c4f210ebf000679ce0ffa4af5fb6d7e931402ca4c0698f6_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:3c32da67d342a74b171f28049ff997014ed7ba4a9a63bcddf1bcd4761df91d6d_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:4de88f118f7f0f9c82dedb534d2201a969a6eb7129862fbe99d977619346a91e_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:7e8ec2e701f32afd8502a40809cf7d707679cfc7bced4b7545d4c828617809ba_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:10a472f7556e95753ed1ed78e68107539a4fa21edd99c5c971442ad9f8ea6160_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:2fa038769856650e23d56871f3b9746f82f7b1d0ae20287779e4d8c895642212_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:95a0d1e8765e6e983635c0ed5e7ba7c5ce8deaa3f702d41557b7cce20755f997_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:fcceb12b4878f180a9e4263c22e04a3b048a88951b9b4dbf735dc59bbe92cedc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:55220093363a18cdb2da2183df4c645831c20a070fae3ffa8ddb163cd1a0dd1c_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9e39df1296cd22c9ee4c9fe291bd8d2555466d212a32047b3f6c64ca993563f0_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce777a4c38bef7988300446caaea03e9eef9ea6e5260a9558e09af81a9b866b2_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:e12ca81c2bf4f7d29444833e92a06eec5da433e931803e89c5315fa61afa0f04_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:68588cd4073be83b9e42fbde29656bbb9e007b53c47d1b943d19aebe624e61c1_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:8a1dbff7cea816ea96546e6d1647b5ab439c85ec2a76c3d74dadb462da71000f_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:c07e3a2ac395e06468105553dce097334f262c3f94d96cafc500660ed29eb91d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:e2be27500e84f830a79c1a8f141d9efb33bd02464239e5611b6e1aafa82af302_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:0ffb28605471f52ffb11c090e3ac49c58ee96a6dc4fe13d851ee8a647e413f15_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:28dd159630562c2cf106fd9c90ee2f0eb6c27eb20f44a0ad89aa62df28ba5686_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:4346d91114d23b5e794c67fff10560730b51a38376cdbae0787c4d9cde7a419a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:977f445a5a4e5cab65df2ea078ff36b58c25198ee914e5aa7e91533e1d9b7cb5_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:30735e400419bb8c08bfcdc302d3ab97786e7825e89f604e3f6a1f42d727e3ca_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:99cdf691126ba1bd8c3f0279a95dda1c8c76fe257a72f59a479a926a0ac7eba5_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:cbf2da4bfb39ff37c0028bbcae621b5e8e37e32f8b7c622139fbce3f1cc0f8de_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:f4ae7819aab6a853500b54577955ec9433280b1d839b145971a3a1764a59b52c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:1b33e9cab1b582ad850c95a008c23065a917a53b82d540680884da19e12b99b2_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:5960f10bd4d8367edaa123af5adc2186408c21cdf547ce623796a41647269590_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:9df5c5f0b8760d015216140a11ca25cb36dd77a51d8a1804670f942cf5372803_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:fcaf1df1c9c3b91a3a8342fb1ee44f1928f4d5adc168435dafb72c0ab0a7e124_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "elliptic: nodejs/elliptic: ECDSA signature malleability due to missing checks"
},
{
"cve": "CVE-2024-42461",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2024-08-02T07:20:17+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2302460"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Elliptic package for Node.js. ECDSA signatures encoded in BER format are improperly validated, allowing leading zeros to be added to the signature without invalidating it, resulting in confidentiality issues.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "elliptic: nodejs/elliptic: ECDSA implementation malleability due to BER-enconded signatures being allowed",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability was found in the elliptic npm package, it is an Improper Verification of Cryptographic Signature that occurs because the library accepts non-strictly BER-encoded signatures.This allows an attacker to create another valid signature for the same message, which may cause issues in systems that rely on unique signatures for identifying transactions.The overall impact on confidentiality is low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:0e5a5f9e98b1181a4624abaeae779a52a9f23b885bf5c49b501cb89b47ea57e8_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:650a7a328845a5614844e5121d3fb643860f851985c263759d8b3fc4d3837fed_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:880dc5db1971ed397af223519a8a43b513dbba90eae5fd09f173b0051f159c22_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:a64c67b2bb9cddc99836dd93c169043b3ee048cfca7d7ad4ec28fada75c3240a_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:30451a29ff2f14bf8c4f210ebf000679ce0ffa4af5fb6d7e931402ca4c0698f6_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:3c32da67d342a74b171f28049ff997014ed7ba4a9a63bcddf1bcd4761df91d6d_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:4de88f118f7f0f9c82dedb534d2201a969a6eb7129862fbe99d977619346a91e_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:7e8ec2e701f32afd8502a40809cf7d707679cfc7bced4b7545d4c828617809ba_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:10a472f7556e95753ed1ed78e68107539a4fa21edd99c5c971442ad9f8ea6160_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:2fa038769856650e23d56871f3b9746f82f7b1d0ae20287779e4d8c895642212_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:95a0d1e8765e6e983635c0ed5e7ba7c5ce8deaa3f702d41557b7cce20755f997_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:fcceb12b4878f180a9e4263c22e04a3b048a88951b9b4dbf735dc59bbe92cedc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:55220093363a18cdb2da2183df4c645831c20a070fae3ffa8ddb163cd1a0dd1c_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9e39df1296cd22c9ee4c9fe291bd8d2555466d212a32047b3f6c64ca993563f0_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce777a4c38bef7988300446caaea03e9eef9ea6e5260a9558e09af81a9b866b2_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:e12ca81c2bf4f7d29444833e92a06eec5da433e931803e89c5315fa61afa0f04_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:68588cd4073be83b9e42fbde29656bbb9e007b53c47d1b943d19aebe624e61c1_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:8a1dbff7cea816ea96546e6d1647b5ab439c85ec2a76c3d74dadb462da71000f_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:c07e3a2ac395e06468105553dce097334f262c3f94d96cafc500660ed29eb91d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:e2be27500e84f830a79c1a8f141d9efb33bd02464239e5611b6e1aafa82af302_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:0ffb28605471f52ffb11c090e3ac49c58ee96a6dc4fe13d851ee8a647e413f15_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:28dd159630562c2cf106fd9c90ee2f0eb6c27eb20f44a0ad89aa62df28ba5686_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:4346d91114d23b5e794c67fff10560730b51a38376cdbae0787c4d9cde7a419a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:977f445a5a4e5cab65df2ea078ff36b58c25198ee914e5aa7e91533e1d9b7cb5_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:30735e400419bb8c08bfcdc302d3ab97786e7825e89f604e3f6a1f42d727e3ca_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:99cdf691126ba1bd8c3f0279a95dda1c8c76fe257a72f59a479a926a0ac7eba5_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:cbf2da4bfb39ff37c0028bbcae621b5e8e37e32f8b7c622139fbce3f1cc0f8de_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:f4ae7819aab6a853500b54577955ec9433280b1d839b145971a3a1764a59b52c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:1b33e9cab1b582ad850c95a008c23065a917a53b82d540680884da19e12b99b2_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:5960f10bd4d8367edaa123af5adc2186408c21cdf547ce623796a41647269590_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:9df5c5f0b8760d015216140a11ca25cb36dd77a51d8a1804670f942cf5372803_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:fcaf1df1c9c3b91a3a8342fb1ee44f1928f4d5adc168435dafb72c0ab0a7e124_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-42461"
},
{
"category": "external",
"summary": "RHBZ#2302460",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302460"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-42461",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42461"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-42461",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-42461"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-49q7-c7j4-3p7m",
"url": "https://github.com/advisories/GHSA-49q7-c7j4-3p7m"
},
{
"category": "external",
"summary": "https://github.com/indutny/elliptic/pull/317",
"url": "https://github.com/indutny/elliptic/pull/317"
}
],
"release_date": "2024-08-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-03T10:05:02+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:0e5a5f9e98b1181a4624abaeae779a52a9f23b885bf5c49b501cb89b47ea57e8_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:650a7a328845a5614844e5121d3fb643860f851985c263759d8b3fc4d3837fed_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:880dc5db1971ed397af223519a8a43b513dbba90eae5fd09f173b0051f159c22_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:a64c67b2bb9cddc99836dd93c169043b3ee048cfca7d7ad4ec28fada75c3240a_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:30451a29ff2f14bf8c4f210ebf000679ce0ffa4af5fb6d7e931402ca4c0698f6_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:3c32da67d342a74b171f28049ff997014ed7ba4a9a63bcddf1bcd4761df91d6d_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:4de88f118f7f0f9c82dedb534d2201a969a6eb7129862fbe99d977619346a91e_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:7e8ec2e701f32afd8502a40809cf7d707679cfc7bced4b7545d4c828617809ba_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:10a472f7556e95753ed1ed78e68107539a4fa21edd99c5c971442ad9f8ea6160_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:2fa038769856650e23d56871f3b9746f82f7b1d0ae20287779e4d8c895642212_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:95a0d1e8765e6e983635c0ed5e7ba7c5ce8deaa3f702d41557b7cce20755f997_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:fcceb12b4878f180a9e4263c22e04a3b048a88951b9b4dbf735dc59bbe92cedc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:55220093363a18cdb2da2183df4c645831c20a070fae3ffa8ddb163cd1a0dd1c_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9e39df1296cd22c9ee4c9fe291bd8d2555466d212a32047b3f6c64ca993563f0_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce777a4c38bef7988300446caaea03e9eef9ea6e5260a9558e09af81a9b866b2_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:e12ca81c2bf4f7d29444833e92a06eec5da433e931803e89c5315fa61afa0f04_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:68588cd4073be83b9e42fbde29656bbb9e007b53c47d1b943d19aebe624e61c1_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:8a1dbff7cea816ea96546e6d1647b5ab439c85ec2a76c3d74dadb462da71000f_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:c07e3a2ac395e06468105553dce097334f262c3f94d96cafc500660ed29eb91d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:e2be27500e84f830a79c1a8f141d9efb33bd02464239e5611b6e1aafa82af302_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:0ffb28605471f52ffb11c090e3ac49c58ee96a6dc4fe13d851ee8a647e413f15_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:28dd159630562c2cf106fd9c90ee2f0eb6c27eb20f44a0ad89aa62df28ba5686_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:4346d91114d23b5e794c67fff10560730b51a38376cdbae0787c4d9cde7a419a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:977f445a5a4e5cab65df2ea078ff36b58c25198ee914e5aa7e91533e1d9b7cb5_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:30735e400419bb8c08bfcdc302d3ab97786e7825e89f604e3f6a1f42d727e3ca_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:99cdf691126ba1bd8c3f0279a95dda1c8c76fe257a72f59a479a926a0ac7eba5_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:cbf2da4bfb39ff37c0028bbcae621b5e8e37e32f8b7c622139fbce3f1cc0f8de_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:f4ae7819aab6a853500b54577955ec9433280b1d839b145971a3a1764a59b52c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:1b33e9cab1b582ad850c95a008c23065a917a53b82d540680884da19e12b99b2_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:5960f10bd4d8367edaa123af5adc2186408c21cdf547ce623796a41647269590_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:9df5c5f0b8760d015216140a11ca25cb36dd77a51d8a1804670f942cf5372803_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:fcaf1df1c9c3b91a3a8342fb1ee44f1928f4d5adc168435dafb72c0ab0a7e124_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6210"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:0e5a5f9e98b1181a4624abaeae779a52a9f23b885bf5c49b501cb89b47ea57e8_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:650a7a328845a5614844e5121d3fb643860f851985c263759d8b3fc4d3837fed_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:880dc5db1971ed397af223519a8a43b513dbba90eae5fd09f173b0051f159c22_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:a64c67b2bb9cddc99836dd93c169043b3ee048cfca7d7ad4ec28fada75c3240a_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:30451a29ff2f14bf8c4f210ebf000679ce0ffa4af5fb6d7e931402ca4c0698f6_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:3c32da67d342a74b171f28049ff997014ed7ba4a9a63bcddf1bcd4761df91d6d_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:4de88f118f7f0f9c82dedb534d2201a969a6eb7129862fbe99d977619346a91e_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:7e8ec2e701f32afd8502a40809cf7d707679cfc7bced4b7545d4c828617809ba_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:10a472f7556e95753ed1ed78e68107539a4fa21edd99c5c971442ad9f8ea6160_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:2fa038769856650e23d56871f3b9746f82f7b1d0ae20287779e4d8c895642212_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:95a0d1e8765e6e983635c0ed5e7ba7c5ce8deaa3f702d41557b7cce20755f997_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:fcceb12b4878f180a9e4263c22e04a3b048a88951b9b4dbf735dc59bbe92cedc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:55220093363a18cdb2da2183df4c645831c20a070fae3ffa8ddb163cd1a0dd1c_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9e39df1296cd22c9ee4c9fe291bd8d2555466d212a32047b3f6c64ca993563f0_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce777a4c38bef7988300446caaea03e9eef9ea6e5260a9558e09af81a9b866b2_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:e12ca81c2bf4f7d29444833e92a06eec5da433e931803e89c5315fa61afa0f04_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:68588cd4073be83b9e42fbde29656bbb9e007b53c47d1b943d19aebe624e61c1_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:8a1dbff7cea816ea96546e6d1647b5ab439c85ec2a76c3d74dadb462da71000f_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:c07e3a2ac395e06468105553dce097334f262c3f94d96cafc500660ed29eb91d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:e2be27500e84f830a79c1a8f141d9efb33bd02464239e5611b6e1aafa82af302_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:0ffb28605471f52ffb11c090e3ac49c58ee96a6dc4fe13d851ee8a647e413f15_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:28dd159630562c2cf106fd9c90ee2f0eb6c27eb20f44a0ad89aa62df28ba5686_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:4346d91114d23b5e794c67fff10560730b51a38376cdbae0787c4d9cde7a419a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:977f445a5a4e5cab65df2ea078ff36b58c25198ee914e5aa7e91533e1d9b7cb5_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:30735e400419bb8c08bfcdc302d3ab97786e7825e89f604e3f6a1f42d727e3ca_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:99cdf691126ba1bd8c3f0279a95dda1c8c76fe257a72f59a479a926a0ac7eba5_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:cbf2da4bfb39ff37c0028bbcae621b5e8e37e32f8b7c622139fbce3f1cc0f8de_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:f4ae7819aab6a853500b54577955ec9433280b1d839b145971a3a1764a59b52c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:1b33e9cab1b582ad850c95a008c23065a917a53b82d540680884da19e12b99b2_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:5960f10bd4d8367edaa123af5adc2186408c21cdf547ce623796a41647269590_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:9df5c5f0b8760d015216140a11ca25cb36dd77a51d8a1804670f942cf5372803_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:fcaf1df1c9c3b91a3a8342fb1ee44f1928f4d5adc168435dafb72c0ab0a7e124_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:0e5a5f9e98b1181a4624abaeae779a52a9f23b885bf5c49b501cb89b47ea57e8_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:650a7a328845a5614844e5121d3fb643860f851985c263759d8b3fc4d3837fed_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:880dc5db1971ed397af223519a8a43b513dbba90eae5fd09f173b0051f159c22_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/grafana-rhel8@sha256:a64c67b2bb9cddc99836dd93c169043b3ee048cfca7d7ad4ec28fada75c3240a_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:30451a29ff2f14bf8c4f210ebf000679ce0ffa4af5fb6d7e931402ca4c0698f6_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:3c32da67d342a74b171f28049ff997014ed7ba4a9a63bcddf1bcd4761df91d6d_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:4de88f118f7f0f9c82dedb534d2201a969a6eb7129862fbe99d977619346a91e_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-cni-rhel8@sha256:7e8ec2e701f32afd8502a40809cf7d707679cfc7bced4b7545d4c828617809ba_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:10a472f7556e95753ed1ed78e68107539a4fa21edd99c5c971442ad9f8ea6160_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:2fa038769856650e23d56871f3b9746f82f7b1d0ae20287779e4d8c895642212_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:95a0d1e8765e6e983635c0ed5e7ba7c5ce8deaa3f702d41557b7cce20755f997_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/istio-must-gather-rhel8@sha256:fcceb12b4878f180a9e4263c22e04a3b048a88951b9b4dbf735dc59bbe92cedc_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:55220093363a18cdb2da2183df4c645831c20a070fae3ffa8ddb163cd1a0dd1c_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9e39df1296cd22c9ee4c9fe291bd8d2555466d212a32047b3f6c64ca993563f0_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:ce777a4c38bef7988300446caaea03e9eef9ea6e5260a9558e09af81a9b866b2_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-ossmc-rhel8@sha256:e12ca81c2bf4f7d29444833e92a06eec5da433e931803e89c5315fa61afa0f04_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:68588cd4073be83b9e42fbde29656bbb9e007b53c47d1b943d19aebe624e61c1_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:8a1dbff7cea816ea96546e6d1647b5ab439c85ec2a76c3d74dadb462da71000f_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:c07e3a2ac395e06468105553dce097334f262c3f94d96cafc500660ed29eb91d_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/kiali-rhel8@sha256:e2be27500e84f830a79c1a8f141d9efb33bd02464239e5611b6e1aafa82af302_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:0ffb28605471f52ffb11c090e3ac49c58ee96a6dc4fe13d851ee8a647e413f15_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:28dd159630562c2cf106fd9c90ee2f0eb6c27eb20f44a0ad89aa62df28ba5686_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:4346d91114d23b5e794c67fff10560730b51a38376cdbae0787c4d9cde7a419a_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/pilot-rhel8@sha256:977f445a5a4e5cab65df2ea078ff36b58c25198ee914e5aa7e91533e1d9b7cb5_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:30735e400419bb8c08bfcdc302d3ab97786e7825e89f604e3f6a1f42d727e3ca_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:99cdf691126ba1bd8c3f0279a95dda1c8c76fe257a72f59a479a926a0ac7eba5_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:cbf2da4bfb39ff37c0028bbcae621b5e8e37e32f8b7c622139fbce3f1cc0f8de_arm64",
"8Base-RHOSSM-2.5:openshift-service-mesh/proxyv2-rhel8@sha256:f4ae7819aab6a853500b54577955ec9433280b1d839b145971a3a1764a59b52c_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:1b33e9cab1b582ad850c95a008c23065a917a53b82d540680884da19e12b99b2_amd64",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:5960f10bd4d8367edaa123af5adc2186408c21cdf547ce623796a41647269590_s390x",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:9df5c5f0b8760d015216140a11ca25cb36dd77a51d8a1804670f942cf5372803_ppc64le",
"8Base-RHOSSM-2.5:openshift-service-mesh/ratelimit-rhel8@sha256:fcaf1df1c9c3b91a3a8342fb1ee44f1928f4d5adc168435dafb72c0ab0a7e124_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "elliptic: nodejs/elliptic: ECDSA implementation malleability due to BER-enconded signatures being allowed"
}
]
}
RHSA-2024:6211
Vulnerability from csaf_redhat - Published: 2024-09-03 10:05 - Updated: 2026-06-02 17:43Summary
Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.6.1 security update
Severity
Important
Notes
Topic: Red Hat OpenShift Service Mesh Containers for 2.6.1
Red Hat Product Security has rated this update as having a security impact of
Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a
detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
Details: Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.
Security Fix(es):
* axios: Server-Side Request Forgery (CVE-2024-39338)
* express: cause malformed URLs to be evaluated (CVE-2024-29041)
* micromatch: vulnerable to Regular Expression Denial of Service (CVE-2024-4067)
* braces: fails to limit the number of characters it can handle (CVE-2024-4068)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the NPM package `micromatch` where it is vulnerable to a regular expression denial of service (ReDoS). The issue occurs in `micromatch.braces()` in `index.js` because the pattern `.*` will readily match anything. By passing a malicious payload, the pattern matching will keep backtracking to the input while it doesn't find the closing bracket. As the input size increases, the consumption time will also increase until it causes the application to hang or slow down. There was a merged fix but further testing shows the issue persists. This issue should be mitigated by using a safe pattern that won't start backtracking the regular expression due to greedy matching.
7.5 (High)
Affected products
Fixed
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the NPM package `braces.` It fails to limit the number of characters it can handle, which could lead to memory exhaustion. In `lib/parse.js,` if a malicious user sends "imbalanced braces" as input, the parsing will enter a loop, causing the program to start allocating heap memory without freeing it at any moment of the loop. Eventually, the JavaScript heap limit is reached, and the program will crash.
7.5 (High)
Affected products
Fixed
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the Express.js minimalist web framework for node. Upstream versions of Express.js before 4.19.0 and all pre-release alpha and beta versions of 5.0 are affected by an open redirect vulnerability using malformed URLs. When a user of Express performs a redirect using a user-provided URL, Express performs an encode [using `encodeurl`](https://github.com/pillarjs/encodeurl) on the contents before passing it to the `location` header. This issue can cause malformed URLs to be evaluated in unexpected ways by common redirect allow list implementations in Express applications, leading to an Open Redirect via bypass of a properly implemented allow list. The main method impacted is `res.location()`, but this is also called from within `res.redirect()`. The vulnerability is fixed in upstream version 4.19.2 and 5.0.0-beta.3.
6.1 (Medium)
Affected products
Fixed
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A vulnerability was found in the Axios HTTP Client. It is vulnerable to a server-side request forgery attack (SSRF) caused by unexpected behavior where requests for path-relative URLs get processed as protocol-relative URLs. This flaw allows an attacker to perform arbitrary requests from the server, potentially accessing internal systems or exfiltrating sensitive data.
7.5 (High)
Affected products
Fixed
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
References
36 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Service Mesh Containers for 2.6.1\n\nRed Hat Product Security has rated this update as having a security impact of\nImportant. A Common Vulnerability Scoring System (CVSS) base score, which gives a\ndetailed severity rating, is available for each vulnerability from the CVE\nlink(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Service Mesh is Red Hat\u0027s distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.\n\nSecurity Fix(es):\n* axios: Server-Side Request Forgery (CVE-2024-39338)\n* express: cause malformed URLs to be evaluated (CVE-2024-29041)\n* micromatch: vulnerable to Regular Expression Denial of Service (CVE-2024-4067)\n* braces: fails to limit the number of characters it can handle (CVE-2024-4068)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:6211",
"url": "https://access.redhat.com/errata/RHSA-2024:6211"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "OSSM-6857",
"url": "https://issues.redhat.com/browse/OSSM-6857"
},
{
"category": "external",
"summary": "OSSM-8006",
"url": "https://issues.redhat.com/browse/OSSM-8006"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_6211.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.6.1 security update",
"tracking": {
"current_release_date": "2026-06-02T17:43:12+00:00",
"generator": {
"date": "2026-06-02T17:43:12+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2024:6211",
"initial_release_date": "2024-09-03T10:05:20+00:00",
"revision_history": [
{
"date": "2024-09-03T10:05:20+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-09-03T10:05:20+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-02T17:43:12+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHOSSM 2.6 for RHEL 8",
"product": {
"name": "RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_mesh:2.6::el8"
}
}
},
{
"category": "product_name",
"name": "RHOSSM 2.6 for RHEL 9",
"product": {
"name": "RHOSSM 2.6 for RHEL 9",
"product_id": "9Base-RHOSSM-2.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_mesh:2.6::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Service Mesh"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.89.0-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.6.1-7"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.6.1-6"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.89.1-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64",
"product_id": "openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8-operator\u0026tag=1.89.1-1"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.6.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64",
"product": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64",
"product_id": "openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel8-operator\u0026tag=2.6.1-9"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.6.1-7"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64",
"product_id": "openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel9\u0026tag=2.6.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.6.1-6"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.89.0-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.6.1-7"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.6.1-6"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.89.1-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le",
"product": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le",
"product_id": "openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8-operator\u0026tag=1.89.1-1"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.6.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le",
"product": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le",
"product_id": "openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel8-operator\u0026tag=2.6.1-9"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.6.1-7"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le",
"product_id": "openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel9\u0026tag=2.6.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.6.1-6"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.89.0-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.6.1-7"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.6.1-6"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.89.1-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x",
"product": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x",
"product_id": "openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8-operator\u0026tag=1.89.1-1"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.6.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x",
"product": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x",
"product_id": "openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel8-operator\u0026tag=2.6.1-9"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.6.1-7"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x",
"product_id": "openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel9\u0026tag=2.6.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.6.1-6"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.89.0-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.6.1-7"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.6.1-6"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.89.1-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64",
"product_id": "openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8-operator\u0026tag=1.89.1-1"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.6.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64",
"product": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64",
"product_id": "openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel8-operator\u0026tag=2.6.1-9"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.6.1-7"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64",
"product_id": "openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel9\u0026tag=2.6.1-4"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.6.1-6"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x"
},
"product_reference": "openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64"
},
"product_reference": "openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64"
},
"product_reference": "openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le"
},
"product_reference": "openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x"
},
"product_reference": "openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le"
},
"product_reference": "openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64 as a component of RHOSSM 2.6 for RHEL 9",
"product_id": "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64",
"relates_to_product_reference": "9Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64 as a component of RHOSSM 2.6 for RHEL 9",
"product_id": "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64",
"relates_to_product_reference": "9Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le as a component of RHOSSM 2.6 for RHEL 9",
"product_id": "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le",
"relates_to_product_reference": "9Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x as a component of RHOSSM 2.6 for RHEL 9",
"product_id": "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x",
"relates_to_product_reference": "9Base-RHOSSM-2.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-4067",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2024-05-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2280601"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the NPM package `micromatch` where it is vulnerable to a regular expression denial of service (ReDoS). The issue occurs in `micromatch.braces()` in `index.js` because the pattern `.*` will readily match anything. By passing a malicious payload, the pattern matching will keep backtracking to the input while it doesn\u0027t find the closing bracket. As the input size increases, the consumption time will also increase until it causes the application to hang or slow down. There was a merged fix but further testing shows the issue persists. This issue should be mitigated by using a safe pattern that won\u0027t start backtracking the regular expression due to greedy matching.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "micromatch: vulnerable to Regular Expression Denial of Service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-4067"
},
{
"category": "external",
"summary": "RHBZ#2280601",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280601"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-4067",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4067"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-4067",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4067"
},
{
"category": "external",
"summary": "https://devhub.checkmarx.com/cve-details/CVE-2024-4067/",
"url": "https://devhub.checkmarx.com/cve-details/CVE-2024-4067/"
},
{
"category": "external",
"summary": "https://github.com/micromatch/micromatch/blob/2c56a8604b68c1099e7bc0f807ce0865a339747a/index.js#L448",
"url": "https://github.com/micromatch/micromatch/blob/2c56a8604b68c1099e7bc0f807ce0865a339747a/index.js#L448"
},
{
"category": "external",
"summary": "https://github.com/micromatch/micromatch/issues/243",
"url": "https://github.com/micromatch/micromatch/issues/243"
},
{
"category": "external",
"summary": "https://github.com/micromatch/micromatch/pull/247",
"url": "https://github.com/micromatch/micromatch/pull/247"
}
],
"release_date": "2023-12-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-03T10:05:20+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6211"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "micromatch: vulnerable to Regular Expression Denial of Service"
},
{
"cve": "CVE-2024-4068",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2024-05-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2280600"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the NPM package `braces.` It fails to limit the number of characters it can handle, which could lead to memory exhaustion. In `lib/parse.js,` if a malicious user sends \"imbalanced braces\" as input, the parsing will enter a loop, causing the program to start allocating heap memory without freeing it at any moment of the loop. Eventually, the JavaScript heap limit is reached, and the program will crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "braces: fails to limit the number of characters it can handle",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-4068"
},
{
"category": "external",
"summary": "RHBZ#2280600",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280600"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-4068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4068"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-4068",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4068"
},
{
"category": "external",
"summary": "https://devhub.checkmarx.com/cve-details/CVE-2024-4068/",
"url": "https://devhub.checkmarx.com/cve-details/CVE-2024-4068/"
},
{
"category": "external",
"summary": "https://github.com/micromatch/braces/blob/98414f9f1fabe021736e26836d8306d5de747e0d/lib/parse.js#L308",
"url": "https://github.com/micromatch/braces/blob/98414f9f1fabe021736e26836d8306d5de747e0d/lib/parse.js#L308"
},
{
"category": "external",
"summary": "https://github.com/micromatch/braces/issues/35",
"url": "https://github.com/micromatch/braces/issues/35"
}
],
"release_date": "2024-03-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-03T10:05:20+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6211"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "braces: fails to limit the number of characters it can handle"
},
{
"cve": "CVE-2024-29041",
"cwe": {
"id": "CWE-601",
"name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
},
"discovery_date": "2024-06-07T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2290901"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Express.js minimalist web framework for node. Upstream versions of Express.js before 4.19.0 and all pre-release alpha and beta versions of 5.0 are affected by an open redirect vulnerability using malformed URLs. When a user of Express performs a redirect using a user-provided URL, Express performs an encode [using `encodeurl`](https://github.com/pillarjs/encodeurl) on the contents before passing it to the `location` header. This issue can cause malformed URLs to be evaluated in unexpected ways by common redirect allow list implementations in Express applications, leading to an Open Redirect via bypass of a properly implemented allow list. The main method impacted is `res.location()`, but this is also called from within `res.redirect()`. The vulnerability is fixed in upstream version 4.19.2 and 5.0.0-beta.3.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "express: cause malformed URLs to be evaluated",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Fuse 7 only uses express as part of build time development dependency, it is not part of the final product delivery.\n\nUpstream versions should not be relied upon for ultimate determination of affectedness. Red Hat might backport fixes from upstream versions on a case by case basis.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-29041"
},
{
"category": "external",
"summary": "RHBZ#2290901",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2290901"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-29041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29041"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29041",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29041"
},
{
"category": "external",
"summary": "https://expressjs.com/en/4x/api.html#res.location",
"url": "https://expressjs.com/en/4x/api.html#res.location"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/commit/0867302ddbde0e9463d0564fea5861feb708c2dd",
"url": "https://github.com/expressjs/express/commit/0867302ddbde0e9463d0564fea5861feb708c2dd"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/commit/0b746953c4bd8e377123527db11f9cd866e39f94",
"url": "https://github.com/expressjs/express/commit/0b746953c4bd8e377123527db11f9cd866e39f94"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/pull/5539",
"url": "https://github.com/expressjs/express/pull/5539"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/security/advisories/GHSA-rv95-896h-c2vc",
"url": "https://github.com/expressjs/express/security/advisories/GHSA-rv95-896h-c2vc"
},
{
"category": "external",
"summary": "https://github.com/koajs/koa/issues/1800",
"url": "https://github.com/koajs/koa/issues/1800"
}
],
"release_date": "2024-03-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-03T10:05:20+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6211"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "express: cause malformed URLs to be evaluated"
},
{
"cve": "CVE-2024-39338",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2024-08-13T17:21:32.774718+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2304369"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Axios HTTP Client. It is vulnerable to a server-side request forgery attack (SSRF) caused by unexpected behavior where requests for path-relative URLs get processed as protocol-relative URLs. This flaw allows an attacker to perform arbitrary requests from the server, potentially accessing internal systems or exfiltrating sensitive data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: axios: Server-Side Request Forgery",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as IMPORTANT because it can be exploited remotely with low complexity and without user interaction, it poses a significant risk to confidentiality.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-39338"
},
{
"category": "external",
"summary": "RHBZ#2304369",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304369"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-39338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39338"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-39338",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39338"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/releases",
"url": "https://github.com/axios/axios/releases"
},
{
"category": "external",
"summary": "https://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.html",
"url": "https://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.html"
}
],
"release_date": "2024-08-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-03T10:05:20+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6211"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:41381d57cb559e69b1954c25993ac4ce00d2d2732a13bb80a2aa908f9b6c05e5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:5cffbe9de3dbc2af5539fbea83463c38bb1ac39d84e0b60ce0cd82fd339d376f_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:b1b12b545f5567b3f7d891916be9dbfe415c34c6d4e3332f3d7946e1db7f8052_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:df94fe7da914ba3b66b1390c196c9af1fd7e3bc25b66b4546def1f76bab0847e_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:5d7a394e499391e98b93e9f87c6757d4cbc814ecb223b6a081448330676a7d28_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:6e4f82351d5e6015a4ab90b5143c2ab6b01ba3b4d5ad8bc47fde76d0f507a3a2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:a255acbe7b48a3f366195cfede643d3789d47eb2b9ad877f7388e46427dcf056_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:b192218ada6421208ea7deddc7edb10317af79772942a3f443c1578576986df5_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:49910e92876864d013a4da28de10a9ea2df1080fc65c838317804f94cf589edf_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:9dd2c8a6c4b1d45cf24669f322c33ab9e80ed4b7245004f7b938e89cb1c3a775_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:c29144a75a9b498719ba0abc4870718ee5e5e2efa488e887f963876e35c81036_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:d84893b05420f046f74bd9372f4f3497c62b858bf348092741dea5d581bd4110_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:3bb9d82a03c20aaa9bacb4351637771c9b0bb40687b13b67bab9facd9fc8f2b1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:833c0d9fa006db72126475a0d5255ced1d1e53aeb28e880e1ccc2694a22fac5f_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f2f7144831d63df014fe8092daddefc0b2e18155495e02ebc6c1118820e00af0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:f9b28bb240d0babd614dc8178b1267a6b61ab6fd9601af1a54d8077d05166f88_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:0a72b04272f48c8719c62c2bab8d15f2db701c9e2eb5bf0f2ef73efd83ea2af2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:9b422db8e9ff68046ce8040f18a369dd2f2cf5d12b458b9d151f14149892ead1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c1bfb4985d4fd88f8335e5efb90f8ae5e57607337c926ac53cabc1cd51224eee_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:c693ac963582054ed65bf79593a621269532df05250698b3b2906228524c2766_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:1302bf62e8ff1f0e16f048144db723668640c42284f054fe68f181b694a87ba1_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:424d7f84c30efa40b8379bc64d83dc08dd7b2e1d68e6fb5d4a380a39b110be84_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:a94be7f7a94e6981f268808440c99e0487c2da9ffa883e880aed07bf059d80c2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:d9fd6af41cc7909cdab2180ba9bde0896f457fbc6cf247a450b6dac78539cc55_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:12be4945a9160354ff7d794168bfa106e6d2410daee1098a29e6cd191022a44d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:37026371bcf4835d49a1167963bbba762de7cb60ffd037f4601b6bce7976984d_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:74ddab8bc38b4b7dd59076da34058781132a501b1b89156ce543f39cfff05985_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:9dd33d710aa03025bd8db8bf1434d52d56077f71fc730cfbada0bbddf05d4336_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:078adc26665a857c8c007a9d5db1678c4cdc53a915fd7987a495f2349ab7345a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:4fc6ffbeb886713cf13727639602564f4a190bee44740f22c750d27eccf6ec01_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:55dd5d3d0dee4fe619e08e017b0e3d7745a6fef6bc044394eb03c46d9e12e4f2_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:8c870f49e4ce8f91118899ac843987f6ee95c08ec85d15bb7acc53a73903eb9a_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0031860e17e27de522a6060a3ff990a77e23aea6312fd5132afb6da3d3260ef7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:06bde71c0830f9d5876c2d68a3d74e71152b3f24883a76f70ec82a7ca85aea2f_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:8363297c1a1294a204af48b97da703f97514aa92cbe584f17e7b81b49cf40015_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:ee50c8fad74b26357c169b97840d44f050b931ccb80f9cb930bbbed67bb681c0_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:212785428b395c0f3aa628e7c218c3d8a7bd256cc255ca7ea6bd234f70c06754_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:2ed644ec1f74c998d0b4953e527307e39a15fdfbb4baeecc0715d418874f7f70_amd64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:a0df5db3e9cced245da7ad51f8557df94d37d1701525b02feb9ee62cfd72a440_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f493485f1d73bd3144a26803bcd1fc7ba4d5b5487eb4dcb455f9c97c8e54ba97_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: axios: Server-Side Request Forgery"
}
]
}
RHSA-2024:6667
Vulnerability from csaf_redhat - Published: 2024-09-12 21:30 - Updated: 2026-06-02 17:43Summary
Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.16.0 release
Severity
Important
Notes
Topic: Red Hat OpenShift Dev Spaces 3.16 has been released.
All containers have been updated to include feature enhancements, bug fixes and CVE fixes.
Following the Red Hat Product Security standards this update is rated as having a security impact of Important. The Common Vulnerability Scoring System (CVSS) base score is available for every fixed CVE in the references section.
Details: Red Hat OpenShift Dev Spaces provides a cloud developer workspace server and a browser-based IDE built for teams and organizations. Dev Spaces runs in OpenShift and is well-suited for container-based development.
The 3.16 release is based on Eclipse Che 7.90 and uses the DevWorkspace engine to provide support for workspaces based on devfile v2.1 and v2.2.
Users still using the v1 standard should migrate as soon as possible.
https://devfile.io/docs/2.2.0/migrating-to-devfile-v2
Dev Spaces releases support the latest two OpenShift 4 EUS releases. Users are expected to update to newer OpenShift releases in order to continue to get Dev Spaces updates.
https://access.redhat.com/support/policy/updates/openshift#crw
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
In verifyHostName of OkHostnameVerifier.java, there is a possible way to accept a certificate for the wrong domain due to improperly used crypto. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-171980069
7.5 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/server-rhel8@sha256:324aa225723803002a2380488b075451cd60a8842946ea2d5159ad4ce2244aaa_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/server-rhel8@sha256:72b9652056ada0c3360c4f04d46afde5acdcc06c993cda71f8e1e6aaa79bb235_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/server-rhel8@sha256:c150d401685f3d7f2bfdd03927591295c8d7f82e6e2bc410cc4dc314f9900e67_ppc64le | — |
Vendor Fix
fix
|
Known not affected
34 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/code-rhel8@sha256:041378931ee0602b7bacc1b1a469e9bac97cdb77c73249e7ed6b1ab22d63a73e_ppc64le | — | ||
| Unresolved product id: 8Base-RHOSDS-3:devspaces/code-rhel8@sha256:7c44847ee88c3ca6b55302fdd28a9fc643f32213ce47a43f7d34d72e1fb56cd4_amd64 | — | ||
| Unresolved product id: 8Base-RHOSDS-3:devspaces/code-rhel8@sha256:7cbaeaa9210ac27b797bf14b81d77cd2ee90fc0e346320f9c914f6718bf60612_s390x | — | ||
| Unresolved product id: 8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:15bba1a42e790bad55c8290712b3f36abb45975dd793fc107cda8baeb19db5f8_ppc64le | — | ||
| Unresolved product id: 8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:65a064cf2946861ba6b00d3ed60d399b3c37273d8dca7cda0fb4f969657f9a64_amd64 | — | ||
| Unresolved product id: 8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:edac785793c2b5e87d0f7ffeea7bf5129f4958189591e78619f94df7903bd8af_s390x | — | ||
| Unresolved product id: 8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:8ec2a46b1ecf52e944e7ee44bf8275b72f09c71c48d93ee8220f09b3df013f09_amd64 | — | ||
| Unresolved product id: 8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:9fa9ef8ccbf060e44bee2650980acd58db5b8ab7a75321dcc5a015774a4d0d9b_s390x | — | ||
| Unresolved product id: 8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:eccc09d2f5ebcca7748048c68ff36663b07bbf77db698dabb1208532c2ced7a6_ppc64le | — | ||
| Unresolved product id: 8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:124f570a143c892b2a50a3c8d451978d0127eefdf7905cfd6684110b2bbe283b_amd64 | — | ||
| Unresolved product id: 8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:88bf479fe7aed60a3699ff6ddbec895515497cf4a4598e4535d2ece9ab3d403f_ppc64le | — | ||
| Unresolved product id: 8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:9aa2faf93b2dad63b141578afd220505c2f091c3498230b2fcc12827f3b87936_s390x | — | ||
| Unresolved product id: 8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:6c28b6264a66507e2d73500ad8f4c78163e450557bed1eea8cdc964e0233aee5_ppc64le | — | ||
| Unresolved product id: 8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:a58107d4a183fc02637b9f04ca63e71ec61ff93a6f098616bae7c3c8e7488faa_s390x | — | ||
| Unresolved product id: 8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:dcd45d89d8e8a7ab39a1ad2832f97ff46e8b1748991f32b2801eaad9f6eff8ba_amd64 | — | ||
| Unresolved product id: 8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:2d19a94c9ed47a01cfbacdb6f555b748b2dfb5f789eb74a44b6e88ddf34e6ad2_s390x | — | ||
| Unresolved product id: 8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:7b9ffae5f1155a111ded6d4da37e2f1cf7252e01399b8af219c4005fdae08433_ppc64le | — | ||
| Unresolved product id: 8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:95ebe1eee34c39cb97ee35f587be06c801bc1df2799ff22957850484a374eef3_amd64 | — | ||
| Unresolved product id: 8Base-RHOSDS-3:devspaces/idea-rhel8@sha256:5900bae4a8f3937cc2cbe18fe3f9a0e67f9fbe45698a489be10ade4898654512_amd64 | — | ||
| Unresolved product id: 8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:1a60b0526a5a224f3459a2543a126196e023cb72766459240cadb330552e135c_amd64 | — | ||
| Unresolved product id: 8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:6d7ec3176c60abff3cb7dc0c42f01de3422279830992036eabd2ba4cc7239244_ppc64le | — | ||
| Unresolved product id: 8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:ce32303628b801de3c130ecf8dcd182fd242f269864879ddd0ddf43f83f4b76a_s390x | — | ||
| Unresolved product id: 8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:050219134f2c59c7be2109eb20e75dae9d92b930844afe794cee6a8e7751b724_amd64 | — | ||
| Unresolved product id: 8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:16dec22235b1cc87f280b78f9f96842aa3980c3c3a76bf6aeb73ab0c02b198f7_ppc64le | — | ||
| Unresolved product id: 8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:bd454a1865e6b140fa803c6009624db373b38859ea33f12fcd5a23ab90e19b81_s390x | — | ||
| Unresolved product id: 8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:2f4ce15fd04dc92de55196f24faf69c34d17c972f8b031a9563fe6970ef92639_amd64 | — | ||
| Unresolved product id: 8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:3842954883b1bded547b0026745b5c103321a90ae1902bcdb37705a1986cf9c8_s390x | — | ||
| Unresolved product id: 8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:71a8618a93f82f437c726f649fc7de98465482e21b77ea06c272d29ef02fed16_ppc64le | — | ||
| Unresolved product id: 8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:52ff9a81170acfd97df4451aef4830dd5b7474711233d892888b8424982bd158_s390x | — | ||
| Unresolved product id: 8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:67efa1d8929e5f38078357ba1aa17bca1cfa65460f478bafed142afceea0269a_amd64 | — | ||
| Unresolved product id: 8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:c26001afd728fa38fe3fd0842a1767d388b789f66b0272c335f0ef6e1e852c64_ppc64le | — | ||
| Unresolved product id: 8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:43a9111fa0579cc4ab1dc253077af73fb1e76beb963e99bbfdb30dc57ae3c5ef_ppc64le | — | ||
| Unresolved product id: 8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:4be81ccd4ce15e23487a0fcac930141c434f26795f102af608561f6fa4f36661_s390x | — | ||
| Unresolved product id: 8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:82b9a9f22dfbd69356aaf5b8c4cbfb7931974dbfe993ac5a0d35b952dcff96ef_amd64 | — |
Threats
Impact
Moderate
A flaw was found in SquareUp Okio. A class GzipSource does not handle an exception that might be raised when parsing a malformed gzip buffer. This issue may allow a malicious user to start processing a malformed file, which can result in a Denial of Service (DoS).
7.5 (High)
Affected products
Fixed
37 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/code-rhel8@sha256:041378931ee0602b7bacc1b1a469e9bac97cdb77c73249e7ed6b1ab22d63a73e_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/code-rhel8@sha256:7c44847ee88c3ca6b55302fdd28a9fc643f32213ce47a43f7d34d72e1fb56cd4_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/code-rhel8@sha256:7cbaeaa9210ac27b797bf14b81d77cd2ee90fc0e346320f9c914f6718bf60612_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:15bba1a42e790bad55c8290712b3f36abb45975dd793fc107cda8baeb19db5f8_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:65a064cf2946861ba6b00d3ed60d399b3c37273d8dca7cda0fb4f969657f9a64_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:edac785793c2b5e87d0f7ffeea7bf5129f4958189591e78619f94df7903bd8af_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:8ec2a46b1ecf52e944e7ee44bf8275b72f09c71c48d93ee8220f09b3df013f09_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:9fa9ef8ccbf060e44bee2650980acd58db5b8ab7a75321dcc5a015774a4d0d9b_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:eccc09d2f5ebcca7748048c68ff36663b07bbf77db698dabb1208532c2ced7a6_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:124f570a143c892b2a50a3c8d451978d0127eefdf7905cfd6684110b2bbe283b_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:88bf479fe7aed60a3699ff6ddbec895515497cf4a4598e4535d2ece9ab3d403f_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:9aa2faf93b2dad63b141578afd220505c2f091c3498230b2fcc12827f3b87936_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:6c28b6264a66507e2d73500ad8f4c78163e450557bed1eea8cdc964e0233aee5_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:a58107d4a183fc02637b9f04ca63e71ec61ff93a6f098616bae7c3c8e7488faa_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:dcd45d89d8e8a7ab39a1ad2832f97ff46e8b1748991f32b2801eaad9f6eff8ba_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:2d19a94c9ed47a01cfbacdb6f555b748b2dfb5f789eb74a44b6e88ddf34e6ad2_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:7b9ffae5f1155a111ded6d4da37e2f1cf7252e01399b8af219c4005fdae08433_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:95ebe1eee34c39cb97ee35f587be06c801bc1df2799ff22957850484a374eef3_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/idea-rhel8@sha256:5900bae4a8f3937cc2cbe18fe3f9a0e67f9fbe45698a489be10ade4898654512_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:1a60b0526a5a224f3459a2543a126196e023cb72766459240cadb330552e135c_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:6d7ec3176c60abff3cb7dc0c42f01de3422279830992036eabd2ba4cc7239244_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:ce32303628b801de3c130ecf8dcd182fd242f269864879ddd0ddf43f83f4b76a_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:050219134f2c59c7be2109eb20e75dae9d92b930844afe794cee6a8e7751b724_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:16dec22235b1cc87f280b78f9f96842aa3980c3c3a76bf6aeb73ab0c02b198f7_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:bd454a1865e6b140fa803c6009624db373b38859ea33f12fcd5a23ab90e19b81_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:2f4ce15fd04dc92de55196f24faf69c34d17c972f8b031a9563fe6970ef92639_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:3842954883b1bded547b0026745b5c103321a90ae1902bcdb37705a1986cf9c8_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:71a8618a93f82f437c726f649fc7de98465482e21b77ea06c272d29ef02fed16_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/server-rhel8@sha256:324aa225723803002a2380488b075451cd60a8842946ea2d5159ad4ce2244aaa_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/server-rhel8@sha256:72b9652056ada0c3360c4f04d46afde5acdcc06c993cda71f8e1e6aaa79bb235_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/server-rhel8@sha256:c150d401685f3d7f2bfdd03927591295c8d7f82e6e2bc410cc4dc314f9900e67_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:52ff9a81170acfd97df4451aef4830dd5b7474711233d892888b8424982bd158_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:67efa1d8929e5f38078357ba1aa17bca1cfa65460f478bafed142afceea0269a_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:c26001afd728fa38fe3fd0842a1767d388b789f66b0272c335f0ef6e1e852c64_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:43a9111fa0579cc4ab1dc253077af73fb1e76beb963e99bbfdb30dc57ae3c5ef_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:4be81ccd4ce15e23487a0fcac930141c434f26795f102af608561f6fa4f36661_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:82b9a9f22dfbd69356aaf5b8c4cbfb7931974dbfe993ac5a0d35b952dcff96ef_amd64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
A flaw was found in the package_index module of pypa/setuptools. Affected versions of this package allow remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptible to code injection. If these functions are exposed to user-controlled inputs, such as package URLs, they can execute arbitrary commands on the system.
8.8 (High)
Affected products
Fixed
37 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/code-rhel8@sha256:041378931ee0602b7bacc1b1a469e9bac97cdb77c73249e7ed6b1ab22d63a73e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/code-rhel8@sha256:7c44847ee88c3ca6b55302fdd28a9fc643f32213ce47a43f7d34d72e1fb56cd4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/code-rhel8@sha256:7cbaeaa9210ac27b797bf14b81d77cd2ee90fc0e346320f9c914f6718bf60612_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:15bba1a42e790bad55c8290712b3f36abb45975dd793fc107cda8baeb19db5f8_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:65a064cf2946861ba6b00d3ed60d399b3c37273d8dca7cda0fb4f969657f9a64_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:edac785793c2b5e87d0f7ffeea7bf5129f4958189591e78619f94df7903bd8af_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:8ec2a46b1ecf52e944e7ee44bf8275b72f09c71c48d93ee8220f09b3df013f09_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:9fa9ef8ccbf060e44bee2650980acd58db5b8ab7a75321dcc5a015774a4d0d9b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:eccc09d2f5ebcca7748048c68ff36663b07bbf77db698dabb1208532c2ced7a6_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:124f570a143c892b2a50a3c8d451978d0127eefdf7905cfd6684110b2bbe283b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:88bf479fe7aed60a3699ff6ddbec895515497cf4a4598e4535d2ece9ab3d403f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:9aa2faf93b2dad63b141578afd220505c2f091c3498230b2fcc12827f3b87936_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:6c28b6264a66507e2d73500ad8f4c78163e450557bed1eea8cdc964e0233aee5_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:a58107d4a183fc02637b9f04ca63e71ec61ff93a6f098616bae7c3c8e7488faa_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:dcd45d89d8e8a7ab39a1ad2832f97ff46e8b1748991f32b2801eaad9f6eff8ba_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:2d19a94c9ed47a01cfbacdb6f555b748b2dfb5f789eb74a44b6e88ddf34e6ad2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:7b9ffae5f1155a111ded6d4da37e2f1cf7252e01399b8af219c4005fdae08433_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:95ebe1eee34c39cb97ee35f587be06c801bc1df2799ff22957850484a374eef3_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/idea-rhel8@sha256:5900bae4a8f3937cc2cbe18fe3f9a0e67f9fbe45698a489be10ade4898654512_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:1a60b0526a5a224f3459a2543a126196e023cb72766459240cadb330552e135c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:6d7ec3176c60abff3cb7dc0c42f01de3422279830992036eabd2ba4cc7239244_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:ce32303628b801de3c130ecf8dcd182fd242f269864879ddd0ddf43f83f4b76a_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:050219134f2c59c7be2109eb20e75dae9d92b930844afe794cee6a8e7751b724_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:16dec22235b1cc87f280b78f9f96842aa3980c3c3a76bf6aeb73ab0c02b198f7_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:bd454a1865e6b140fa803c6009624db373b38859ea33f12fcd5a23ab90e19b81_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:2f4ce15fd04dc92de55196f24faf69c34d17c972f8b031a9563fe6970ef92639_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:3842954883b1bded547b0026745b5c103321a90ae1902bcdb37705a1986cf9c8_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:71a8618a93f82f437c726f649fc7de98465482e21b77ea06c272d29ef02fed16_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/server-rhel8@sha256:324aa225723803002a2380488b075451cd60a8842946ea2d5159ad4ce2244aaa_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/server-rhel8@sha256:72b9652056ada0c3360c4f04d46afde5acdcc06c993cda71f8e1e6aaa79bb235_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/server-rhel8@sha256:c150d401685f3d7f2bfdd03927591295c8d7f82e6e2bc410cc4dc314f9900e67_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:52ff9a81170acfd97df4451aef4830dd5b7474711233d892888b8424982bd158_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:67efa1d8929e5f38078357ba1aa17bca1cfa65460f478bafed142afceea0269a_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:c26001afd728fa38fe3fd0842a1767d388b789f66b0272c335f0ef6e1e852c64_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:43a9111fa0579cc4ab1dc253077af73fb1e76beb963e99bbfdb30dc57ae3c5ef_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:4be81ccd4ce15e23487a0fcac930141c434f26795f102af608561f6fa4f36661_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:82b9a9f22dfbd69356aaf5b8c4cbfb7931974dbfe993ac5a0d35b952dcff96ef_amd64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A vulnerability was found in Spring Security. This issue may lead to Broken Access Control, allowing a malicious user to impact the Confidentiality and Integrity of an application or server. This requires the application to use AuthenticationTrustResolver.isFullyAuthenticated(Authentication) directly and have a null authentication parameter passed to it, resulting in an erroneous true return value.
7.4 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:2f4ce15fd04dc92de55196f24faf69c34d17c972f8b031a9563fe6970ef92639_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:3842954883b1bded547b0026745b5c103321a90ae1902bcdb37705a1986cf9c8_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:71a8618a93f82f437c726f649fc7de98465482e21b77ea06c272d29ef02fed16_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
34 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/code-rhel8@sha256:041378931ee0602b7bacc1b1a469e9bac97cdb77c73249e7ed6b1ab22d63a73e_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/code-rhel8@sha256:7c44847ee88c3ca6b55302fdd28a9fc643f32213ce47a43f7d34d72e1fb56cd4_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/code-rhel8@sha256:7cbaeaa9210ac27b797bf14b81d77cd2ee90fc0e346320f9c914f6718bf60612_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:15bba1a42e790bad55c8290712b3f36abb45975dd793fc107cda8baeb19db5f8_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:65a064cf2946861ba6b00d3ed60d399b3c37273d8dca7cda0fb4f969657f9a64_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:edac785793c2b5e87d0f7ffeea7bf5129f4958189591e78619f94df7903bd8af_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:8ec2a46b1ecf52e944e7ee44bf8275b72f09c71c48d93ee8220f09b3df013f09_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:9fa9ef8ccbf060e44bee2650980acd58db5b8ab7a75321dcc5a015774a4d0d9b_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:eccc09d2f5ebcca7748048c68ff36663b07bbf77db698dabb1208532c2ced7a6_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:124f570a143c892b2a50a3c8d451978d0127eefdf7905cfd6684110b2bbe283b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:88bf479fe7aed60a3699ff6ddbec895515497cf4a4598e4535d2ece9ab3d403f_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:9aa2faf93b2dad63b141578afd220505c2f091c3498230b2fcc12827f3b87936_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:6c28b6264a66507e2d73500ad8f4c78163e450557bed1eea8cdc964e0233aee5_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:a58107d4a183fc02637b9f04ca63e71ec61ff93a6f098616bae7c3c8e7488faa_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:dcd45d89d8e8a7ab39a1ad2832f97ff46e8b1748991f32b2801eaad9f6eff8ba_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:2d19a94c9ed47a01cfbacdb6f555b748b2dfb5f789eb74a44b6e88ddf34e6ad2_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:7b9ffae5f1155a111ded6d4da37e2f1cf7252e01399b8af219c4005fdae08433_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:95ebe1eee34c39cb97ee35f587be06c801bc1df2799ff22957850484a374eef3_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/idea-rhel8@sha256:5900bae4a8f3937cc2cbe18fe3f9a0e67f9fbe45698a489be10ade4898654512_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:1a60b0526a5a224f3459a2543a126196e023cb72766459240cadb330552e135c_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:6d7ec3176c60abff3cb7dc0c42f01de3422279830992036eabd2ba4cc7239244_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:ce32303628b801de3c130ecf8dcd182fd242f269864879ddd0ddf43f83f4b76a_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:050219134f2c59c7be2109eb20e75dae9d92b930844afe794cee6a8e7751b724_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:16dec22235b1cc87f280b78f9f96842aa3980c3c3a76bf6aeb73ab0c02b198f7_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:bd454a1865e6b140fa803c6009624db373b38859ea33f12fcd5a23ab90e19b81_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/server-rhel8@sha256:324aa225723803002a2380488b075451cd60a8842946ea2d5159ad4ce2244aaa_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/server-rhel8@sha256:72b9652056ada0c3360c4f04d46afde5acdcc06c993cda71f8e1e6aaa79bb235_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/server-rhel8@sha256:c150d401685f3d7f2bfdd03927591295c8d7f82e6e2bc410cc4dc314f9900e67_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:52ff9a81170acfd97df4451aef4830dd5b7474711233d892888b8424982bd158_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:67efa1d8929e5f38078357ba1aa17bca1cfa65460f478bafed142afceea0269a_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:c26001afd728fa38fe3fd0842a1767d388b789f66b0272c335f0ef6e1e852c64_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:43a9111fa0579cc4ab1dc253077af73fb1e76beb963e99bbfdb30dc57ae3c5ef_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:4be81ccd4ce15e23487a0fcac930141c434f26795f102af608561f6fa4f36661_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:82b9a9f22dfbd69356aaf5b8c4cbfb7931974dbfe993ac5a0d35b952dcff96ef_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in the nodejs-undici package. Proxy-Authorization headers are not cleared on cross-origin redirects, which can allow for the exposure of sensitive data or allow an attacker to capture the persistent proxy-authentication header.
CWE-285 - Improper AuthorizationAffected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:8ec2a46b1ecf52e944e7ee44bf8275b72f09c71c48d93ee8220f09b3df013f09_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:9fa9ef8ccbf060e44bee2650980acd58db5b8ab7a75321dcc5a015774a4d0d9b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:eccc09d2f5ebcca7748048c68ff36663b07bbf77db698dabb1208532c2ced7a6_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
34 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/code-rhel8@sha256:041378931ee0602b7bacc1b1a469e9bac97cdb77c73249e7ed6b1ab22d63a73e_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/code-rhel8@sha256:7c44847ee88c3ca6b55302fdd28a9fc643f32213ce47a43f7d34d72e1fb56cd4_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/code-rhel8@sha256:7cbaeaa9210ac27b797bf14b81d77cd2ee90fc0e346320f9c914f6718bf60612_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:15bba1a42e790bad55c8290712b3f36abb45975dd793fc107cda8baeb19db5f8_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:65a064cf2946861ba6b00d3ed60d399b3c37273d8dca7cda0fb4f969657f9a64_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:edac785793c2b5e87d0f7ffeea7bf5129f4958189591e78619f94df7903bd8af_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:124f570a143c892b2a50a3c8d451978d0127eefdf7905cfd6684110b2bbe283b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:88bf479fe7aed60a3699ff6ddbec895515497cf4a4598e4535d2ece9ab3d403f_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:9aa2faf93b2dad63b141578afd220505c2f091c3498230b2fcc12827f3b87936_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:6c28b6264a66507e2d73500ad8f4c78163e450557bed1eea8cdc964e0233aee5_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:a58107d4a183fc02637b9f04ca63e71ec61ff93a6f098616bae7c3c8e7488faa_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:dcd45d89d8e8a7ab39a1ad2832f97ff46e8b1748991f32b2801eaad9f6eff8ba_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:2d19a94c9ed47a01cfbacdb6f555b748b2dfb5f789eb74a44b6e88ddf34e6ad2_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:7b9ffae5f1155a111ded6d4da37e2f1cf7252e01399b8af219c4005fdae08433_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:95ebe1eee34c39cb97ee35f587be06c801bc1df2799ff22957850484a374eef3_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/idea-rhel8@sha256:5900bae4a8f3937cc2cbe18fe3f9a0e67f9fbe45698a489be10ade4898654512_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:1a60b0526a5a224f3459a2543a126196e023cb72766459240cadb330552e135c_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:6d7ec3176c60abff3cb7dc0c42f01de3422279830992036eabd2ba4cc7239244_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:ce32303628b801de3c130ecf8dcd182fd242f269864879ddd0ddf43f83f4b76a_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:050219134f2c59c7be2109eb20e75dae9d92b930844afe794cee6a8e7751b724_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:16dec22235b1cc87f280b78f9f96842aa3980c3c3a76bf6aeb73ab0c02b198f7_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:bd454a1865e6b140fa803c6009624db373b38859ea33f12fcd5a23ab90e19b81_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:2f4ce15fd04dc92de55196f24faf69c34d17c972f8b031a9563fe6970ef92639_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:3842954883b1bded547b0026745b5c103321a90ae1902bcdb37705a1986cf9c8_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:71a8618a93f82f437c726f649fc7de98465482e21b77ea06c272d29ef02fed16_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/server-rhel8@sha256:324aa225723803002a2380488b075451cd60a8842946ea2d5159ad4ce2244aaa_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/server-rhel8@sha256:72b9652056ada0c3360c4f04d46afde5acdcc06c993cda71f8e1e6aaa79bb235_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/server-rhel8@sha256:c150d401685f3d7f2bfdd03927591295c8d7f82e6e2bc410cc4dc314f9900e67_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:52ff9a81170acfd97df4451aef4830dd5b7474711233d892888b8424982bd158_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:67efa1d8929e5f38078357ba1aa17bca1cfa65460f478bafed142afceea0269a_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:c26001afd728fa38fe3fd0842a1767d388b789f66b0272c335f0ef6e1e852c64_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:43a9111fa0579cc4ab1dc253077af73fb1e76beb963e99bbfdb30dc57ae3c5ef_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:4be81ccd4ce15e23487a0fcac930141c434f26795f102af608561f6fa4f36661_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:82b9a9f22dfbd69356aaf5b8c4cbfb7931974dbfe993ac5a0d35b952dcff96ef_amd64 | — |
Workaround
|
Threats
Impact
Low
A flaw was found in the nodejs-undici package. This issue may allow an attacker to alter the integrity option passed to fetch(), allowing fetch() to accept requests as valid even if they have been tampered with.
CWE-284 - Improper Access ControlAffected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:8ec2a46b1ecf52e944e7ee44bf8275b72f09c71c48d93ee8220f09b3df013f09_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:9fa9ef8ccbf060e44bee2650980acd58db5b8ab7a75321dcc5a015774a4d0d9b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:eccc09d2f5ebcca7748048c68ff36663b07bbf77db698dabb1208532c2ced7a6_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
34 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/code-rhel8@sha256:041378931ee0602b7bacc1b1a469e9bac97cdb77c73249e7ed6b1ab22d63a73e_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/code-rhel8@sha256:7c44847ee88c3ca6b55302fdd28a9fc643f32213ce47a43f7d34d72e1fb56cd4_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/code-rhel8@sha256:7cbaeaa9210ac27b797bf14b81d77cd2ee90fc0e346320f9c914f6718bf60612_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:15bba1a42e790bad55c8290712b3f36abb45975dd793fc107cda8baeb19db5f8_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:65a064cf2946861ba6b00d3ed60d399b3c37273d8dca7cda0fb4f969657f9a64_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:edac785793c2b5e87d0f7ffeea7bf5129f4958189591e78619f94df7903bd8af_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:124f570a143c892b2a50a3c8d451978d0127eefdf7905cfd6684110b2bbe283b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:88bf479fe7aed60a3699ff6ddbec895515497cf4a4598e4535d2ece9ab3d403f_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:9aa2faf93b2dad63b141578afd220505c2f091c3498230b2fcc12827f3b87936_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:6c28b6264a66507e2d73500ad8f4c78163e450557bed1eea8cdc964e0233aee5_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:a58107d4a183fc02637b9f04ca63e71ec61ff93a6f098616bae7c3c8e7488faa_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:dcd45d89d8e8a7ab39a1ad2832f97ff46e8b1748991f32b2801eaad9f6eff8ba_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:2d19a94c9ed47a01cfbacdb6f555b748b2dfb5f789eb74a44b6e88ddf34e6ad2_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:7b9ffae5f1155a111ded6d4da37e2f1cf7252e01399b8af219c4005fdae08433_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:95ebe1eee34c39cb97ee35f587be06c801bc1df2799ff22957850484a374eef3_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/idea-rhel8@sha256:5900bae4a8f3937cc2cbe18fe3f9a0e67f9fbe45698a489be10ade4898654512_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:1a60b0526a5a224f3459a2543a126196e023cb72766459240cadb330552e135c_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:6d7ec3176c60abff3cb7dc0c42f01de3422279830992036eabd2ba4cc7239244_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:ce32303628b801de3c130ecf8dcd182fd242f269864879ddd0ddf43f83f4b76a_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:050219134f2c59c7be2109eb20e75dae9d92b930844afe794cee6a8e7751b724_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:16dec22235b1cc87f280b78f9f96842aa3980c3c3a76bf6aeb73ab0c02b198f7_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:bd454a1865e6b140fa803c6009624db373b38859ea33f12fcd5a23ab90e19b81_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:2f4ce15fd04dc92de55196f24faf69c34d17c972f8b031a9563fe6970ef92639_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:3842954883b1bded547b0026745b5c103321a90ae1902bcdb37705a1986cf9c8_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:71a8618a93f82f437c726f649fc7de98465482e21b77ea06c272d29ef02fed16_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/server-rhel8@sha256:324aa225723803002a2380488b075451cd60a8842946ea2d5159ad4ce2244aaa_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/server-rhel8@sha256:72b9652056ada0c3360c4f04d46afde5acdcc06c993cda71f8e1e6aaa79bb235_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/server-rhel8@sha256:c150d401685f3d7f2bfdd03927591295c8d7f82e6e2bc410cc4dc314f9900e67_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:52ff9a81170acfd97df4451aef4830dd5b7474711233d892888b8424982bd158_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:67efa1d8929e5f38078357ba1aa17bca1cfa65460f478bafed142afceea0269a_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:c26001afd728fa38fe3fd0842a1767d388b789f66b0272c335f0ef6e1e852c64_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:43a9111fa0579cc4ab1dc253077af73fb1e76beb963e99bbfdb30dc57ae3c5ef_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:4be81ccd4ce15e23487a0fcac930141c434f26795f102af608561f6fa4f36661_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:82b9a9f22dfbd69356aaf5b8c4cbfb7931974dbfe993ac5a0d35b952dcff96ef_amd64 | — |
Workaround
|
Threats
Impact
Low
A vulnerability was found in the Axios HTTP Client. It is vulnerable to a server-side request forgery attack (SSRF) caused by unexpected behavior where requests for path-relative URLs get processed as protocol-relative URLs. This flaw allows an attacker to perform arbitrary requests from the server, potentially accessing internal systems or exfiltrating sensitive data.
7.5 (High)
Affected products
Fixed
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/code-rhel8@sha256:041378931ee0602b7bacc1b1a469e9bac97cdb77c73249e7ed6b1ab22d63a73e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/code-rhel8@sha256:7c44847ee88c3ca6b55302fdd28a9fc643f32213ce47a43f7d34d72e1fb56cd4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/code-rhel8@sha256:7cbaeaa9210ac27b797bf14b81d77cd2ee90fc0e346320f9c914f6718bf60612_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:8ec2a46b1ecf52e944e7ee44bf8275b72f09c71c48d93ee8220f09b3df013f09_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:9fa9ef8ccbf060e44bee2650980acd58db5b8ab7a75321dcc5a015774a4d0d9b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:eccc09d2f5ebcca7748048c68ff36663b07bbf77db698dabb1208532c2ced7a6_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:15bba1a42e790bad55c8290712b3f36abb45975dd793fc107cda8baeb19db5f8_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:65a064cf2946861ba6b00d3ed60d399b3c37273d8dca7cda0fb4f969657f9a64_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:edac785793c2b5e87d0f7ffeea7bf5129f4958189591e78619f94df7903bd8af_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:124f570a143c892b2a50a3c8d451978d0127eefdf7905cfd6684110b2bbe283b_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:88bf479fe7aed60a3699ff6ddbec895515497cf4a4598e4535d2ece9ab3d403f_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:9aa2faf93b2dad63b141578afd220505c2f091c3498230b2fcc12827f3b87936_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:6c28b6264a66507e2d73500ad8f4c78163e450557bed1eea8cdc964e0233aee5_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:a58107d4a183fc02637b9f04ca63e71ec61ff93a6f098616bae7c3c8e7488faa_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:dcd45d89d8e8a7ab39a1ad2832f97ff46e8b1748991f32b2801eaad9f6eff8ba_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:2d19a94c9ed47a01cfbacdb6f555b748b2dfb5f789eb74a44b6e88ddf34e6ad2_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:7b9ffae5f1155a111ded6d4da37e2f1cf7252e01399b8af219c4005fdae08433_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:95ebe1eee34c39cb97ee35f587be06c801bc1df2799ff22957850484a374eef3_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/idea-rhel8@sha256:5900bae4a8f3937cc2cbe18fe3f9a0e67f9fbe45698a489be10ade4898654512_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:1a60b0526a5a224f3459a2543a126196e023cb72766459240cadb330552e135c_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:6d7ec3176c60abff3cb7dc0c42f01de3422279830992036eabd2ba4cc7239244_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:ce32303628b801de3c130ecf8dcd182fd242f269864879ddd0ddf43f83f4b76a_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:050219134f2c59c7be2109eb20e75dae9d92b930844afe794cee6a8e7751b724_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:16dec22235b1cc87f280b78f9f96842aa3980c3c3a76bf6aeb73ab0c02b198f7_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:bd454a1865e6b140fa803c6009624db373b38859ea33f12fcd5a23ab90e19b81_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:2f4ce15fd04dc92de55196f24faf69c34d17c972f8b031a9563fe6970ef92639_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:3842954883b1bded547b0026745b5c103321a90ae1902bcdb37705a1986cf9c8_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:71a8618a93f82f437c726f649fc7de98465482e21b77ea06c272d29ef02fed16_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/server-rhel8@sha256:324aa225723803002a2380488b075451cd60a8842946ea2d5159ad4ce2244aaa_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/server-rhel8@sha256:72b9652056ada0c3360c4f04d46afde5acdcc06c993cda71f8e1e6aaa79bb235_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/server-rhel8@sha256:c150d401685f3d7f2bfdd03927591295c8d7f82e6e2bc410cc4dc314f9900e67_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:52ff9a81170acfd97df4451aef4830dd5b7474711233d892888b8424982bd158_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:67efa1d8929e5f38078357ba1aa17bca1cfa65460f478bafed142afceea0269a_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:c26001afd728fa38fe3fd0842a1767d388b789f66b0272c335f0ef6e1e852c64_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:43a9111fa0579cc4ab1dc253077af73fb1e76beb963e99bbfdb30dc57ae3c5ef_ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:4be81ccd4ce15e23487a0fcac930141c434f26795f102af608561f6fa4f36661_s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:82b9a9f22dfbd69356aaf5b8c4cbfb7931974dbfe993ac5a0d35b952dcff96ef_amd64 | — |
Workaround
|
Threats
Impact
Important
References
38 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Dev Spaces 3.16 has been released.\n\nAll containers have been updated to include feature enhancements, bug fixes and CVE fixes.\n\nFollowing the Red Hat Product Security standards this update is rated as having a security impact of Important. The Common Vulnerability Scoring System (CVSS) base score is available for every fixed CVE in the references section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Dev Spaces provides a cloud developer workspace server and a browser-based IDE built for teams and organizations. Dev Spaces runs in OpenShift and is well-suited for container-based development.\n\nThe 3.16 release is based on Eclipse Che 7.90 and uses the DevWorkspace engine to provide support for workspaces based on devfile v2.1 and v2.2.\n\nUsers still using the v1 standard should migrate as soon as possible.\n\nhttps://devfile.io/docs/2.2.0/migrating-to-devfile-v2\n\nDev Spaces releases support the latest two OpenShift 4 EUS releases. Users are expected to update to newer OpenShift releases in order to continue to get Dev Spaces updates. \n\nhttps://access.redhat.com/support/policy/updates/openshift#crw",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:6667",
"url": "https://access.redhat.com/errata/RHSA-2024:6667"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "CRW-6868",
"url": "https://issues.redhat.com/browse/CRW-6868"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_6667.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.16.0 release",
"tracking": {
"current_release_date": "2026-06-02T17:43:17+00:00",
"generator": {
"date": "2026-06-02T17:43:17+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2024:6667",
"initial_release_date": "2024-09-12T21:30:49+00:00",
"revision_history": [
{
"date": "2024-09-12T21:30:49+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-09-12T21:30:49+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-02T17:43:17+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Dev Spaces 3",
"product": {
"name": "Red Hat OpenShift Dev Spaces 3",
"product_id": "8Base-RHOSDS-3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_devspaces:3::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Dev Spaces"
},
{
"branches": [
{
"category": "product_version",
"name": "devspaces/code-rhel8@sha256:7c44847ee88c3ca6b55302fdd28a9fc643f32213ce47a43f7d34d72e1fb56cd4_amd64",
"product": {
"name": "devspaces/code-rhel8@sha256:7c44847ee88c3ca6b55302fdd28a9fc643f32213ce47a43f7d34d72e1fb56cd4_amd64",
"product_id": "devspaces/code-rhel8@sha256:7c44847ee88c3ca6b55302fdd28a9fc643f32213ce47a43f7d34d72e1fb56cd4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/code-rhel8@sha256:7c44847ee88c3ca6b55302fdd28a9fc643f32213ce47a43f7d34d72e1fb56cd4?arch=amd64\u0026repository_url=registry.redhat.io/devspaces/code-rhel8\u0026tag=3.16-20"
}
}
},
{
"category": "product_version",
"name": "devspaces/configbump-rhel8@sha256:65a064cf2946861ba6b00d3ed60d399b3c37273d8dca7cda0fb4f969657f9a64_amd64",
"product": {
"name": "devspaces/configbump-rhel8@sha256:65a064cf2946861ba6b00d3ed60d399b3c37273d8dca7cda0fb4f969657f9a64_amd64",
"product_id": "devspaces/configbump-rhel8@sha256:65a064cf2946861ba6b00d3ed60d399b3c37273d8dca7cda0fb4f969657f9a64_amd64",
"product_identification_helper": {
"purl": "pkg:oci/configbump-rhel8@sha256:65a064cf2946861ba6b00d3ed60d399b3c37273d8dca7cda0fb4f969657f9a64?arch=amd64\u0026repository_url=registry.redhat.io/devspaces/configbump-rhel8\u0026tag=3.16-4"
}
}
},
{
"category": "product_version",
"name": "devspaces/dashboard-rhel8@sha256:8ec2a46b1ecf52e944e7ee44bf8275b72f09c71c48d93ee8220f09b3df013f09_amd64",
"product": {
"name": "devspaces/dashboard-rhel8@sha256:8ec2a46b1ecf52e944e7ee44bf8275b72f09c71c48d93ee8220f09b3df013f09_amd64",
"product_id": "devspaces/dashboard-rhel8@sha256:8ec2a46b1ecf52e944e7ee44bf8275b72f09c71c48d93ee8220f09b3df013f09_amd64",
"product_identification_helper": {
"purl": "pkg:oci/dashboard-rhel8@sha256:8ec2a46b1ecf52e944e7ee44bf8275b72f09c71c48d93ee8220f09b3df013f09?arch=amd64\u0026repository_url=registry.redhat.io/devspaces/dashboard-rhel8\u0026tag=3.16-27"
}
}
},
{
"category": "product_version",
"name": "devspaces/devfileregistry-rhel8@sha256:124f570a143c892b2a50a3c8d451978d0127eefdf7905cfd6684110b2bbe283b_amd64",
"product": {
"name": "devspaces/devfileregistry-rhel8@sha256:124f570a143c892b2a50a3c8d451978d0127eefdf7905cfd6684110b2bbe283b_amd64",
"product_id": "devspaces/devfileregistry-rhel8@sha256:124f570a143c892b2a50a3c8d451978d0127eefdf7905cfd6684110b2bbe283b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/devfileregistry-rhel8@sha256:124f570a143c892b2a50a3c8d451978d0127eefdf7905cfd6684110b2bbe283b?arch=amd64\u0026repository_url=registry.redhat.io/devspaces/devfileregistry-rhel8\u0026tag=3.16-67"
}
}
},
{
"category": "product_version",
"name": "devspaces/idea-rhel8@sha256:5900bae4a8f3937cc2cbe18fe3f9a0e67f9fbe45698a489be10ade4898654512_amd64",
"product": {
"name": "devspaces/idea-rhel8@sha256:5900bae4a8f3937cc2cbe18fe3f9a0e67f9fbe45698a489be10ade4898654512_amd64",
"product_id": "devspaces/idea-rhel8@sha256:5900bae4a8f3937cc2cbe18fe3f9a0e67f9fbe45698a489be10ade4898654512_amd64",
"product_identification_helper": {
"purl": "pkg:oci/idea-rhel8@sha256:5900bae4a8f3937cc2cbe18fe3f9a0e67f9fbe45698a489be10ade4898654512?arch=amd64\u0026repository_url=registry.redhat.io/devspaces/idea-rhel8\u0026tag=3.16-3"
}
}
},
{
"category": "product_version",
"name": "devspaces/imagepuller-rhel8@sha256:1a60b0526a5a224f3459a2543a126196e023cb72766459240cadb330552e135c_amd64",
"product": {
"name": "devspaces/imagepuller-rhel8@sha256:1a60b0526a5a224f3459a2543a126196e023cb72766459240cadb330552e135c_amd64",
"product_id": "devspaces/imagepuller-rhel8@sha256:1a60b0526a5a224f3459a2543a126196e023cb72766459240cadb330552e135c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/imagepuller-rhel8@sha256:1a60b0526a5a224f3459a2543a126196e023cb72766459240cadb330552e135c?arch=amd64\u0026repository_url=registry.redhat.io/devspaces/imagepuller-rhel8\u0026tag=3.16-3"
}
}
},
{
"category": "product_version",
"name": "devspaces/machineexec-rhel8@sha256:050219134f2c59c7be2109eb20e75dae9d92b930844afe794cee6a8e7751b724_amd64",
"product": {
"name": "devspaces/machineexec-rhel8@sha256:050219134f2c59c7be2109eb20e75dae9d92b930844afe794cee6a8e7751b724_amd64",
"product_id": "devspaces/machineexec-rhel8@sha256:050219134f2c59c7be2109eb20e75dae9d92b930844afe794cee6a8e7751b724_amd64",
"product_identification_helper": {
"purl": "pkg:oci/machineexec-rhel8@sha256:050219134f2c59c7be2109eb20e75dae9d92b930844afe794cee6a8e7751b724?arch=amd64\u0026repository_url=registry.redhat.io/devspaces/machineexec-rhel8\u0026tag=3.16-6"
}
}
},
{
"category": "product_version",
"name": "devspaces/devspaces-operator-bundle@sha256:dcd45d89d8e8a7ab39a1ad2832f97ff46e8b1748991f32b2801eaad9f6eff8ba_amd64",
"product": {
"name": "devspaces/devspaces-operator-bundle@sha256:dcd45d89d8e8a7ab39a1ad2832f97ff46e8b1748991f32b2801eaad9f6eff8ba_amd64",
"product_id": "devspaces/devspaces-operator-bundle@sha256:dcd45d89d8e8a7ab39a1ad2832f97ff46e8b1748991f32b2801eaad9f6eff8ba_amd64",
"product_identification_helper": {
"purl": "pkg:oci/devspaces-operator-bundle@sha256:dcd45d89d8e8a7ab39a1ad2832f97ff46e8b1748991f32b2801eaad9f6eff8ba?arch=amd64\u0026repository_url=registry.redhat.io/devspaces/devspaces-operator-bundle\u0026tag=3.16-70"
}
}
},
{
"category": "product_version",
"name": "devspaces/pluginregistry-rhel8@sha256:2f4ce15fd04dc92de55196f24faf69c34d17c972f8b031a9563fe6970ef92639_amd64",
"product": {
"name": "devspaces/pluginregistry-rhel8@sha256:2f4ce15fd04dc92de55196f24faf69c34d17c972f8b031a9563fe6970ef92639_amd64",
"product_id": "devspaces/pluginregistry-rhel8@sha256:2f4ce15fd04dc92de55196f24faf69c34d17c972f8b031a9563fe6970ef92639_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pluginregistry-rhel8@sha256:2f4ce15fd04dc92de55196f24faf69c34d17c972f8b031a9563fe6970ef92639?arch=amd64\u0026repository_url=registry.redhat.io/devspaces/pluginregistry-rhel8\u0026tag=3.16-16"
}
}
},
{
"category": "product_version",
"name": "devspaces/devspaces-rhel8-operator@sha256:95ebe1eee34c39cb97ee35f587be06c801bc1df2799ff22957850484a374eef3_amd64",
"product": {
"name": "devspaces/devspaces-rhel8-operator@sha256:95ebe1eee34c39cb97ee35f587be06c801bc1df2799ff22957850484a374eef3_amd64",
"product_id": "devspaces/devspaces-rhel8-operator@sha256:95ebe1eee34c39cb97ee35f587be06c801bc1df2799ff22957850484a374eef3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/devspaces-rhel8-operator@sha256:95ebe1eee34c39cb97ee35f587be06c801bc1df2799ff22957850484a374eef3?arch=amd64\u0026repository_url=registry.redhat.io/devspaces/devspaces-rhel8-operator\u0026tag=3.16-11"
}
}
},
{
"category": "product_version",
"name": "devspaces/server-rhel8@sha256:72b9652056ada0c3360c4f04d46afde5acdcc06c993cda71f8e1e6aaa79bb235_amd64",
"product": {
"name": "devspaces/server-rhel8@sha256:72b9652056ada0c3360c4f04d46afde5acdcc06c993cda71f8e1e6aaa79bb235_amd64",
"product_id": "devspaces/server-rhel8@sha256:72b9652056ada0c3360c4f04d46afde5acdcc06c993cda71f8e1e6aaa79bb235_amd64",
"product_identification_helper": {
"purl": "pkg:oci/server-rhel8@sha256:72b9652056ada0c3360c4f04d46afde5acdcc06c993cda71f8e1e6aaa79bb235?arch=amd64\u0026repository_url=registry.redhat.io/devspaces/server-rhel8\u0026tag=3.16-14"
}
}
},
{
"category": "product_version",
"name": "devspaces/traefik-rhel8@sha256:67efa1d8929e5f38078357ba1aa17bca1cfa65460f478bafed142afceea0269a_amd64",
"product": {
"name": "devspaces/traefik-rhel8@sha256:67efa1d8929e5f38078357ba1aa17bca1cfa65460f478bafed142afceea0269a_amd64",
"product_id": "devspaces/traefik-rhel8@sha256:67efa1d8929e5f38078357ba1aa17bca1cfa65460f478bafed142afceea0269a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/traefik-rhel8@sha256:67efa1d8929e5f38078357ba1aa17bca1cfa65460f478bafed142afceea0269a?arch=amd64\u0026repository_url=registry.redhat.io/devspaces/traefik-rhel8\u0026tag=3.16-2"
}
}
},
{
"category": "product_version",
"name": "devspaces/udi-rhel8@sha256:82b9a9f22dfbd69356aaf5b8c4cbfb7931974dbfe993ac5a0d35b952dcff96ef_amd64",
"product": {
"name": "devspaces/udi-rhel8@sha256:82b9a9f22dfbd69356aaf5b8c4cbfb7931974dbfe993ac5a0d35b952dcff96ef_amd64",
"product_id": "devspaces/udi-rhel8@sha256:82b9a9f22dfbd69356aaf5b8c4cbfb7931974dbfe993ac5a0d35b952dcff96ef_amd64",
"product_identification_helper": {
"purl": "pkg:oci/udi-rhel8@sha256:82b9a9f22dfbd69356aaf5b8c4cbfb7931974dbfe993ac5a0d35b952dcff96ef?arch=amd64\u0026repository_url=registry.redhat.io/devspaces/udi-rhel8\u0026tag=3.16-6"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "devspaces/code-rhel8@sha256:041378931ee0602b7bacc1b1a469e9bac97cdb77c73249e7ed6b1ab22d63a73e_ppc64le",
"product": {
"name": "devspaces/code-rhel8@sha256:041378931ee0602b7bacc1b1a469e9bac97cdb77c73249e7ed6b1ab22d63a73e_ppc64le",
"product_id": "devspaces/code-rhel8@sha256:041378931ee0602b7bacc1b1a469e9bac97cdb77c73249e7ed6b1ab22d63a73e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/code-rhel8@sha256:041378931ee0602b7bacc1b1a469e9bac97cdb77c73249e7ed6b1ab22d63a73e?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces/code-rhel8\u0026tag=3.16-20"
}
}
},
{
"category": "product_version",
"name": "devspaces/configbump-rhel8@sha256:15bba1a42e790bad55c8290712b3f36abb45975dd793fc107cda8baeb19db5f8_ppc64le",
"product": {
"name": "devspaces/configbump-rhel8@sha256:15bba1a42e790bad55c8290712b3f36abb45975dd793fc107cda8baeb19db5f8_ppc64le",
"product_id": "devspaces/configbump-rhel8@sha256:15bba1a42e790bad55c8290712b3f36abb45975dd793fc107cda8baeb19db5f8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/configbump-rhel8@sha256:15bba1a42e790bad55c8290712b3f36abb45975dd793fc107cda8baeb19db5f8?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces/configbump-rhel8\u0026tag=3.16-4"
}
}
},
{
"category": "product_version",
"name": "devspaces/dashboard-rhel8@sha256:eccc09d2f5ebcca7748048c68ff36663b07bbf77db698dabb1208532c2ced7a6_ppc64le",
"product": {
"name": "devspaces/dashboard-rhel8@sha256:eccc09d2f5ebcca7748048c68ff36663b07bbf77db698dabb1208532c2ced7a6_ppc64le",
"product_id": "devspaces/dashboard-rhel8@sha256:eccc09d2f5ebcca7748048c68ff36663b07bbf77db698dabb1208532c2ced7a6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/dashboard-rhel8@sha256:eccc09d2f5ebcca7748048c68ff36663b07bbf77db698dabb1208532c2ced7a6?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces/dashboard-rhel8\u0026tag=3.16-27"
}
}
},
{
"category": "product_version",
"name": "devspaces/devfileregistry-rhel8@sha256:88bf479fe7aed60a3699ff6ddbec895515497cf4a4598e4535d2ece9ab3d403f_ppc64le",
"product": {
"name": "devspaces/devfileregistry-rhel8@sha256:88bf479fe7aed60a3699ff6ddbec895515497cf4a4598e4535d2ece9ab3d403f_ppc64le",
"product_id": "devspaces/devfileregistry-rhel8@sha256:88bf479fe7aed60a3699ff6ddbec895515497cf4a4598e4535d2ece9ab3d403f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/devfileregistry-rhel8@sha256:88bf479fe7aed60a3699ff6ddbec895515497cf4a4598e4535d2ece9ab3d403f?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces/devfileregistry-rhel8\u0026tag=3.16-67"
}
}
},
{
"category": "product_version",
"name": "devspaces/imagepuller-rhel8@sha256:6d7ec3176c60abff3cb7dc0c42f01de3422279830992036eabd2ba4cc7239244_ppc64le",
"product": {
"name": "devspaces/imagepuller-rhel8@sha256:6d7ec3176c60abff3cb7dc0c42f01de3422279830992036eabd2ba4cc7239244_ppc64le",
"product_id": "devspaces/imagepuller-rhel8@sha256:6d7ec3176c60abff3cb7dc0c42f01de3422279830992036eabd2ba4cc7239244_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/imagepuller-rhel8@sha256:6d7ec3176c60abff3cb7dc0c42f01de3422279830992036eabd2ba4cc7239244?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces/imagepuller-rhel8\u0026tag=3.16-3"
}
}
},
{
"category": "product_version",
"name": "devspaces/machineexec-rhel8@sha256:16dec22235b1cc87f280b78f9f96842aa3980c3c3a76bf6aeb73ab0c02b198f7_ppc64le",
"product": {
"name": "devspaces/machineexec-rhel8@sha256:16dec22235b1cc87f280b78f9f96842aa3980c3c3a76bf6aeb73ab0c02b198f7_ppc64le",
"product_id": "devspaces/machineexec-rhel8@sha256:16dec22235b1cc87f280b78f9f96842aa3980c3c3a76bf6aeb73ab0c02b198f7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/machineexec-rhel8@sha256:16dec22235b1cc87f280b78f9f96842aa3980c3c3a76bf6aeb73ab0c02b198f7?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces/machineexec-rhel8\u0026tag=3.16-6"
}
}
},
{
"category": "product_version",
"name": "devspaces/devspaces-operator-bundle@sha256:6c28b6264a66507e2d73500ad8f4c78163e450557bed1eea8cdc964e0233aee5_ppc64le",
"product": {
"name": "devspaces/devspaces-operator-bundle@sha256:6c28b6264a66507e2d73500ad8f4c78163e450557bed1eea8cdc964e0233aee5_ppc64le",
"product_id": "devspaces/devspaces-operator-bundle@sha256:6c28b6264a66507e2d73500ad8f4c78163e450557bed1eea8cdc964e0233aee5_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/devspaces-operator-bundle@sha256:6c28b6264a66507e2d73500ad8f4c78163e450557bed1eea8cdc964e0233aee5?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces/devspaces-operator-bundle\u0026tag=3.16-70"
}
}
},
{
"category": "product_version",
"name": "devspaces/pluginregistry-rhel8@sha256:71a8618a93f82f437c726f649fc7de98465482e21b77ea06c272d29ef02fed16_ppc64le",
"product": {
"name": "devspaces/pluginregistry-rhel8@sha256:71a8618a93f82f437c726f649fc7de98465482e21b77ea06c272d29ef02fed16_ppc64le",
"product_id": "devspaces/pluginregistry-rhel8@sha256:71a8618a93f82f437c726f649fc7de98465482e21b77ea06c272d29ef02fed16_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pluginregistry-rhel8@sha256:71a8618a93f82f437c726f649fc7de98465482e21b77ea06c272d29ef02fed16?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces/pluginregistry-rhel8\u0026tag=3.16-16"
}
}
},
{
"category": "product_version",
"name": "devspaces/devspaces-rhel8-operator@sha256:7b9ffae5f1155a111ded6d4da37e2f1cf7252e01399b8af219c4005fdae08433_ppc64le",
"product": {
"name": "devspaces/devspaces-rhel8-operator@sha256:7b9ffae5f1155a111ded6d4da37e2f1cf7252e01399b8af219c4005fdae08433_ppc64le",
"product_id": "devspaces/devspaces-rhel8-operator@sha256:7b9ffae5f1155a111ded6d4da37e2f1cf7252e01399b8af219c4005fdae08433_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/devspaces-rhel8-operator@sha256:7b9ffae5f1155a111ded6d4da37e2f1cf7252e01399b8af219c4005fdae08433?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces/devspaces-rhel8-operator\u0026tag=3.16-11"
}
}
},
{
"category": "product_version",
"name": "devspaces/server-rhel8@sha256:c150d401685f3d7f2bfdd03927591295c8d7f82e6e2bc410cc4dc314f9900e67_ppc64le",
"product": {
"name": "devspaces/server-rhel8@sha256:c150d401685f3d7f2bfdd03927591295c8d7f82e6e2bc410cc4dc314f9900e67_ppc64le",
"product_id": "devspaces/server-rhel8@sha256:c150d401685f3d7f2bfdd03927591295c8d7f82e6e2bc410cc4dc314f9900e67_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/server-rhel8@sha256:c150d401685f3d7f2bfdd03927591295c8d7f82e6e2bc410cc4dc314f9900e67?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces/server-rhel8\u0026tag=3.16-14"
}
}
},
{
"category": "product_version",
"name": "devspaces/traefik-rhel8@sha256:c26001afd728fa38fe3fd0842a1767d388b789f66b0272c335f0ef6e1e852c64_ppc64le",
"product": {
"name": "devspaces/traefik-rhel8@sha256:c26001afd728fa38fe3fd0842a1767d388b789f66b0272c335f0ef6e1e852c64_ppc64le",
"product_id": "devspaces/traefik-rhel8@sha256:c26001afd728fa38fe3fd0842a1767d388b789f66b0272c335f0ef6e1e852c64_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/traefik-rhel8@sha256:c26001afd728fa38fe3fd0842a1767d388b789f66b0272c335f0ef6e1e852c64?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces/traefik-rhel8\u0026tag=3.16-2"
}
}
},
{
"category": "product_version",
"name": "devspaces/udi-rhel8@sha256:43a9111fa0579cc4ab1dc253077af73fb1e76beb963e99bbfdb30dc57ae3c5ef_ppc64le",
"product": {
"name": "devspaces/udi-rhel8@sha256:43a9111fa0579cc4ab1dc253077af73fb1e76beb963e99bbfdb30dc57ae3c5ef_ppc64le",
"product_id": "devspaces/udi-rhel8@sha256:43a9111fa0579cc4ab1dc253077af73fb1e76beb963e99bbfdb30dc57ae3c5ef_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/udi-rhel8@sha256:43a9111fa0579cc4ab1dc253077af73fb1e76beb963e99bbfdb30dc57ae3c5ef?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces/udi-rhel8\u0026tag=3.16-6"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "devspaces/code-rhel8@sha256:7cbaeaa9210ac27b797bf14b81d77cd2ee90fc0e346320f9c914f6718bf60612_s390x",
"product": {
"name": "devspaces/code-rhel8@sha256:7cbaeaa9210ac27b797bf14b81d77cd2ee90fc0e346320f9c914f6718bf60612_s390x",
"product_id": "devspaces/code-rhel8@sha256:7cbaeaa9210ac27b797bf14b81d77cd2ee90fc0e346320f9c914f6718bf60612_s390x",
"product_identification_helper": {
"purl": "pkg:oci/code-rhel8@sha256:7cbaeaa9210ac27b797bf14b81d77cd2ee90fc0e346320f9c914f6718bf60612?arch=s390x\u0026repository_url=registry.redhat.io/devspaces/code-rhel8\u0026tag=3.16-20"
}
}
},
{
"category": "product_version",
"name": "devspaces/configbump-rhel8@sha256:edac785793c2b5e87d0f7ffeea7bf5129f4958189591e78619f94df7903bd8af_s390x",
"product": {
"name": "devspaces/configbump-rhel8@sha256:edac785793c2b5e87d0f7ffeea7bf5129f4958189591e78619f94df7903bd8af_s390x",
"product_id": "devspaces/configbump-rhel8@sha256:edac785793c2b5e87d0f7ffeea7bf5129f4958189591e78619f94df7903bd8af_s390x",
"product_identification_helper": {
"purl": "pkg:oci/configbump-rhel8@sha256:edac785793c2b5e87d0f7ffeea7bf5129f4958189591e78619f94df7903bd8af?arch=s390x\u0026repository_url=registry.redhat.io/devspaces/configbump-rhel8\u0026tag=3.16-4"
}
}
},
{
"category": "product_version",
"name": "devspaces/dashboard-rhel8@sha256:9fa9ef8ccbf060e44bee2650980acd58db5b8ab7a75321dcc5a015774a4d0d9b_s390x",
"product": {
"name": "devspaces/dashboard-rhel8@sha256:9fa9ef8ccbf060e44bee2650980acd58db5b8ab7a75321dcc5a015774a4d0d9b_s390x",
"product_id": "devspaces/dashboard-rhel8@sha256:9fa9ef8ccbf060e44bee2650980acd58db5b8ab7a75321dcc5a015774a4d0d9b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/dashboard-rhel8@sha256:9fa9ef8ccbf060e44bee2650980acd58db5b8ab7a75321dcc5a015774a4d0d9b?arch=s390x\u0026repository_url=registry.redhat.io/devspaces/dashboard-rhel8\u0026tag=3.16-27"
}
}
},
{
"category": "product_version",
"name": "devspaces/devfileregistry-rhel8@sha256:9aa2faf93b2dad63b141578afd220505c2f091c3498230b2fcc12827f3b87936_s390x",
"product": {
"name": "devspaces/devfileregistry-rhel8@sha256:9aa2faf93b2dad63b141578afd220505c2f091c3498230b2fcc12827f3b87936_s390x",
"product_id": "devspaces/devfileregistry-rhel8@sha256:9aa2faf93b2dad63b141578afd220505c2f091c3498230b2fcc12827f3b87936_s390x",
"product_identification_helper": {
"purl": "pkg:oci/devfileregistry-rhel8@sha256:9aa2faf93b2dad63b141578afd220505c2f091c3498230b2fcc12827f3b87936?arch=s390x\u0026repository_url=registry.redhat.io/devspaces/devfileregistry-rhel8\u0026tag=3.16-67"
}
}
},
{
"category": "product_version",
"name": "devspaces/imagepuller-rhel8@sha256:ce32303628b801de3c130ecf8dcd182fd242f269864879ddd0ddf43f83f4b76a_s390x",
"product": {
"name": "devspaces/imagepuller-rhel8@sha256:ce32303628b801de3c130ecf8dcd182fd242f269864879ddd0ddf43f83f4b76a_s390x",
"product_id": "devspaces/imagepuller-rhel8@sha256:ce32303628b801de3c130ecf8dcd182fd242f269864879ddd0ddf43f83f4b76a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/imagepuller-rhel8@sha256:ce32303628b801de3c130ecf8dcd182fd242f269864879ddd0ddf43f83f4b76a?arch=s390x\u0026repository_url=registry.redhat.io/devspaces/imagepuller-rhel8\u0026tag=3.16-3"
}
}
},
{
"category": "product_version",
"name": "devspaces/machineexec-rhel8@sha256:bd454a1865e6b140fa803c6009624db373b38859ea33f12fcd5a23ab90e19b81_s390x",
"product": {
"name": "devspaces/machineexec-rhel8@sha256:bd454a1865e6b140fa803c6009624db373b38859ea33f12fcd5a23ab90e19b81_s390x",
"product_id": "devspaces/machineexec-rhel8@sha256:bd454a1865e6b140fa803c6009624db373b38859ea33f12fcd5a23ab90e19b81_s390x",
"product_identification_helper": {
"purl": "pkg:oci/machineexec-rhel8@sha256:bd454a1865e6b140fa803c6009624db373b38859ea33f12fcd5a23ab90e19b81?arch=s390x\u0026repository_url=registry.redhat.io/devspaces/machineexec-rhel8\u0026tag=3.16-6"
}
}
},
{
"category": "product_version",
"name": "devspaces/devspaces-operator-bundle@sha256:a58107d4a183fc02637b9f04ca63e71ec61ff93a6f098616bae7c3c8e7488faa_s390x",
"product": {
"name": "devspaces/devspaces-operator-bundle@sha256:a58107d4a183fc02637b9f04ca63e71ec61ff93a6f098616bae7c3c8e7488faa_s390x",
"product_id": "devspaces/devspaces-operator-bundle@sha256:a58107d4a183fc02637b9f04ca63e71ec61ff93a6f098616bae7c3c8e7488faa_s390x",
"product_identification_helper": {
"purl": "pkg:oci/devspaces-operator-bundle@sha256:a58107d4a183fc02637b9f04ca63e71ec61ff93a6f098616bae7c3c8e7488faa?arch=s390x\u0026repository_url=registry.redhat.io/devspaces/devspaces-operator-bundle\u0026tag=3.16-70"
}
}
},
{
"category": "product_version",
"name": "devspaces/pluginregistry-rhel8@sha256:3842954883b1bded547b0026745b5c103321a90ae1902bcdb37705a1986cf9c8_s390x",
"product": {
"name": "devspaces/pluginregistry-rhel8@sha256:3842954883b1bded547b0026745b5c103321a90ae1902bcdb37705a1986cf9c8_s390x",
"product_id": "devspaces/pluginregistry-rhel8@sha256:3842954883b1bded547b0026745b5c103321a90ae1902bcdb37705a1986cf9c8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pluginregistry-rhel8@sha256:3842954883b1bded547b0026745b5c103321a90ae1902bcdb37705a1986cf9c8?arch=s390x\u0026repository_url=registry.redhat.io/devspaces/pluginregistry-rhel8\u0026tag=3.16-16"
}
}
},
{
"category": "product_version",
"name": "devspaces/devspaces-rhel8-operator@sha256:2d19a94c9ed47a01cfbacdb6f555b748b2dfb5f789eb74a44b6e88ddf34e6ad2_s390x",
"product": {
"name": "devspaces/devspaces-rhel8-operator@sha256:2d19a94c9ed47a01cfbacdb6f555b748b2dfb5f789eb74a44b6e88ddf34e6ad2_s390x",
"product_id": "devspaces/devspaces-rhel8-operator@sha256:2d19a94c9ed47a01cfbacdb6f555b748b2dfb5f789eb74a44b6e88ddf34e6ad2_s390x",
"product_identification_helper": {
"purl": "pkg:oci/devspaces-rhel8-operator@sha256:2d19a94c9ed47a01cfbacdb6f555b748b2dfb5f789eb74a44b6e88ddf34e6ad2?arch=s390x\u0026repository_url=registry.redhat.io/devspaces/devspaces-rhel8-operator\u0026tag=3.16-11"
}
}
},
{
"category": "product_version",
"name": "devspaces/server-rhel8@sha256:324aa225723803002a2380488b075451cd60a8842946ea2d5159ad4ce2244aaa_s390x",
"product": {
"name": "devspaces/server-rhel8@sha256:324aa225723803002a2380488b075451cd60a8842946ea2d5159ad4ce2244aaa_s390x",
"product_id": "devspaces/server-rhel8@sha256:324aa225723803002a2380488b075451cd60a8842946ea2d5159ad4ce2244aaa_s390x",
"product_identification_helper": {
"purl": "pkg:oci/server-rhel8@sha256:324aa225723803002a2380488b075451cd60a8842946ea2d5159ad4ce2244aaa?arch=s390x\u0026repository_url=registry.redhat.io/devspaces/server-rhel8\u0026tag=3.16-14"
}
}
},
{
"category": "product_version",
"name": "devspaces/traefik-rhel8@sha256:52ff9a81170acfd97df4451aef4830dd5b7474711233d892888b8424982bd158_s390x",
"product": {
"name": "devspaces/traefik-rhel8@sha256:52ff9a81170acfd97df4451aef4830dd5b7474711233d892888b8424982bd158_s390x",
"product_id": "devspaces/traefik-rhel8@sha256:52ff9a81170acfd97df4451aef4830dd5b7474711233d892888b8424982bd158_s390x",
"product_identification_helper": {
"purl": "pkg:oci/traefik-rhel8@sha256:52ff9a81170acfd97df4451aef4830dd5b7474711233d892888b8424982bd158?arch=s390x\u0026repository_url=registry.redhat.io/devspaces/traefik-rhel8\u0026tag=3.16-2"
}
}
},
{
"category": "product_version",
"name": "devspaces/udi-rhel8@sha256:4be81ccd4ce15e23487a0fcac930141c434f26795f102af608561f6fa4f36661_s390x",
"product": {
"name": "devspaces/udi-rhel8@sha256:4be81ccd4ce15e23487a0fcac930141c434f26795f102af608561f6fa4f36661_s390x",
"product_id": "devspaces/udi-rhel8@sha256:4be81ccd4ce15e23487a0fcac930141c434f26795f102af608561f6fa4f36661_s390x",
"product_identification_helper": {
"purl": "pkg:oci/udi-rhel8@sha256:4be81ccd4ce15e23487a0fcac930141c434f26795f102af608561f6fa4f36661?arch=s390x\u0026repository_url=registry.redhat.io/devspaces/udi-rhel8\u0026tag=3.16-6"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/code-rhel8@sha256:041378931ee0602b7bacc1b1a469e9bac97cdb77c73249e7ed6b1ab22d63a73e_ppc64le as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "8Base-RHOSDS-3:devspaces/code-rhel8@sha256:041378931ee0602b7bacc1b1a469e9bac97cdb77c73249e7ed6b1ab22d63a73e_ppc64le"
},
"product_reference": "devspaces/code-rhel8@sha256:041378931ee0602b7bacc1b1a469e9bac97cdb77c73249e7ed6b1ab22d63a73e_ppc64le",
"relates_to_product_reference": "8Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/code-rhel8@sha256:7c44847ee88c3ca6b55302fdd28a9fc643f32213ce47a43f7d34d72e1fb56cd4_amd64 as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "8Base-RHOSDS-3:devspaces/code-rhel8@sha256:7c44847ee88c3ca6b55302fdd28a9fc643f32213ce47a43f7d34d72e1fb56cd4_amd64"
},
"product_reference": "devspaces/code-rhel8@sha256:7c44847ee88c3ca6b55302fdd28a9fc643f32213ce47a43f7d34d72e1fb56cd4_amd64",
"relates_to_product_reference": "8Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/code-rhel8@sha256:7cbaeaa9210ac27b797bf14b81d77cd2ee90fc0e346320f9c914f6718bf60612_s390x as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "8Base-RHOSDS-3:devspaces/code-rhel8@sha256:7cbaeaa9210ac27b797bf14b81d77cd2ee90fc0e346320f9c914f6718bf60612_s390x"
},
"product_reference": "devspaces/code-rhel8@sha256:7cbaeaa9210ac27b797bf14b81d77cd2ee90fc0e346320f9c914f6718bf60612_s390x",
"relates_to_product_reference": "8Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/configbump-rhel8@sha256:15bba1a42e790bad55c8290712b3f36abb45975dd793fc107cda8baeb19db5f8_ppc64le as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:15bba1a42e790bad55c8290712b3f36abb45975dd793fc107cda8baeb19db5f8_ppc64le"
},
"product_reference": "devspaces/configbump-rhel8@sha256:15bba1a42e790bad55c8290712b3f36abb45975dd793fc107cda8baeb19db5f8_ppc64le",
"relates_to_product_reference": "8Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/configbump-rhel8@sha256:65a064cf2946861ba6b00d3ed60d399b3c37273d8dca7cda0fb4f969657f9a64_amd64 as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:65a064cf2946861ba6b00d3ed60d399b3c37273d8dca7cda0fb4f969657f9a64_amd64"
},
"product_reference": "devspaces/configbump-rhel8@sha256:65a064cf2946861ba6b00d3ed60d399b3c37273d8dca7cda0fb4f969657f9a64_amd64",
"relates_to_product_reference": "8Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/configbump-rhel8@sha256:edac785793c2b5e87d0f7ffeea7bf5129f4958189591e78619f94df7903bd8af_s390x as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:edac785793c2b5e87d0f7ffeea7bf5129f4958189591e78619f94df7903bd8af_s390x"
},
"product_reference": "devspaces/configbump-rhel8@sha256:edac785793c2b5e87d0f7ffeea7bf5129f4958189591e78619f94df7903bd8af_s390x",
"relates_to_product_reference": "8Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/dashboard-rhel8@sha256:8ec2a46b1ecf52e944e7ee44bf8275b72f09c71c48d93ee8220f09b3df013f09_amd64 as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:8ec2a46b1ecf52e944e7ee44bf8275b72f09c71c48d93ee8220f09b3df013f09_amd64"
},
"product_reference": "devspaces/dashboard-rhel8@sha256:8ec2a46b1ecf52e944e7ee44bf8275b72f09c71c48d93ee8220f09b3df013f09_amd64",
"relates_to_product_reference": "8Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/dashboard-rhel8@sha256:9fa9ef8ccbf060e44bee2650980acd58db5b8ab7a75321dcc5a015774a4d0d9b_s390x as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:9fa9ef8ccbf060e44bee2650980acd58db5b8ab7a75321dcc5a015774a4d0d9b_s390x"
},
"product_reference": "devspaces/dashboard-rhel8@sha256:9fa9ef8ccbf060e44bee2650980acd58db5b8ab7a75321dcc5a015774a4d0d9b_s390x",
"relates_to_product_reference": "8Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/dashboard-rhel8@sha256:eccc09d2f5ebcca7748048c68ff36663b07bbf77db698dabb1208532c2ced7a6_ppc64le as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:eccc09d2f5ebcca7748048c68ff36663b07bbf77db698dabb1208532c2ced7a6_ppc64le"
},
"product_reference": "devspaces/dashboard-rhel8@sha256:eccc09d2f5ebcca7748048c68ff36663b07bbf77db698dabb1208532c2ced7a6_ppc64le",
"relates_to_product_reference": "8Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/devfileregistry-rhel8@sha256:124f570a143c892b2a50a3c8d451978d0127eefdf7905cfd6684110b2bbe283b_amd64 as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:124f570a143c892b2a50a3c8d451978d0127eefdf7905cfd6684110b2bbe283b_amd64"
},
"product_reference": "devspaces/devfileregistry-rhel8@sha256:124f570a143c892b2a50a3c8d451978d0127eefdf7905cfd6684110b2bbe283b_amd64",
"relates_to_product_reference": "8Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/devfileregistry-rhel8@sha256:88bf479fe7aed60a3699ff6ddbec895515497cf4a4598e4535d2ece9ab3d403f_ppc64le as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:88bf479fe7aed60a3699ff6ddbec895515497cf4a4598e4535d2ece9ab3d403f_ppc64le"
},
"product_reference": "devspaces/devfileregistry-rhel8@sha256:88bf479fe7aed60a3699ff6ddbec895515497cf4a4598e4535d2ece9ab3d403f_ppc64le",
"relates_to_product_reference": "8Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/devfileregistry-rhel8@sha256:9aa2faf93b2dad63b141578afd220505c2f091c3498230b2fcc12827f3b87936_s390x as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:9aa2faf93b2dad63b141578afd220505c2f091c3498230b2fcc12827f3b87936_s390x"
},
"product_reference": "devspaces/devfileregistry-rhel8@sha256:9aa2faf93b2dad63b141578afd220505c2f091c3498230b2fcc12827f3b87936_s390x",
"relates_to_product_reference": "8Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/devspaces-operator-bundle@sha256:6c28b6264a66507e2d73500ad8f4c78163e450557bed1eea8cdc964e0233aee5_ppc64le as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:6c28b6264a66507e2d73500ad8f4c78163e450557bed1eea8cdc964e0233aee5_ppc64le"
},
"product_reference": "devspaces/devspaces-operator-bundle@sha256:6c28b6264a66507e2d73500ad8f4c78163e450557bed1eea8cdc964e0233aee5_ppc64le",
"relates_to_product_reference": "8Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/devspaces-operator-bundle@sha256:a58107d4a183fc02637b9f04ca63e71ec61ff93a6f098616bae7c3c8e7488faa_s390x as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:a58107d4a183fc02637b9f04ca63e71ec61ff93a6f098616bae7c3c8e7488faa_s390x"
},
"product_reference": "devspaces/devspaces-operator-bundle@sha256:a58107d4a183fc02637b9f04ca63e71ec61ff93a6f098616bae7c3c8e7488faa_s390x",
"relates_to_product_reference": "8Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/devspaces-operator-bundle@sha256:dcd45d89d8e8a7ab39a1ad2832f97ff46e8b1748991f32b2801eaad9f6eff8ba_amd64 as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:dcd45d89d8e8a7ab39a1ad2832f97ff46e8b1748991f32b2801eaad9f6eff8ba_amd64"
},
"product_reference": "devspaces/devspaces-operator-bundle@sha256:dcd45d89d8e8a7ab39a1ad2832f97ff46e8b1748991f32b2801eaad9f6eff8ba_amd64",
"relates_to_product_reference": "8Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/devspaces-rhel8-operator@sha256:2d19a94c9ed47a01cfbacdb6f555b748b2dfb5f789eb74a44b6e88ddf34e6ad2_s390x as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:2d19a94c9ed47a01cfbacdb6f555b748b2dfb5f789eb74a44b6e88ddf34e6ad2_s390x"
},
"product_reference": "devspaces/devspaces-rhel8-operator@sha256:2d19a94c9ed47a01cfbacdb6f555b748b2dfb5f789eb74a44b6e88ddf34e6ad2_s390x",
"relates_to_product_reference": "8Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/devspaces-rhel8-operator@sha256:7b9ffae5f1155a111ded6d4da37e2f1cf7252e01399b8af219c4005fdae08433_ppc64le as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:7b9ffae5f1155a111ded6d4da37e2f1cf7252e01399b8af219c4005fdae08433_ppc64le"
},
"product_reference": "devspaces/devspaces-rhel8-operator@sha256:7b9ffae5f1155a111ded6d4da37e2f1cf7252e01399b8af219c4005fdae08433_ppc64le",
"relates_to_product_reference": "8Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/devspaces-rhel8-operator@sha256:95ebe1eee34c39cb97ee35f587be06c801bc1df2799ff22957850484a374eef3_amd64 as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:95ebe1eee34c39cb97ee35f587be06c801bc1df2799ff22957850484a374eef3_amd64"
},
"product_reference": "devspaces/devspaces-rhel8-operator@sha256:95ebe1eee34c39cb97ee35f587be06c801bc1df2799ff22957850484a374eef3_amd64",
"relates_to_product_reference": "8Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/idea-rhel8@sha256:5900bae4a8f3937cc2cbe18fe3f9a0e67f9fbe45698a489be10ade4898654512_amd64 as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "8Base-RHOSDS-3:devspaces/idea-rhel8@sha256:5900bae4a8f3937cc2cbe18fe3f9a0e67f9fbe45698a489be10ade4898654512_amd64"
},
"product_reference": "devspaces/idea-rhel8@sha256:5900bae4a8f3937cc2cbe18fe3f9a0e67f9fbe45698a489be10ade4898654512_amd64",
"relates_to_product_reference": "8Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/imagepuller-rhel8@sha256:1a60b0526a5a224f3459a2543a126196e023cb72766459240cadb330552e135c_amd64 as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:1a60b0526a5a224f3459a2543a126196e023cb72766459240cadb330552e135c_amd64"
},
"product_reference": "devspaces/imagepuller-rhel8@sha256:1a60b0526a5a224f3459a2543a126196e023cb72766459240cadb330552e135c_amd64",
"relates_to_product_reference": "8Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/imagepuller-rhel8@sha256:6d7ec3176c60abff3cb7dc0c42f01de3422279830992036eabd2ba4cc7239244_ppc64le as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:6d7ec3176c60abff3cb7dc0c42f01de3422279830992036eabd2ba4cc7239244_ppc64le"
},
"product_reference": "devspaces/imagepuller-rhel8@sha256:6d7ec3176c60abff3cb7dc0c42f01de3422279830992036eabd2ba4cc7239244_ppc64le",
"relates_to_product_reference": "8Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/imagepuller-rhel8@sha256:ce32303628b801de3c130ecf8dcd182fd242f269864879ddd0ddf43f83f4b76a_s390x as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:ce32303628b801de3c130ecf8dcd182fd242f269864879ddd0ddf43f83f4b76a_s390x"
},
"product_reference": "devspaces/imagepuller-rhel8@sha256:ce32303628b801de3c130ecf8dcd182fd242f269864879ddd0ddf43f83f4b76a_s390x",
"relates_to_product_reference": "8Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/machineexec-rhel8@sha256:050219134f2c59c7be2109eb20e75dae9d92b930844afe794cee6a8e7751b724_amd64 as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:050219134f2c59c7be2109eb20e75dae9d92b930844afe794cee6a8e7751b724_amd64"
},
"product_reference": "devspaces/machineexec-rhel8@sha256:050219134f2c59c7be2109eb20e75dae9d92b930844afe794cee6a8e7751b724_amd64",
"relates_to_product_reference": "8Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/machineexec-rhel8@sha256:16dec22235b1cc87f280b78f9f96842aa3980c3c3a76bf6aeb73ab0c02b198f7_ppc64le as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:16dec22235b1cc87f280b78f9f96842aa3980c3c3a76bf6aeb73ab0c02b198f7_ppc64le"
},
"product_reference": "devspaces/machineexec-rhel8@sha256:16dec22235b1cc87f280b78f9f96842aa3980c3c3a76bf6aeb73ab0c02b198f7_ppc64le",
"relates_to_product_reference": "8Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/machineexec-rhel8@sha256:bd454a1865e6b140fa803c6009624db373b38859ea33f12fcd5a23ab90e19b81_s390x as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:bd454a1865e6b140fa803c6009624db373b38859ea33f12fcd5a23ab90e19b81_s390x"
},
"product_reference": "devspaces/machineexec-rhel8@sha256:bd454a1865e6b140fa803c6009624db373b38859ea33f12fcd5a23ab90e19b81_s390x",
"relates_to_product_reference": "8Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/pluginregistry-rhel8@sha256:2f4ce15fd04dc92de55196f24faf69c34d17c972f8b031a9563fe6970ef92639_amd64 as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:2f4ce15fd04dc92de55196f24faf69c34d17c972f8b031a9563fe6970ef92639_amd64"
},
"product_reference": "devspaces/pluginregistry-rhel8@sha256:2f4ce15fd04dc92de55196f24faf69c34d17c972f8b031a9563fe6970ef92639_amd64",
"relates_to_product_reference": "8Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/pluginregistry-rhel8@sha256:3842954883b1bded547b0026745b5c103321a90ae1902bcdb37705a1986cf9c8_s390x as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:3842954883b1bded547b0026745b5c103321a90ae1902bcdb37705a1986cf9c8_s390x"
},
"product_reference": "devspaces/pluginregistry-rhel8@sha256:3842954883b1bded547b0026745b5c103321a90ae1902bcdb37705a1986cf9c8_s390x",
"relates_to_product_reference": "8Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/pluginregistry-rhel8@sha256:71a8618a93f82f437c726f649fc7de98465482e21b77ea06c272d29ef02fed16_ppc64le as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:71a8618a93f82f437c726f649fc7de98465482e21b77ea06c272d29ef02fed16_ppc64le"
},
"product_reference": "devspaces/pluginregistry-rhel8@sha256:71a8618a93f82f437c726f649fc7de98465482e21b77ea06c272d29ef02fed16_ppc64le",
"relates_to_product_reference": "8Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/server-rhel8@sha256:324aa225723803002a2380488b075451cd60a8842946ea2d5159ad4ce2244aaa_s390x as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "8Base-RHOSDS-3:devspaces/server-rhel8@sha256:324aa225723803002a2380488b075451cd60a8842946ea2d5159ad4ce2244aaa_s390x"
},
"product_reference": "devspaces/server-rhel8@sha256:324aa225723803002a2380488b075451cd60a8842946ea2d5159ad4ce2244aaa_s390x",
"relates_to_product_reference": "8Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/server-rhel8@sha256:72b9652056ada0c3360c4f04d46afde5acdcc06c993cda71f8e1e6aaa79bb235_amd64 as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "8Base-RHOSDS-3:devspaces/server-rhel8@sha256:72b9652056ada0c3360c4f04d46afde5acdcc06c993cda71f8e1e6aaa79bb235_amd64"
},
"product_reference": "devspaces/server-rhel8@sha256:72b9652056ada0c3360c4f04d46afde5acdcc06c993cda71f8e1e6aaa79bb235_amd64",
"relates_to_product_reference": "8Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/server-rhel8@sha256:c150d401685f3d7f2bfdd03927591295c8d7f82e6e2bc410cc4dc314f9900e67_ppc64le as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "8Base-RHOSDS-3:devspaces/server-rhel8@sha256:c150d401685f3d7f2bfdd03927591295c8d7f82e6e2bc410cc4dc314f9900e67_ppc64le"
},
"product_reference": "devspaces/server-rhel8@sha256:c150d401685f3d7f2bfdd03927591295c8d7f82e6e2bc410cc4dc314f9900e67_ppc64le",
"relates_to_product_reference": "8Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/traefik-rhel8@sha256:52ff9a81170acfd97df4451aef4830dd5b7474711233d892888b8424982bd158_s390x as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:52ff9a81170acfd97df4451aef4830dd5b7474711233d892888b8424982bd158_s390x"
},
"product_reference": "devspaces/traefik-rhel8@sha256:52ff9a81170acfd97df4451aef4830dd5b7474711233d892888b8424982bd158_s390x",
"relates_to_product_reference": "8Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/traefik-rhel8@sha256:67efa1d8929e5f38078357ba1aa17bca1cfa65460f478bafed142afceea0269a_amd64 as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:67efa1d8929e5f38078357ba1aa17bca1cfa65460f478bafed142afceea0269a_amd64"
},
"product_reference": "devspaces/traefik-rhel8@sha256:67efa1d8929e5f38078357ba1aa17bca1cfa65460f478bafed142afceea0269a_amd64",
"relates_to_product_reference": "8Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/traefik-rhel8@sha256:c26001afd728fa38fe3fd0842a1767d388b789f66b0272c335f0ef6e1e852c64_ppc64le as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:c26001afd728fa38fe3fd0842a1767d388b789f66b0272c335f0ef6e1e852c64_ppc64le"
},
"product_reference": "devspaces/traefik-rhel8@sha256:c26001afd728fa38fe3fd0842a1767d388b789f66b0272c335f0ef6e1e852c64_ppc64le",
"relates_to_product_reference": "8Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/udi-rhel8@sha256:43a9111fa0579cc4ab1dc253077af73fb1e76beb963e99bbfdb30dc57ae3c5ef_ppc64le as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:43a9111fa0579cc4ab1dc253077af73fb1e76beb963e99bbfdb30dc57ae3c5ef_ppc64le"
},
"product_reference": "devspaces/udi-rhel8@sha256:43a9111fa0579cc4ab1dc253077af73fb1e76beb963e99bbfdb30dc57ae3c5ef_ppc64le",
"relates_to_product_reference": "8Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/udi-rhel8@sha256:4be81ccd4ce15e23487a0fcac930141c434f26795f102af608561f6fa4f36661_s390x as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:4be81ccd4ce15e23487a0fcac930141c434f26795f102af608561f6fa4f36661_s390x"
},
"product_reference": "devspaces/udi-rhel8@sha256:4be81ccd4ce15e23487a0fcac930141c434f26795f102af608561f6fa4f36661_s390x",
"relates_to_product_reference": "8Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/udi-rhel8@sha256:82b9a9f22dfbd69356aaf5b8c4cbfb7931974dbfe993ac5a0d35b952dcff96ef_amd64 as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:82b9a9f22dfbd69356aaf5b8c4cbfb7931974dbfe993ac5a0d35b952dcff96ef_amd64"
},
"product_reference": "devspaces/udi-rhel8@sha256:82b9a9f22dfbd69356aaf5b8c4cbfb7931974dbfe993ac5a0d35b952dcff96ef_amd64",
"relates_to_product_reference": "8Base-RHOSDS-3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-0341",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2022-10-13T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:041378931ee0602b7bacc1b1a469e9bac97cdb77c73249e7ed6b1ab22d63a73e_ppc64le",
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:7c44847ee88c3ca6b55302fdd28a9fc643f32213ce47a43f7d34d72e1fb56cd4_amd64",
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:7cbaeaa9210ac27b797bf14b81d77cd2ee90fc0e346320f9c914f6718bf60612_s390x",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:15bba1a42e790bad55c8290712b3f36abb45975dd793fc107cda8baeb19db5f8_ppc64le",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:65a064cf2946861ba6b00d3ed60d399b3c37273d8dca7cda0fb4f969657f9a64_amd64",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:edac785793c2b5e87d0f7ffeea7bf5129f4958189591e78619f94df7903bd8af_s390x",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:8ec2a46b1ecf52e944e7ee44bf8275b72f09c71c48d93ee8220f09b3df013f09_amd64",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:9fa9ef8ccbf060e44bee2650980acd58db5b8ab7a75321dcc5a015774a4d0d9b_s390x",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:eccc09d2f5ebcca7748048c68ff36663b07bbf77db698dabb1208532c2ced7a6_ppc64le",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:124f570a143c892b2a50a3c8d451978d0127eefdf7905cfd6684110b2bbe283b_amd64",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:88bf479fe7aed60a3699ff6ddbec895515497cf4a4598e4535d2ece9ab3d403f_ppc64le",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:9aa2faf93b2dad63b141578afd220505c2f091c3498230b2fcc12827f3b87936_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:6c28b6264a66507e2d73500ad8f4c78163e450557bed1eea8cdc964e0233aee5_ppc64le",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:a58107d4a183fc02637b9f04ca63e71ec61ff93a6f098616bae7c3c8e7488faa_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:dcd45d89d8e8a7ab39a1ad2832f97ff46e8b1748991f32b2801eaad9f6eff8ba_amd64",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:2d19a94c9ed47a01cfbacdb6f555b748b2dfb5f789eb74a44b6e88ddf34e6ad2_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:7b9ffae5f1155a111ded6d4da37e2f1cf7252e01399b8af219c4005fdae08433_ppc64le",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:95ebe1eee34c39cb97ee35f587be06c801bc1df2799ff22957850484a374eef3_amd64",
"8Base-RHOSDS-3:devspaces/idea-rhel8@sha256:5900bae4a8f3937cc2cbe18fe3f9a0e67f9fbe45698a489be10ade4898654512_amd64",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:1a60b0526a5a224f3459a2543a126196e023cb72766459240cadb330552e135c_amd64",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:6d7ec3176c60abff3cb7dc0c42f01de3422279830992036eabd2ba4cc7239244_ppc64le",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:ce32303628b801de3c130ecf8dcd182fd242f269864879ddd0ddf43f83f4b76a_s390x",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:050219134f2c59c7be2109eb20e75dae9d92b930844afe794cee6a8e7751b724_amd64",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:16dec22235b1cc87f280b78f9f96842aa3980c3c3a76bf6aeb73ab0c02b198f7_ppc64le",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:bd454a1865e6b140fa803c6009624db373b38859ea33f12fcd5a23ab90e19b81_s390x",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:2f4ce15fd04dc92de55196f24faf69c34d17c972f8b031a9563fe6970ef92639_amd64",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:3842954883b1bded547b0026745b5c103321a90ae1902bcdb37705a1986cf9c8_s390x",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:71a8618a93f82f437c726f649fc7de98465482e21b77ea06c272d29ef02fed16_ppc64le",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:52ff9a81170acfd97df4451aef4830dd5b7474711233d892888b8424982bd158_s390x",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:67efa1d8929e5f38078357ba1aa17bca1cfa65460f478bafed142afceea0269a_amd64",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:c26001afd728fa38fe3fd0842a1767d388b789f66b0272c335f0ef6e1e852c64_ppc64le",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:43a9111fa0579cc4ab1dc253077af73fb1e76beb963e99bbfdb30dc57ae3c5ef_ppc64le",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:4be81ccd4ce15e23487a0fcac930141c434f26795f102af608561f6fa4f36661_s390x",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:82b9a9f22dfbd69356aaf5b8c4cbfb7931974dbfe993ac5a0d35b952dcff96ef_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2154086"
}
],
"notes": [
{
"category": "description",
"text": "In verifyHostName of OkHostnameVerifier.java, there is a possible way to accept a certificate for the wrong domain due to improperly used crypto. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-171980069",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "okhttp: information disclosure via improperly used cryptographic function",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:324aa225723803002a2380488b075451cd60a8842946ea2d5159ad4ce2244aaa_s390x",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:72b9652056ada0c3360c4f04d46afde5acdcc06c993cda71f8e1e6aaa79bb235_amd64",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:c150d401685f3d7f2bfdd03927591295c8d7f82e6e2bc410cc4dc314f9900e67_ppc64le"
],
"known_not_affected": [
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:041378931ee0602b7bacc1b1a469e9bac97cdb77c73249e7ed6b1ab22d63a73e_ppc64le",
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:7c44847ee88c3ca6b55302fdd28a9fc643f32213ce47a43f7d34d72e1fb56cd4_amd64",
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:7cbaeaa9210ac27b797bf14b81d77cd2ee90fc0e346320f9c914f6718bf60612_s390x",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:15bba1a42e790bad55c8290712b3f36abb45975dd793fc107cda8baeb19db5f8_ppc64le",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:65a064cf2946861ba6b00d3ed60d399b3c37273d8dca7cda0fb4f969657f9a64_amd64",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:edac785793c2b5e87d0f7ffeea7bf5129f4958189591e78619f94df7903bd8af_s390x",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:8ec2a46b1ecf52e944e7ee44bf8275b72f09c71c48d93ee8220f09b3df013f09_amd64",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:9fa9ef8ccbf060e44bee2650980acd58db5b8ab7a75321dcc5a015774a4d0d9b_s390x",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:eccc09d2f5ebcca7748048c68ff36663b07bbf77db698dabb1208532c2ced7a6_ppc64le",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:124f570a143c892b2a50a3c8d451978d0127eefdf7905cfd6684110b2bbe283b_amd64",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:88bf479fe7aed60a3699ff6ddbec895515497cf4a4598e4535d2ece9ab3d403f_ppc64le",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:9aa2faf93b2dad63b141578afd220505c2f091c3498230b2fcc12827f3b87936_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:6c28b6264a66507e2d73500ad8f4c78163e450557bed1eea8cdc964e0233aee5_ppc64le",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:a58107d4a183fc02637b9f04ca63e71ec61ff93a6f098616bae7c3c8e7488faa_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:dcd45d89d8e8a7ab39a1ad2832f97ff46e8b1748991f32b2801eaad9f6eff8ba_amd64",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:2d19a94c9ed47a01cfbacdb6f555b748b2dfb5f789eb74a44b6e88ddf34e6ad2_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:7b9ffae5f1155a111ded6d4da37e2f1cf7252e01399b8af219c4005fdae08433_ppc64le",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:95ebe1eee34c39cb97ee35f587be06c801bc1df2799ff22957850484a374eef3_amd64",
"8Base-RHOSDS-3:devspaces/idea-rhel8@sha256:5900bae4a8f3937cc2cbe18fe3f9a0e67f9fbe45698a489be10ade4898654512_amd64",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:1a60b0526a5a224f3459a2543a126196e023cb72766459240cadb330552e135c_amd64",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:6d7ec3176c60abff3cb7dc0c42f01de3422279830992036eabd2ba4cc7239244_ppc64le",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:ce32303628b801de3c130ecf8dcd182fd242f269864879ddd0ddf43f83f4b76a_s390x",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:050219134f2c59c7be2109eb20e75dae9d92b930844afe794cee6a8e7751b724_amd64",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:16dec22235b1cc87f280b78f9f96842aa3980c3c3a76bf6aeb73ab0c02b198f7_ppc64le",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:bd454a1865e6b140fa803c6009624db373b38859ea33f12fcd5a23ab90e19b81_s390x",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:2f4ce15fd04dc92de55196f24faf69c34d17c972f8b031a9563fe6970ef92639_amd64",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:3842954883b1bded547b0026745b5c103321a90ae1902bcdb37705a1986cf9c8_s390x",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:71a8618a93f82f437c726f649fc7de98465482e21b77ea06c272d29ef02fed16_ppc64le",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:52ff9a81170acfd97df4451aef4830dd5b7474711233d892888b8424982bd158_s390x",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:67efa1d8929e5f38078357ba1aa17bca1cfa65460f478bafed142afceea0269a_amd64",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:c26001afd728fa38fe3fd0842a1767d388b789f66b0272c335f0ef6e1e852c64_ppc64le",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:43a9111fa0579cc4ab1dc253077af73fb1e76beb963e99bbfdb30dc57ae3c5ef_ppc64le",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:4be81ccd4ce15e23487a0fcac930141c434f26795f102af608561f6fa4f36661_s390x",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:82b9a9f22dfbd69356aaf5b8c4cbfb7931974dbfe993ac5a0d35b952dcff96ef_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-0341"
},
{
"category": "external",
"summary": "RHBZ#2154086",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2154086"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-0341",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-0341"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-0341",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-0341"
},
{
"category": "external",
"summary": "https://source.android.com/security/bulletin/2021-02-01",
"url": "https://source.android.com/security/bulletin/2021-02-01"
}
],
"release_date": "2021-02-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-12T21:30:49+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:324aa225723803002a2380488b075451cd60a8842946ea2d5159ad4ce2244aaa_s390x",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:72b9652056ada0c3360c4f04d46afde5acdcc06c993cda71f8e1e6aaa79bb235_amd64",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:c150d401685f3d7f2bfdd03927591295c8d7f82e6e2bc410cc4dc314f9900e67_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6667"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:041378931ee0602b7bacc1b1a469e9bac97cdb77c73249e7ed6b1ab22d63a73e_ppc64le",
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:7c44847ee88c3ca6b55302fdd28a9fc643f32213ce47a43f7d34d72e1fb56cd4_amd64",
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:7cbaeaa9210ac27b797bf14b81d77cd2ee90fc0e346320f9c914f6718bf60612_s390x",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:15bba1a42e790bad55c8290712b3f36abb45975dd793fc107cda8baeb19db5f8_ppc64le",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:65a064cf2946861ba6b00d3ed60d399b3c37273d8dca7cda0fb4f969657f9a64_amd64",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:edac785793c2b5e87d0f7ffeea7bf5129f4958189591e78619f94df7903bd8af_s390x",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:8ec2a46b1ecf52e944e7ee44bf8275b72f09c71c48d93ee8220f09b3df013f09_amd64",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:9fa9ef8ccbf060e44bee2650980acd58db5b8ab7a75321dcc5a015774a4d0d9b_s390x",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:eccc09d2f5ebcca7748048c68ff36663b07bbf77db698dabb1208532c2ced7a6_ppc64le",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:124f570a143c892b2a50a3c8d451978d0127eefdf7905cfd6684110b2bbe283b_amd64",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:88bf479fe7aed60a3699ff6ddbec895515497cf4a4598e4535d2ece9ab3d403f_ppc64le",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:9aa2faf93b2dad63b141578afd220505c2f091c3498230b2fcc12827f3b87936_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:6c28b6264a66507e2d73500ad8f4c78163e450557bed1eea8cdc964e0233aee5_ppc64le",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:a58107d4a183fc02637b9f04ca63e71ec61ff93a6f098616bae7c3c8e7488faa_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:dcd45d89d8e8a7ab39a1ad2832f97ff46e8b1748991f32b2801eaad9f6eff8ba_amd64",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:2d19a94c9ed47a01cfbacdb6f555b748b2dfb5f789eb74a44b6e88ddf34e6ad2_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:7b9ffae5f1155a111ded6d4da37e2f1cf7252e01399b8af219c4005fdae08433_ppc64le",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:95ebe1eee34c39cb97ee35f587be06c801bc1df2799ff22957850484a374eef3_amd64",
"8Base-RHOSDS-3:devspaces/idea-rhel8@sha256:5900bae4a8f3937cc2cbe18fe3f9a0e67f9fbe45698a489be10ade4898654512_amd64",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:1a60b0526a5a224f3459a2543a126196e023cb72766459240cadb330552e135c_amd64",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:6d7ec3176c60abff3cb7dc0c42f01de3422279830992036eabd2ba4cc7239244_ppc64le",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:ce32303628b801de3c130ecf8dcd182fd242f269864879ddd0ddf43f83f4b76a_s390x",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:050219134f2c59c7be2109eb20e75dae9d92b930844afe794cee6a8e7751b724_amd64",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:16dec22235b1cc87f280b78f9f96842aa3980c3c3a76bf6aeb73ab0c02b198f7_ppc64le",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:bd454a1865e6b140fa803c6009624db373b38859ea33f12fcd5a23ab90e19b81_s390x",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:2f4ce15fd04dc92de55196f24faf69c34d17c972f8b031a9563fe6970ef92639_amd64",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:3842954883b1bded547b0026745b5c103321a90ae1902bcdb37705a1986cf9c8_s390x",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:71a8618a93f82f437c726f649fc7de98465482e21b77ea06c272d29ef02fed16_ppc64le",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:324aa225723803002a2380488b075451cd60a8842946ea2d5159ad4ce2244aaa_s390x",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:72b9652056ada0c3360c4f04d46afde5acdcc06c993cda71f8e1e6aaa79bb235_amd64",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:c150d401685f3d7f2bfdd03927591295c8d7f82e6e2bc410cc4dc314f9900e67_ppc64le",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:52ff9a81170acfd97df4451aef4830dd5b7474711233d892888b8424982bd158_s390x",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:67efa1d8929e5f38078357ba1aa17bca1cfa65460f478bafed142afceea0269a_amd64",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:c26001afd728fa38fe3fd0842a1767d388b789f66b0272c335f0ef6e1e852c64_ppc64le",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:43a9111fa0579cc4ab1dc253077af73fb1e76beb963e99bbfdb30dc57ae3c5ef_ppc64le",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:4be81ccd4ce15e23487a0fcac930141c434f26795f102af608561f6fa4f36661_s390x",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:82b9a9f22dfbd69356aaf5b8c4cbfb7931974dbfe993ac5a0d35b952dcff96ef_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "okhttp: information disclosure via improperly used cryptographic function"
},
{
"cve": "CVE-2023-3635",
"cwe": {
"id": "CWE-248",
"name": "Uncaught Exception"
},
"discovery_date": "2023-07-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2229295"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in SquareUp Okio. A class GzipSource does not handle an exception that might be raised when parsing a malformed gzip buffer. This issue may allow a malicious user to start processing a malformed file, which can result in a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "okio: GzipSource class improper exception handling",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat JBoss Enterprise Application Platform XP does contain Okio package but is not using GzipSource.java, which is the affected class.\nRed Hat support for Spring Boot is considered low impact as it\u0027s used by Dekorate during compilation process and not included in the resulting Jar.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:041378931ee0602b7bacc1b1a469e9bac97cdb77c73249e7ed6b1ab22d63a73e_ppc64le",
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:7c44847ee88c3ca6b55302fdd28a9fc643f32213ce47a43f7d34d72e1fb56cd4_amd64",
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:7cbaeaa9210ac27b797bf14b81d77cd2ee90fc0e346320f9c914f6718bf60612_s390x",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:15bba1a42e790bad55c8290712b3f36abb45975dd793fc107cda8baeb19db5f8_ppc64le",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:65a064cf2946861ba6b00d3ed60d399b3c37273d8dca7cda0fb4f969657f9a64_amd64",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:edac785793c2b5e87d0f7ffeea7bf5129f4958189591e78619f94df7903bd8af_s390x",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:8ec2a46b1ecf52e944e7ee44bf8275b72f09c71c48d93ee8220f09b3df013f09_amd64",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:9fa9ef8ccbf060e44bee2650980acd58db5b8ab7a75321dcc5a015774a4d0d9b_s390x",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:eccc09d2f5ebcca7748048c68ff36663b07bbf77db698dabb1208532c2ced7a6_ppc64le",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:124f570a143c892b2a50a3c8d451978d0127eefdf7905cfd6684110b2bbe283b_amd64",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:88bf479fe7aed60a3699ff6ddbec895515497cf4a4598e4535d2ece9ab3d403f_ppc64le",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:9aa2faf93b2dad63b141578afd220505c2f091c3498230b2fcc12827f3b87936_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:6c28b6264a66507e2d73500ad8f4c78163e450557bed1eea8cdc964e0233aee5_ppc64le",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:a58107d4a183fc02637b9f04ca63e71ec61ff93a6f098616bae7c3c8e7488faa_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:dcd45d89d8e8a7ab39a1ad2832f97ff46e8b1748991f32b2801eaad9f6eff8ba_amd64",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:2d19a94c9ed47a01cfbacdb6f555b748b2dfb5f789eb74a44b6e88ddf34e6ad2_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:7b9ffae5f1155a111ded6d4da37e2f1cf7252e01399b8af219c4005fdae08433_ppc64le",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:95ebe1eee34c39cb97ee35f587be06c801bc1df2799ff22957850484a374eef3_amd64",
"8Base-RHOSDS-3:devspaces/idea-rhel8@sha256:5900bae4a8f3937cc2cbe18fe3f9a0e67f9fbe45698a489be10ade4898654512_amd64",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:1a60b0526a5a224f3459a2543a126196e023cb72766459240cadb330552e135c_amd64",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:6d7ec3176c60abff3cb7dc0c42f01de3422279830992036eabd2ba4cc7239244_ppc64le",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:ce32303628b801de3c130ecf8dcd182fd242f269864879ddd0ddf43f83f4b76a_s390x",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:050219134f2c59c7be2109eb20e75dae9d92b930844afe794cee6a8e7751b724_amd64",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:16dec22235b1cc87f280b78f9f96842aa3980c3c3a76bf6aeb73ab0c02b198f7_ppc64le",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:bd454a1865e6b140fa803c6009624db373b38859ea33f12fcd5a23ab90e19b81_s390x",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:2f4ce15fd04dc92de55196f24faf69c34d17c972f8b031a9563fe6970ef92639_amd64",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:3842954883b1bded547b0026745b5c103321a90ae1902bcdb37705a1986cf9c8_s390x",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:71a8618a93f82f437c726f649fc7de98465482e21b77ea06c272d29ef02fed16_ppc64le",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:324aa225723803002a2380488b075451cd60a8842946ea2d5159ad4ce2244aaa_s390x",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:72b9652056ada0c3360c4f04d46afde5acdcc06c993cda71f8e1e6aaa79bb235_amd64",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:c150d401685f3d7f2bfdd03927591295c8d7f82e6e2bc410cc4dc314f9900e67_ppc64le",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:52ff9a81170acfd97df4451aef4830dd5b7474711233d892888b8424982bd158_s390x",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:67efa1d8929e5f38078357ba1aa17bca1cfa65460f478bafed142afceea0269a_amd64",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:c26001afd728fa38fe3fd0842a1767d388b789f66b0272c335f0ef6e1e852c64_ppc64le",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:43a9111fa0579cc4ab1dc253077af73fb1e76beb963e99bbfdb30dc57ae3c5ef_ppc64le",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:4be81ccd4ce15e23487a0fcac930141c434f26795f102af608561f6fa4f36661_s390x",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:82b9a9f22dfbd69356aaf5b8c4cbfb7931974dbfe993ac5a0d35b952dcff96ef_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-3635"
},
{
"category": "external",
"summary": "RHBZ#2229295",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2229295"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-3635",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3635"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-3635",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-3635"
}
],
"release_date": "2023-07-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-12T21:30:49+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:041378931ee0602b7bacc1b1a469e9bac97cdb77c73249e7ed6b1ab22d63a73e_ppc64le",
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:7c44847ee88c3ca6b55302fdd28a9fc643f32213ce47a43f7d34d72e1fb56cd4_amd64",
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:7cbaeaa9210ac27b797bf14b81d77cd2ee90fc0e346320f9c914f6718bf60612_s390x",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:15bba1a42e790bad55c8290712b3f36abb45975dd793fc107cda8baeb19db5f8_ppc64le",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:65a064cf2946861ba6b00d3ed60d399b3c37273d8dca7cda0fb4f969657f9a64_amd64",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:edac785793c2b5e87d0f7ffeea7bf5129f4958189591e78619f94df7903bd8af_s390x",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:8ec2a46b1ecf52e944e7ee44bf8275b72f09c71c48d93ee8220f09b3df013f09_amd64",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:9fa9ef8ccbf060e44bee2650980acd58db5b8ab7a75321dcc5a015774a4d0d9b_s390x",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:eccc09d2f5ebcca7748048c68ff36663b07bbf77db698dabb1208532c2ced7a6_ppc64le",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:124f570a143c892b2a50a3c8d451978d0127eefdf7905cfd6684110b2bbe283b_amd64",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:88bf479fe7aed60a3699ff6ddbec895515497cf4a4598e4535d2ece9ab3d403f_ppc64le",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:9aa2faf93b2dad63b141578afd220505c2f091c3498230b2fcc12827f3b87936_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:6c28b6264a66507e2d73500ad8f4c78163e450557bed1eea8cdc964e0233aee5_ppc64le",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:a58107d4a183fc02637b9f04ca63e71ec61ff93a6f098616bae7c3c8e7488faa_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:dcd45d89d8e8a7ab39a1ad2832f97ff46e8b1748991f32b2801eaad9f6eff8ba_amd64",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:2d19a94c9ed47a01cfbacdb6f555b748b2dfb5f789eb74a44b6e88ddf34e6ad2_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:7b9ffae5f1155a111ded6d4da37e2f1cf7252e01399b8af219c4005fdae08433_ppc64le",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:95ebe1eee34c39cb97ee35f587be06c801bc1df2799ff22957850484a374eef3_amd64",
"8Base-RHOSDS-3:devspaces/idea-rhel8@sha256:5900bae4a8f3937cc2cbe18fe3f9a0e67f9fbe45698a489be10ade4898654512_amd64",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:1a60b0526a5a224f3459a2543a126196e023cb72766459240cadb330552e135c_amd64",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:6d7ec3176c60abff3cb7dc0c42f01de3422279830992036eabd2ba4cc7239244_ppc64le",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:ce32303628b801de3c130ecf8dcd182fd242f269864879ddd0ddf43f83f4b76a_s390x",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:050219134f2c59c7be2109eb20e75dae9d92b930844afe794cee6a8e7751b724_amd64",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:16dec22235b1cc87f280b78f9f96842aa3980c3c3a76bf6aeb73ab0c02b198f7_ppc64le",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:bd454a1865e6b140fa803c6009624db373b38859ea33f12fcd5a23ab90e19b81_s390x",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:2f4ce15fd04dc92de55196f24faf69c34d17c972f8b031a9563fe6970ef92639_amd64",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:3842954883b1bded547b0026745b5c103321a90ae1902bcdb37705a1986cf9c8_s390x",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:71a8618a93f82f437c726f649fc7de98465482e21b77ea06c272d29ef02fed16_ppc64le",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:324aa225723803002a2380488b075451cd60a8842946ea2d5159ad4ce2244aaa_s390x",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:72b9652056ada0c3360c4f04d46afde5acdcc06c993cda71f8e1e6aaa79bb235_amd64",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:c150d401685f3d7f2bfdd03927591295c8d7f82e6e2bc410cc4dc314f9900e67_ppc64le",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:52ff9a81170acfd97df4451aef4830dd5b7474711233d892888b8424982bd158_s390x",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:67efa1d8929e5f38078357ba1aa17bca1cfa65460f478bafed142afceea0269a_amd64",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:c26001afd728fa38fe3fd0842a1767d388b789f66b0272c335f0ef6e1e852c64_ppc64le",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:43a9111fa0579cc4ab1dc253077af73fb1e76beb963e99bbfdb30dc57ae3c5ef_ppc64le",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:4be81ccd4ce15e23487a0fcac930141c434f26795f102af608561f6fa4f36661_s390x",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:82b9a9f22dfbd69356aaf5b8c4cbfb7931974dbfe993ac5a0d35b952dcff96ef_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6667"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:041378931ee0602b7bacc1b1a469e9bac97cdb77c73249e7ed6b1ab22d63a73e_ppc64le",
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:7c44847ee88c3ca6b55302fdd28a9fc643f32213ce47a43f7d34d72e1fb56cd4_amd64",
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:7cbaeaa9210ac27b797bf14b81d77cd2ee90fc0e346320f9c914f6718bf60612_s390x",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:15bba1a42e790bad55c8290712b3f36abb45975dd793fc107cda8baeb19db5f8_ppc64le",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:65a064cf2946861ba6b00d3ed60d399b3c37273d8dca7cda0fb4f969657f9a64_amd64",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:edac785793c2b5e87d0f7ffeea7bf5129f4958189591e78619f94df7903bd8af_s390x",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:8ec2a46b1ecf52e944e7ee44bf8275b72f09c71c48d93ee8220f09b3df013f09_amd64",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:9fa9ef8ccbf060e44bee2650980acd58db5b8ab7a75321dcc5a015774a4d0d9b_s390x",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:eccc09d2f5ebcca7748048c68ff36663b07bbf77db698dabb1208532c2ced7a6_ppc64le",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:124f570a143c892b2a50a3c8d451978d0127eefdf7905cfd6684110b2bbe283b_amd64",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:88bf479fe7aed60a3699ff6ddbec895515497cf4a4598e4535d2ece9ab3d403f_ppc64le",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:9aa2faf93b2dad63b141578afd220505c2f091c3498230b2fcc12827f3b87936_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:6c28b6264a66507e2d73500ad8f4c78163e450557bed1eea8cdc964e0233aee5_ppc64le",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:a58107d4a183fc02637b9f04ca63e71ec61ff93a6f098616bae7c3c8e7488faa_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:dcd45d89d8e8a7ab39a1ad2832f97ff46e8b1748991f32b2801eaad9f6eff8ba_amd64",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:2d19a94c9ed47a01cfbacdb6f555b748b2dfb5f789eb74a44b6e88ddf34e6ad2_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:7b9ffae5f1155a111ded6d4da37e2f1cf7252e01399b8af219c4005fdae08433_ppc64le",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:95ebe1eee34c39cb97ee35f587be06c801bc1df2799ff22957850484a374eef3_amd64",
"8Base-RHOSDS-3:devspaces/idea-rhel8@sha256:5900bae4a8f3937cc2cbe18fe3f9a0e67f9fbe45698a489be10ade4898654512_amd64",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:1a60b0526a5a224f3459a2543a126196e023cb72766459240cadb330552e135c_amd64",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:6d7ec3176c60abff3cb7dc0c42f01de3422279830992036eabd2ba4cc7239244_ppc64le",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:ce32303628b801de3c130ecf8dcd182fd242f269864879ddd0ddf43f83f4b76a_s390x",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:050219134f2c59c7be2109eb20e75dae9d92b930844afe794cee6a8e7751b724_amd64",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:16dec22235b1cc87f280b78f9f96842aa3980c3c3a76bf6aeb73ab0c02b198f7_ppc64le",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:bd454a1865e6b140fa803c6009624db373b38859ea33f12fcd5a23ab90e19b81_s390x",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:2f4ce15fd04dc92de55196f24faf69c34d17c972f8b031a9563fe6970ef92639_amd64",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:3842954883b1bded547b0026745b5c103321a90ae1902bcdb37705a1986cf9c8_s390x",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:71a8618a93f82f437c726f649fc7de98465482e21b77ea06c272d29ef02fed16_ppc64le",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:324aa225723803002a2380488b075451cd60a8842946ea2d5159ad4ce2244aaa_s390x",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:72b9652056ada0c3360c4f04d46afde5acdcc06c993cda71f8e1e6aaa79bb235_amd64",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:c150d401685f3d7f2bfdd03927591295c8d7f82e6e2bc410cc4dc314f9900e67_ppc64le",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:52ff9a81170acfd97df4451aef4830dd5b7474711233d892888b8424982bd158_s390x",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:67efa1d8929e5f38078357ba1aa17bca1cfa65460f478bafed142afceea0269a_amd64",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:c26001afd728fa38fe3fd0842a1767d388b789f66b0272c335f0ef6e1e852c64_ppc64le",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:43a9111fa0579cc4ab1dc253077af73fb1e76beb963e99bbfdb30dc57ae3c5ef_ppc64le",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:4be81ccd4ce15e23487a0fcac930141c434f26795f102af608561f6fa4f36661_s390x",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:82b9a9f22dfbd69356aaf5b8c4cbfb7931974dbfe993ac5a0d35b952dcff96ef_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "okio: GzipSource class improper exception handling"
},
{
"cve": "CVE-2024-6345",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2024-07-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2297771"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the package_index module of pypa/setuptools. Affected versions of this package allow remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptible to code injection. If these functions are exposed to user-controlled inputs, such as package URLs, they can execute arbitrary commands on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "pypa/setuptools: Remote code execution via download functions in the package_index module in pypa/setuptools",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack does not include setuptools. The ImcSdk component uses it only during compile time in our build systems, and we do not support recompiling SRPMs. As a result, Red Hat OpenStack is not affected by this flaw.\n\nPython 2.7.18 was marked End of Life on 04/20/2020. No patches for Python 2 would be made available.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:041378931ee0602b7bacc1b1a469e9bac97cdb77c73249e7ed6b1ab22d63a73e_ppc64le",
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:7c44847ee88c3ca6b55302fdd28a9fc643f32213ce47a43f7d34d72e1fb56cd4_amd64",
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:7cbaeaa9210ac27b797bf14b81d77cd2ee90fc0e346320f9c914f6718bf60612_s390x",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:15bba1a42e790bad55c8290712b3f36abb45975dd793fc107cda8baeb19db5f8_ppc64le",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:65a064cf2946861ba6b00d3ed60d399b3c37273d8dca7cda0fb4f969657f9a64_amd64",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:edac785793c2b5e87d0f7ffeea7bf5129f4958189591e78619f94df7903bd8af_s390x",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:8ec2a46b1ecf52e944e7ee44bf8275b72f09c71c48d93ee8220f09b3df013f09_amd64",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:9fa9ef8ccbf060e44bee2650980acd58db5b8ab7a75321dcc5a015774a4d0d9b_s390x",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:eccc09d2f5ebcca7748048c68ff36663b07bbf77db698dabb1208532c2ced7a6_ppc64le",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:124f570a143c892b2a50a3c8d451978d0127eefdf7905cfd6684110b2bbe283b_amd64",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:88bf479fe7aed60a3699ff6ddbec895515497cf4a4598e4535d2ece9ab3d403f_ppc64le",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:9aa2faf93b2dad63b141578afd220505c2f091c3498230b2fcc12827f3b87936_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:6c28b6264a66507e2d73500ad8f4c78163e450557bed1eea8cdc964e0233aee5_ppc64le",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:a58107d4a183fc02637b9f04ca63e71ec61ff93a6f098616bae7c3c8e7488faa_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:dcd45d89d8e8a7ab39a1ad2832f97ff46e8b1748991f32b2801eaad9f6eff8ba_amd64",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:2d19a94c9ed47a01cfbacdb6f555b748b2dfb5f789eb74a44b6e88ddf34e6ad2_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:7b9ffae5f1155a111ded6d4da37e2f1cf7252e01399b8af219c4005fdae08433_ppc64le",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:95ebe1eee34c39cb97ee35f587be06c801bc1df2799ff22957850484a374eef3_amd64",
"8Base-RHOSDS-3:devspaces/idea-rhel8@sha256:5900bae4a8f3937cc2cbe18fe3f9a0e67f9fbe45698a489be10ade4898654512_amd64",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:1a60b0526a5a224f3459a2543a126196e023cb72766459240cadb330552e135c_amd64",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:6d7ec3176c60abff3cb7dc0c42f01de3422279830992036eabd2ba4cc7239244_ppc64le",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:ce32303628b801de3c130ecf8dcd182fd242f269864879ddd0ddf43f83f4b76a_s390x",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:050219134f2c59c7be2109eb20e75dae9d92b930844afe794cee6a8e7751b724_amd64",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:16dec22235b1cc87f280b78f9f96842aa3980c3c3a76bf6aeb73ab0c02b198f7_ppc64le",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:bd454a1865e6b140fa803c6009624db373b38859ea33f12fcd5a23ab90e19b81_s390x",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:2f4ce15fd04dc92de55196f24faf69c34d17c972f8b031a9563fe6970ef92639_amd64",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:3842954883b1bded547b0026745b5c103321a90ae1902bcdb37705a1986cf9c8_s390x",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:71a8618a93f82f437c726f649fc7de98465482e21b77ea06c272d29ef02fed16_ppc64le",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:324aa225723803002a2380488b075451cd60a8842946ea2d5159ad4ce2244aaa_s390x",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:72b9652056ada0c3360c4f04d46afde5acdcc06c993cda71f8e1e6aaa79bb235_amd64",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:c150d401685f3d7f2bfdd03927591295c8d7f82e6e2bc410cc4dc314f9900e67_ppc64le",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:52ff9a81170acfd97df4451aef4830dd5b7474711233d892888b8424982bd158_s390x",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:67efa1d8929e5f38078357ba1aa17bca1cfa65460f478bafed142afceea0269a_amd64",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:c26001afd728fa38fe3fd0842a1767d388b789f66b0272c335f0ef6e1e852c64_ppc64le",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:43a9111fa0579cc4ab1dc253077af73fb1e76beb963e99bbfdb30dc57ae3c5ef_ppc64le",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:4be81ccd4ce15e23487a0fcac930141c434f26795f102af608561f6fa4f36661_s390x",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:82b9a9f22dfbd69356aaf5b8c4cbfb7931974dbfe993ac5a0d35b952dcff96ef_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-6345"
},
{
"category": "external",
"summary": "RHBZ#2297771",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297771"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-6345",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6345"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-6345",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6345"
},
{
"category": "external",
"summary": "https://github.com/pypa/setuptools/commit/88807c7062788254f654ea8c03427adc859321f0",
"url": "https://github.com/pypa/setuptools/commit/88807c7062788254f654ea8c03427adc859321f0"
},
{
"category": "external",
"summary": "https://huntr.com/bounties/d6362117-ad57-4e83-951f-b8141c6e7ca5",
"url": "https://huntr.com/bounties/d6362117-ad57-4e83-951f-b8141c6e7ca5"
}
],
"release_date": "2024-07-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-12T21:30:49+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:041378931ee0602b7bacc1b1a469e9bac97cdb77c73249e7ed6b1ab22d63a73e_ppc64le",
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:7c44847ee88c3ca6b55302fdd28a9fc643f32213ce47a43f7d34d72e1fb56cd4_amd64",
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:7cbaeaa9210ac27b797bf14b81d77cd2ee90fc0e346320f9c914f6718bf60612_s390x",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:15bba1a42e790bad55c8290712b3f36abb45975dd793fc107cda8baeb19db5f8_ppc64le",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:65a064cf2946861ba6b00d3ed60d399b3c37273d8dca7cda0fb4f969657f9a64_amd64",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:edac785793c2b5e87d0f7ffeea7bf5129f4958189591e78619f94df7903bd8af_s390x",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:8ec2a46b1ecf52e944e7ee44bf8275b72f09c71c48d93ee8220f09b3df013f09_amd64",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:9fa9ef8ccbf060e44bee2650980acd58db5b8ab7a75321dcc5a015774a4d0d9b_s390x",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:eccc09d2f5ebcca7748048c68ff36663b07bbf77db698dabb1208532c2ced7a6_ppc64le",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:124f570a143c892b2a50a3c8d451978d0127eefdf7905cfd6684110b2bbe283b_amd64",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:88bf479fe7aed60a3699ff6ddbec895515497cf4a4598e4535d2ece9ab3d403f_ppc64le",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:9aa2faf93b2dad63b141578afd220505c2f091c3498230b2fcc12827f3b87936_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:6c28b6264a66507e2d73500ad8f4c78163e450557bed1eea8cdc964e0233aee5_ppc64le",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:a58107d4a183fc02637b9f04ca63e71ec61ff93a6f098616bae7c3c8e7488faa_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:dcd45d89d8e8a7ab39a1ad2832f97ff46e8b1748991f32b2801eaad9f6eff8ba_amd64",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:2d19a94c9ed47a01cfbacdb6f555b748b2dfb5f789eb74a44b6e88ddf34e6ad2_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:7b9ffae5f1155a111ded6d4da37e2f1cf7252e01399b8af219c4005fdae08433_ppc64le",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:95ebe1eee34c39cb97ee35f587be06c801bc1df2799ff22957850484a374eef3_amd64",
"8Base-RHOSDS-3:devspaces/idea-rhel8@sha256:5900bae4a8f3937cc2cbe18fe3f9a0e67f9fbe45698a489be10ade4898654512_amd64",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:1a60b0526a5a224f3459a2543a126196e023cb72766459240cadb330552e135c_amd64",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:6d7ec3176c60abff3cb7dc0c42f01de3422279830992036eabd2ba4cc7239244_ppc64le",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:ce32303628b801de3c130ecf8dcd182fd242f269864879ddd0ddf43f83f4b76a_s390x",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:050219134f2c59c7be2109eb20e75dae9d92b930844afe794cee6a8e7751b724_amd64",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:16dec22235b1cc87f280b78f9f96842aa3980c3c3a76bf6aeb73ab0c02b198f7_ppc64le",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:bd454a1865e6b140fa803c6009624db373b38859ea33f12fcd5a23ab90e19b81_s390x",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:2f4ce15fd04dc92de55196f24faf69c34d17c972f8b031a9563fe6970ef92639_amd64",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:3842954883b1bded547b0026745b5c103321a90ae1902bcdb37705a1986cf9c8_s390x",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:71a8618a93f82f437c726f649fc7de98465482e21b77ea06c272d29ef02fed16_ppc64le",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:324aa225723803002a2380488b075451cd60a8842946ea2d5159ad4ce2244aaa_s390x",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:72b9652056ada0c3360c4f04d46afde5acdcc06c993cda71f8e1e6aaa79bb235_amd64",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:c150d401685f3d7f2bfdd03927591295c8d7f82e6e2bc410cc4dc314f9900e67_ppc64le",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:52ff9a81170acfd97df4451aef4830dd5b7474711233d892888b8424982bd158_s390x",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:67efa1d8929e5f38078357ba1aa17bca1cfa65460f478bafed142afceea0269a_amd64",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:c26001afd728fa38fe3fd0842a1767d388b789f66b0272c335f0ef6e1e852c64_ppc64le",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:43a9111fa0579cc4ab1dc253077af73fb1e76beb963e99bbfdb30dc57ae3c5ef_ppc64le",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:4be81ccd4ce15e23487a0fcac930141c434f26795f102af608561f6fa4f36661_s390x",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:82b9a9f22dfbd69356aaf5b8c4cbfb7931974dbfe993ac5a0d35b952dcff96ef_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6667"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:041378931ee0602b7bacc1b1a469e9bac97cdb77c73249e7ed6b1ab22d63a73e_ppc64le",
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:7c44847ee88c3ca6b55302fdd28a9fc643f32213ce47a43f7d34d72e1fb56cd4_amd64",
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:7cbaeaa9210ac27b797bf14b81d77cd2ee90fc0e346320f9c914f6718bf60612_s390x",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:15bba1a42e790bad55c8290712b3f36abb45975dd793fc107cda8baeb19db5f8_ppc64le",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:65a064cf2946861ba6b00d3ed60d399b3c37273d8dca7cda0fb4f969657f9a64_amd64",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:edac785793c2b5e87d0f7ffeea7bf5129f4958189591e78619f94df7903bd8af_s390x",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:8ec2a46b1ecf52e944e7ee44bf8275b72f09c71c48d93ee8220f09b3df013f09_amd64",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:9fa9ef8ccbf060e44bee2650980acd58db5b8ab7a75321dcc5a015774a4d0d9b_s390x",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:eccc09d2f5ebcca7748048c68ff36663b07bbf77db698dabb1208532c2ced7a6_ppc64le",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:124f570a143c892b2a50a3c8d451978d0127eefdf7905cfd6684110b2bbe283b_amd64",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:88bf479fe7aed60a3699ff6ddbec895515497cf4a4598e4535d2ece9ab3d403f_ppc64le",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:9aa2faf93b2dad63b141578afd220505c2f091c3498230b2fcc12827f3b87936_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:6c28b6264a66507e2d73500ad8f4c78163e450557bed1eea8cdc964e0233aee5_ppc64le",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:a58107d4a183fc02637b9f04ca63e71ec61ff93a6f098616bae7c3c8e7488faa_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:dcd45d89d8e8a7ab39a1ad2832f97ff46e8b1748991f32b2801eaad9f6eff8ba_amd64",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:2d19a94c9ed47a01cfbacdb6f555b748b2dfb5f789eb74a44b6e88ddf34e6ad2_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:7b9ffae5f1155a111ded6d4da37e2f1cf7252e01399b8af219c4005fdae08433_ppc64le",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:95ebe1eee34c39cb97ee35f587be06c801bc1df2799ff22957850484a374eef3_amd64",
"8Base-RHOSDS-3:devspaces/idea-rhel8@sha256:5900bae4a8f3937cc2cbe18fe3f9a0e67f9fbe45698a489be10ade4898654512_amd64",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:1a60b0526a5a224f3459a2543a126196e023cb72766459240cadb330552e135c_amd64",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:6d7ec3176c60abff3cb7dc0c42f01de3422279830992036eabd2ba4cc7239244_ppc64le",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:ce32303628b801de3c130ecf8dcd182fd242f269864879ddd0ddf43f83f4b76a_s390x",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:050219134f2c59c7be2109eb20e75dae9d92b930844afe794cee6a8e7751b724_amd64",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:16dec22235b1cc87f280b78f9f96842aa3980c3c3a76bf6aeb73ab0c02b198f7_ppc64le",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:bd454a1865e6b140fa803c6009624db373b38859ea33f12fcd5a23ab90e19b81_s390x",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:2f4ce15fd04dc92de55196f24faf69c34d17c972f8b031a9563fe6970ef92639_amd64",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:3842954883b1bded547b0026745b5c103321a90ae1902bcdb37705a1986cf9c8_s390x",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:71a8618a93f82f437c726f649fc7de98465482e21b77ea06c272d29ef02fed16_ppc64le",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:324aa225723803002a2380488b075451cd60a8842946ea2d5159ad4ce2244aaa_s390x",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:72b9652056ada0c3360c4f04d46afde5acdcc06c993cda71f8e1e6aaa79bb235_amd64",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:c150d401685f3d7f2bfdd03927591295c8d7f82e6e2bc410cc4dc314f9900e67_ppc64le",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:52ff9a81170acfd97df4451aef4830dd5b7474711233d892888b8424982bd158_s390x",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:67efa1d8929e5f38078357ba1aa17bca1cfa65460f478bafed142afceea0269a_amd64",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:c26001afd728fa38fe3fd0842a1767d388b789f66b0272c335f0ef6e1e852c64_ppc64le",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:43a9111fa0579cc4ab1dc253077af73fb1e76beb963e99bbfdb30dc57ae3c5ef_ppc64le",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:4be81ccd4ce15e23487a0fcac930141c434f26795f102af608561f6fa4f36661_s390x",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:82b9a9f22dfbd69356aaf5b8c4cbfb7931974dbfe993ac5a0d35b952dcff96ef_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:041378931ee0602b7bacc1b1a469e9bac97cdb77c73249e7ed6b1ab22d63a73e_ppc64le",
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:7c44847ee88c3ca6b55302fdd28a9fc643f32213ce47a43f7d34d72e1fb56cd4_amd64",
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:7cbaeaa9210ac27b797bf14b81d77cd2ee90fc0e346320f9c914f6718bf60612_s390x",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:15bba1a42e790bad55c8290712b3f36abb45975dd793fc107cda8baeb19db5f8_ppc64le",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:65a064cf2946861ba6b00d3ed60d399b3c37273d8dca7cda0fb4f969657f9a64_amd64",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:edac785793c2b5e87d0f7ffeea7bf5129f4958189591e78619f94df7903bd8af_s390x",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:8ec2a46b1ecf52e944e7ee44bf8275b72f09c71c48d93ee8220f09b3df013f09_amd64",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:9fa9ef8ccbf060e44bee2650980acd58db5b8ab7a75321dcc5a015774a4d0d9b_s390x",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:eccc09d2f5ebcca7748048c68ff36663b07bbf77db698dabb1208532c2ced7a6_ppc64le",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:124f570a143c892b2a50a3c8d451978d0127eefdf7905cfd6684110b2bbe283b_amd64",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:88bf479fe7aed60a3699ff6ddbec895515497cf4a4598e4535d2ece9ab3d403f_ppc64le",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:9aa2faf93b2dad63b141578afd220505c2f091c3498230b2fcc12827f3b87936_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:6c28b6264a66507e2d73500ad8f4c78163e450557bed1eea8cdc964e0233aee5_ppc64le",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:a58107d4a183fc02637b9f04ca63e71ec61ff93a6f098616bae7c3c8e7488faa_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:dcd45d89d8e8a7ab39a1ad2832f97ff46e8b1748991f32b2801eaad9f6eff8ba_amd64",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:2d19a94c9ed47a01cfbacdb6f555b748b2dfb5f789eb74a44b6e88ddf34e6ad2_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:7b9ffae5f1155a111ded6d4da37e2f1cf7252e01399b8af219c4005fdae08433_ppc64le",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:95ebe1eee34c39cb97ee35f587be06c801bc1df2799ff22957850484a374eef3_amd64",
"8Base-RHOSDS-3:devspaces/idea-rhel8@sha256:5900bae4a8f3937cc2cbe18fe3f9a0e67f9fbe45698a489be10ade4898654512_amd64",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:1a60b0526a5a224f3459a2543a126196e023cb72766459240cadb330552e135c_amd64",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:6d7ec3176c60abff3cb7dc0c42f01de3422279830992036eabd2ba4cc7239244_ppc64le",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:ce32303628b801de3c130ecf8dcd182fd242f269864879ddd0ddf43f83f4b76a_s390x",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:050219134f2c59c7be2109eb20e75dae9d92b930844afe794cee6a8e7751b724_amd64",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:16dec22235b1cc87f280b78f9f96842aa3980c3c3a76bf6aeb73ab0c02b198f7_ppc64le",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:bd454a1865e6b140fa803c6009624db373b38859ea33f12fcd5a23ab90e19b81_s390x",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:2f4ce15fd04dc92de55196f24faf69c34d17c972f8b031a9563fe6970ef92639_amd64",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:3842954883b1bded547b0026745b5c103321a90ae1902bcdb37705a1986cf9c8_s390x",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:71a8618a93f82f437c726f649fc7de98465482e21b77ea06c272d29ef02fed16_ppc64le",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:324aa225723803002a2380488b075451cd60a8842946ea2d5159ad4ce2244aaa_s390x",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:72b9652056ada0c3360c4f04d46afde5acdcc06c993cda71f8e1e6aaa79bb235_amd64",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:c150d401685f3d7f2bfdd03927591295c8d7f82e6e2bc410cc4dc314f9900e67_ppc64le",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:52ff9a81170acfd97df4451aef4830dd5b7474711233d892888b8424982bd158_s390x",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:67efa1d8929e5f38078357ba1aa17bca1cfa65460f478bafed142afceea0269a_amd64",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:c26001afd728fa38fe3fd0842a1767d388b789f66b0272c335f0ef6e1e852c64_ppc64le",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:43a9111fa0579cc4ab1dc253077af73fb1e76beb963e99bbfdb30dc57ae3c5ef_ppc64le",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:4be81ccd4ce15e23487a0fcac930141c434f26795f102af608561f6fa4f36661_s390x",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:82b9a9f22dfbd69356aaf5b8c4cbfb7931974dbfe993ac5a0d35b952dcff96ef_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "pypa/setuptools: Remote code execution via download functions in the package_index module in pypa/setuptools"
},
{
"cve": "CVE-2024-22234",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2024-02-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:041378931ee0602b7bacc1b1a469e9bac97cdb77c73249e7ed6b1ab22d63a73e_ppc64le",
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:7c44847ee88c3ca6b55302fdd28a9fc643f32213ce47a43f7d34d72e1fb56cd4_amd64",
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:7cbaeaa9210ac27b797bf14b81d77cd2ee90fc0e346320f9c914f6718bf60612_s390x",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:15bba1a42e790bad55c8290712b3f36abb45975dd793fc107cda8baeb19db5f8_ppc64le",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:65a064cf2946861ba6b00d3ed60d399b3c37273d8dca7cda0fb4f969657f9a64_amd64",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:edac785793c2b5e87d0f7ffeea7bf5129f4958189591e78619f94df7903bd8af_s390x",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:8ec2a46b1ecf52e944e7ee44bf8275b72f09c71c48d93ee8220f09b3df013f09_amd64",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:9fa9ef8ccbf060e44bee2650980acd58db5b8ab7a75321dcc5a015774a4d0d9b_s390x",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:eccc09d2f5ebcca7748048c68ff36663b07bbf77db698dabb1208532c2ced7a6_ppc64le",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:124f570a143c892b2a50a3c8d451978d0127eefdf7905cfd6684110b2bbe283b_amd64",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:88bf479fe7aed60a3699ff6ddbec895515497cf4a4598e4535d2ece9ab3d403f_ppc64le",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:9aa2faf93b2dad63b141578afd220505c2f091c3498230b2fcc12827f3b87936_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:6c28b6264a66507e2d73500ad8f4c78163e450557bed1eea8cdc964e0233aee5_ppc64le",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:a58107d4a183fc02637b9f04ca63e71ec61ff93a6f098616bae7c3c8e7488faa_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:dcd45d89d8e8a7ab39a1ad2832f97ff46e8b1748991f32b2801eaad9f6eff8ba_amd64",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:2d19a94c9ed47a01cfbacdb6f555b748b2dfb5f789eb74a44b6e88ddf34e6ad2_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:7b9ffae5f1155a111ded6d4da37e2f1cf7252e01399b8af219c4005fdae08433_ppc64le",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:95ebe1eee34c39cb97ee35f587be06c801bc1df2799ff22957850484a374eef3_amd64",
"8Base-RHOSDS-3:devspaces/idea-rhel8@sha256:5900bae4a8f3937cc2cbe18fe3f9a0e67f9fbe45698a489be10ade4898654512_amd64",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:1a60b0526a5a224f3459a2543a126196e023cb72766459240cadb330552e135c_amd64",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:6d7ec3176c60abff3cb7dc0c42f01de3422279830992036eabd2ba4cc7239244_ppc64le",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:ce32303628b801de3c130ecf8dcd182fd242f269864879ddd0ddf43f83f4b76a_s390x",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:050219134f2c59c7be2109eb20e75dae9d92b930844afe794cee6a8e7751b724_amd64",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:16dec22235b1cc87f280b78f9f96842aa3980c3c3a76bf6aeb73ab0c02b198f7_ppc64le",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:bd454a1865e6b140fa803c6009624db373b38859ea33f12fcd5a23ab90e19b81_s390x",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:324aa225723803002a2380488b075451cd60a8842946ea2d5159ad4ce2244aaa_s390x",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:72b9652056ada0c3360c4f04d46afde5acdcc06c993cda71f8e1e6aaa79bb235_amd64",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:c150d401685f3d7f2bfdd03927591295c8d7f82e6e2bc410cc4dc314f9900e67_ppc64le",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:52ff9a81170acfd97df4451aef4830dd5b7474711233d892888b8424982bd158_s390x",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:67efa1d8929e5f38078357ba1aa17bca1cfa65460f478bafed142afceea0269a_amd64",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:c26001afd728fa38fe3fd0842a1767d388b789f66b0272c335f0ef6e1e852c64_ppc64le",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:43a9111fa0579cc4ab1dc253077af73fb1e76beb963e99bbfdb30dc57ae3c5ef_ppc64le",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:4be81ccd4ce15e23487a0fcac930141c434f26795f102af608561f6fa4f36661_s390x",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:82b9a9f22dfbd69356aaf5b8c4cbfb7931974dbfe993ac5a0d35b952dcff96ef_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2265172"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Spring Security. This issue may lead to Broken Access Control, allowing a malicious user to impact the Confidentiality and Integrity of an application or server. This requires the application to use AuthenticationTrustResolver.isFullyAuthenticated(Authentication) directly and have a null authentication parameter passed to it, resulting in an erroneous true return value.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "spring-security: Broken Access Control in Spring Security With Direct Use of isFullyAuthenticated",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat considers this as a Moderate impact since it requires the malicious user to have knowledge of how a server implements the authentication resolver from Spring Security. A validation is also suggested to make sure there are no null parameters and no erroneous true is triggered from this method.\n\nAn application is not vulnerable if any of the following are true:\n- The application does not use AuthenticationTrustResolver.isFullyAuthenticated(Authentication) directly\n- The application does not pass null to AuthenticationTrustResolver.isFullyAuthenticated\n- The application only uses isFullyAuthenticated via Method Security or HTTP Request Security",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:2f4ce15fd04dc92de55196f24faf69c34d17c972f8b031a9563fe6970ef92639_amd64",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:3842954883b1bded547b0026745b5c103321a90ae1902bcdb37705a1986cf9c8_s390x",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:71a8618a93f82f437c726f649fc7de98465482e21b77ea06c272d29ef02fed16_ppc64le"
],
"known_not_affected": [
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:041378931ee0602b7bacc1b1a469e9bac97cdb77c73249e7ed6b1ab22d63a73e_ppc64le",
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:7c44847ee88c3ca6b55302fdd28a9fc643f32213ce47a43f7d34d72e1fb56cd4_amd64",
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:7cbaeaa9210ac27b797bf14b81d77cd2ee90fc0e346320f9c914f6718bf60612_s390x",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:15bba1a42e790bad55c8290712b3f36abb45975dd793fc107cda8baeb19db5f8_ppc64le",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:65a064cf2946861ba6b00d3ed60d399b3c37273d8dca7cda0fb4f969657f9a64_amd64",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:edac785793c2b5e87d0f7ffeea7bf5129f4958189591e78619f94df7903bd8af_s390x",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:8ec2a46b1ecf52e944e7ee44bf8275b72f09c71c48d93ee8220f09b3df013f09_amd64",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:9fa9ef8ccbf060e44bee2650980acd58db5b8ab7a75321dcc5a015774a4d0d9b_s390x",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:eccc09d2f5ebcca7748048c68ff36663b07bbf77db698dabb1208532c2ced7a6_ppc64le",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:124f570a143c892b2a50a3c8d451978d0127eefdf7905cfd6684110b2bbe283b_amd64",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:88bf479fe7aed60a3699ff6ddbec895515497cf4a4598e4535d2ece9ab3d403f_ppc64le",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:9aa2faf93b2dad63b141578afd220505c2f091c3498230b2fcc12827f3b87936_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:6c28b6264a66507e2d73500ad8f4c78163e450557bed1eea8cdc964e0233aee5_ppc64le",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:a58107d4a183fc02637b9f04ca63e71ec61ff93a6f098616bae7c3c8e7488faa_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:dcd45d89d8e8a7ab39a1ad2832f97ff46e8b1748991f32b2801eaad9f6eff8ba_amd64",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:2d19a94c9ed47a01cfbacdb6f555b748b2dfb5f789eb74a44b6e88ddf34e6ad2_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:7b9ffae5f1155a111ded6d4da37e2f1cf7252e01399b8af219c4005fdae08433_ppc64le",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:95ebe1eee34c39cb97ee35f587be06c801bc1df2799ff22957850484a374eef3_amd64",
"8Base-RHOSDS-3:devspaces/idea-rhel8@sha256:5900bae4a8f3937cc2cbe18fe3f9a0e67f9fbe45698a489be10ade4898654512_amd64",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:1a60b0526a5a224f3459a2543a126196e023cb72766459240cadb330552e135c_amd64",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:6d7ec3176c60abff3cb7dc0c42f01de3422279830992036eabd2ba4cc7239244_ppc64le",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:ce32303628b801de3c130ecf8dcd182fd242f269864879ddd0ddf43f83f4b76a_s390x",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:050219134f2c59c7be2109eb20e75dae9d92b930844afe794cee6a8e7751b724_amd64",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:16dec22235b1cc87f280b78f9f96842aa3980c3c3a76bf6aeb73ab0c02b198f7_ppc64le",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:bd454a1865e6b140fa803c6009624db373b38859ea33f12fcd5a23ab90e19b81_s390x",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:324aa225723803002a2380488b075451cd60a8842946ea2d5159ad4ce2244aaa_s390x",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:72b9652056ada0c3360c4f04d46afde5acdcc06c993cda71f8e1e6aaa79bb235_amd64",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:c150d401685f3d7f2bfdd03927591295c8d7f82e6e2bc410cc4dc314f9900e67_ppc64le",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:52ff9a81170acfd97df4451aef4830dd5b7474711233d892888b8424982bd158_s390x",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:67efa1d8929e5f38078357ba1aa17bca1cfa65460f478bafed142afceea0269a_amd64",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:c26001afd728fa38fe3fd0842a1767d388b789f66b0272c335f0ef6e1e852c64_ppc64le",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:43a9111fa0579cc4ab1dc253077af73fb1e76beb963e99bbfdb30dc57ae3c5ef_ppc64le",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:4be81ccd4ce15e23487a0fcac930141c434f26795f102af608561f6fa4f36661_s390x",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:82b9a9f22dfbd69356aaf5b8c4cbfb7931974dbfe993ac5a0d35b952dcff96ef_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-22234"
},
{
"category": "external",
"summary": "RHBZ#2265172",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265172"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-22234",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22234"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-22234",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22234"
},
{
"category": "external",
"summary": "https://spring.io/security/cve-2024-22234",
"url": "https://spring.io/security/cve-2024-22234"
}
],
"release_date": "2024-02-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-12T21:30:49+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:2f4ce15fd04dc92de55196f24faf69c34d17c972f8b031a9563fe6970ef92639_amd64",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:3842954883b1bded547b0026745b5c103321a90ae1902bcdb37705a1986cf9c8_s390x",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:71a8618a93f82f437c726f649fc7de98465482e21b77ea06c272d29ef02fed16_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6667"
},
{
"category": "workaround",
"details": "Make sure the application is not vulnerable according to the description bullet points mentioned in this page.",
"product_ids": [
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:041378931ee0602b7bacc1b1a469e9bac97cdb77c73249e7ed6b1ab22d63a73e_ppc64le",
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:7c44847ee88c3ca6b55302fdd28a9fc643f32213ce47a43f7d34d72e1fb56cd4_amd64",
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:7cbaeaa9210ac27b797bf14b81d77cd2ee90fc0e346320f9c914f6718bf60612_s390x",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:15bba1a42e790bad55c8290712b3f36abb45975dd793fc107cda8baeb19db5f8_ppc64le",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:65a064cf2946861ba6b00d3ed60d399b3c37273d8dca7cda0fb4f969657f9a64_amd64",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:edac785793c2b5e87d0f7ffeea7bf5129f4958189591e78619f94df7903bd8af_s390x",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:8ec2a46b1ecf52e944e7ee44bf8275b72f09c71c48d93ee8220f09b3df013f09_amd64",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:9fa9ef8ccbf060e44bee2650980acd58db5b8ab7a75321dcc5a015774a4d0d9b_s390x",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:eccc09d2f5ebcca7748048c68ff36663b07bbf77db698dabb1208532c2ced7a6_ppc64le",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:124f570a143c892b2a50a3c8d451978d0127eefdf7905cfd6684110b2bbe283b_amd64",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:88bf479fe7aed60a3699ff6ddbec895515497cf4a4598e4535d2ece9ab3d403f_ppc64le",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:9aa2faf93b2dad63b141578afd220505c2f091c3498230b2fcc12827f3b87936_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:6c28b6264a66507e2d73500ad8f4c78163e450557bed1eea8cdc964e0233aee5_ppc64le",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:a58107d4a183fc02637b9f04ca63e71ec61ff93a6f098616bae7c3c8e7488faa_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:dcd45d89d8e8a7ab39a1ad2832f97ff46e8b1748991f32b2801eaad9f6eff8ba_amd64",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:2d19a94c9ed47a01cfbacdb6f555b748b2dfb5f789eb74a44b6e88ddf34e6ad2_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:7b9ffae5f1155a111ded6d4da37e2f1cf7252e01399b8af219c4005fdae08433_ppc64le",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:95ebe1eee34c39cb97ee35f587be06c801bc1df2799ff22957850484a374eef3_amd64",
"8Base-RHOSDS-3:devspaces/idea-rhel8@sha256:5900bae4a8f3937cc2cbe18fe3f9a0e67f9fbe45698a489be10ade4898654512_amd64",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:1a60b0526a5a224f3459a2543a126196e023cb72766459240cadb330552e135c_amd64",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:6d7ec3176c60abff3cb7dc0c42f01de3422279830992036eabd2ba4cc7239244_ppc64le",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:ce32303628b801de3c130ecf8dcd182fd242f269864879ddd0ddf43f83f4b76a_s390x",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:050219134f2c59c7be2109eb20e75dae9d92b930844afe794cee6a8e7751b724_amd64",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:16dec22235b1cc87f280b78f9f96842aa3980c3c3a76bf6aeb73ab0c02b198f7_ppc64le",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:bd454a1865e6b140fa803c6009624db373b38859ea33f12fcd5a23ab90e19b81_s390x",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:2f4ce15fd04dc92de55196f24faf69c34d17c972f8b031a9563fe6970ef92639_amd64",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:3842954883b1bded547b0026745b5c103321a90ae1902bcdb37705a1986cf9c8_s390x",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:71a8618a93f82f437c726f649fc7de98465482e21b77ea06c272d29ef02fed16_ppc64le",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:324aa225723803002a2380488b075451cd60a8842946ea2d5159ad4ce2244aaa_s390x",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:72b9652056ada0c3360c4f04d46afde5acdcc06c993cda71f8e1e6aaa79bb235_amd64",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:c150d401685f3d7f2bfdd03927591295c8d7f82e6e2bc410cc4dc314f9900e67_ppc64le",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:52ff9a81170acfd97df4451aef4830dd5b7474711233d892888b8424982bd158_s390x",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:67efa1d8929e5f38078357ba1aa17bca1cfa65460f478bafed142afceea0269a_amd64",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:c26001afd728fa38fe3fd0842a1767d388b789f66b0272c335f0ef6e1e852c64_ppc64le",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:43a9111fa0579cc4ab1dc253077af73fb1e76beb963e99bbfdb30dc57ae3c5ef_ppc64le",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:4be81ccd4ce15e23487a0fcac930141c434f26795f102af608561f6fa4f36661_s390x",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:82b9a9f22dfbd69356aaf5b8c4cbfb7931974dbfe993ac5a0d35b952dcff96ef_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:041378931ee0602b7bacc1b1a469e9bac97cdb77c73249e7ed6b1ab22d63a73e_ppc64le",
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:7c44847ee88c3ca6b55302fdd28a9fc643f32213ce47a43f7d34d72e1fb56cd4_amd64",
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:7cbaeaa9210ac27b797bf14b81d77cd2ee90fc0e346320f9c914f6718bf60612_s390x",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:15bba1a42e790bad55c8290712b3f36abb45975dd793fc107cda8baeb19db5f8_ppc64le",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:65a064cf2946861ba6b00d3ed60d399b3c37273d8dca7cda0fb4f969657f9a64_amd64",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:edac785793c2b5e87d0f7ffeea7bf5129f4958189591e78619f94df7903bd8af_s390x",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:8ec2a46b1ecf52e944e7ee44bf8275b72f09c71c48d93ee8220f09b3df013f09_amd64",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:9fa9ef8ccbf060e44bee2650980acd58db5b8ab7a75321dcc5a015774a4d0d9b_s390x",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:eccc09d2f5ebcca7748048c68ff36663b07bbf77db698dabb1208532c2ced7a6_ppc64le",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:124f570a143c892b2a50a3c8d451978d0127eefdf7905cfd6684110b2bbe283b_amd64",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:88bf479fe7aed60a3699ff6ddbec895515497cf4a4598e4535d2ece9ab3d403f_ppc64le",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:9aa2faf93b2dad63b141578afd220505c2f091c3498230b2fcc12827f3b87936_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:6c28b6264a66507e2d73500ad8f4c78163e450557bed1eea8cdc964e0233aee5_ppc64le",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:a58107d4a183fc02637b9f04ca63e71ec61ff93a6f098616bae7c3c8e7488faa_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:dcd45d89d8e8a7ab39a1ad2832f97ff46e8b1748991f32b2801eaad9f6eff8ba_amd64",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:2d19a94c9ed47a01cfbacdb6f555b748b2dfb5f789eb74a44b6e88ddf34e6ad2_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:7b9ffae5f1155a111ded6d4da37e2f1cf7252e01399b8af219c4005fdae08433_ppc64le",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:95ebe1eee34c39cb97ee35f587be06c801bc1df2799ff22957850484a374eef3_amd64",
"8Base-RHOSDS-3:devspaces/idea-rhel8@sha256:5900bae4a8f3937cc2cbe18fe3f9a0e67f9fbe45698a489be10ade4898654512_amd64",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:1a60b0526a5a224f3459a2543a126196e023cb72766459240cadb330552e135c_amd64",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:6d7ec3176c60abff3cb7dc0c42f01de3422279830992036eabd2ba4cc7239244_ppc64le",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:ce32303628b801de3c130ecf8dcd182fd242f269864879ddd0ddf43f83f4b76a_s390x",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:050219134f2c59c7be2109eb20e75dae9d92b930844afe794cee6a8e7751b724_amd64",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:16dec22235b1cc87f280b78f9f96842aa3980c3c3a76bf6aeb73ab0c02b198f7_ppc64le",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:bd454a1865e6b140fa803c6009624db373b38859ea33f12fcd5a23ab90e19b81_s390x",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:2f4ce15fd04dc92de55196f24faf69c34d17c972f8b031a9563fe6970ef92639_amd64",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:3842954883b1bded547b0026745b5c103321a90ae1902bcdb37705a1986cf9c8_s390x",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:71a8618a93f82f437c726f649fc7de98465482e21b77ea06c272d29ef02fed16_ppc64le",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:324aa225723803002a2380488b075451cd60a8842946ea2d5159ad4ce2244aaa_s390x",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:72b9652056ada0c3360c4f04d46afde5acdcc06c993cda71f8e1e6aaa79bb235_amd64",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:c150d401685f3d7f2bfdd03927591295c8d7f82e6e2bc410cc4dc314f9900e67_ppc64le",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:52ff9a81170acfd97df4451aef4830dd5b7474711233d892888b8424982bd158_s390x",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:67efa1d8929e5f38078357ba1aa17bca1cfa65460f478bafed142afceea0269a_amd64",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:c26001afd728fa38fe3fd0842a1767d388b789f66b0272c335f0ef6e1e852c64_ppc64le",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:43a9111fa0579cc4ab1dc253077af73fb1e76beb963e99bbfdb30dc57ae3c5ef_ppc64le",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:4be81ccd4ce15e23487a0fcac930141c434f26795f102af608561f6fa4f36661_s390x",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:82b9a9f22dfbd69356aaf5b8c4cbfb7931974dbfe993ac5a0d35b952dcff96ef_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "spring-security: Broken Access Control in Spring Security With Direct Use of isFullyAuthenticated"
},
{
"cve": "CVE-2024-30260",
"cwe": {
"id": "CWE-285",
"name": "Improper Authorization"
},
"discovery_date": "2024-04-04T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:041378931ee0602b7bacc1b1a469e9bac97cdb77c73249e7ed6b1ab22d63a73e_ppc64le",
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:7c44847ee88c3ca6b55302fdd28a9fc643f32213ce47a43f7d34d72e1fb56cd4_amd64",
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:7cbaeaa9210ac27b797bf14b81d77cd2ee90fc0e346320f9c914f6718bf60612_s390x",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:15bba1a42e790bad55c8290712b3f36abb45975dd793fc107cda8baeb19db5f8_ppc64le",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:65a064cf2946861ba6b00d3ed60d399b3c37273d8dca7cda0fb4f969657f9a64_amd64",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:edac785793c2b5e87d0f7ffeea7bf5129f4958189591e78619f94df7903bd8af_s390x",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:124f570a143c892b2a50a3c8d451978d0127eefdf7905cfd6684110b2bbe283b_amd64",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:88bf479fe7aed60a3699ff6ddbec895515497cf4a4598e4535d2ece9ab3d403f_ppc64le",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:9aa2faf93b2dad63b141578afd220505c2f091c3498230b2fcc12827f3b87936_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:6c28b6264a66507e2d73500ad8f4c78163e450557bed1eea8cdc964e0233aee5_ppc64le",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:a58107d4a183fc02637b9f04ca63e71ec61ff93a6f098616bae7c3c8e7488faa_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:dcd45d89d8e8a7ab39a1ad2832f97ff46e8b1748991f32b2801eaad9f6eff8ba_amd64",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:2d19a94c9ed47a01cfbacdb6f555b748b2dfb5f789eb74a44b6e88ddf34e6ad2_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:7b9ffae5f1155a111ded6d4da37e2f1cf7252e01399b8af219c4005fdae08433_ppc64le",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:95ebe1eee34c39cb97ee35f587be06c801bc1df2799ff22957850484a374eef3_amd64",
"8Base-RHOSDS-3:devspaces/idea-rhel8@sha256:5900bae4a8f3937cc2cbe18fe3f9a0e67f9fbe45698a489be10ade4898654512_amd64",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:1a60b0526a5a224f3459a2543a126196e023cb72766459240cadb330552e135c_amd64",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:6d7ec3176c60abff3cb7dc0c42f01de3422279830992036eabd2ba4cc7239244_ppc64le",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:ce32303628b801de3c130ecf8dcd182fd242f269864879ddd0ddf43f83f4b76a_s390x",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:050219134f2c59c7be2109eb20e75dae9d92b930844afe794cee6a8e7751b724_amd64",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:16dec22235b1cc87f280b78f9f96842aa3980c3c3a76bf6aeb73ab0c02b198f7_ppc64le",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:bd454a1865e6b140fa803c6009624db373b38859ea33f12fcd5a23ab90e19b81_s390x",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:2f4ce15fd04dc92de55196f24faf69c34d17c972f8b031a9563fe6970ef92639_amd64",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:3842954883b1bded547b0026745b5c103321a90ae1902bcdb37705a1986cf9c8_s390x",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:71a8618a93f82f437c726f649fc7de98465482e21b77ea06c272d29ef02fed16_ppc64le",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:324aa225723803002a2380488b075451cd60a8842946ea2d5159ad4ce2244aaa_s390x",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:72b9652056ada0c3360c4f04d46afde5acdcc06c993cda71f8e1e6aaa79bb235_amd64",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:c150d401685f3d7f2bfdd03927591295c8d7f82e6e2bc410cc4dc314f9900e67_ppc64le",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:52ff9a81170acfd97df4451aef4830dd5b7474711233d892888b8424982bd158_s390x",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:67efa1d8929e5f38078357ba1aa17bca1cfa65460f478bafed142afceea0269a_amd64",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:c26001afd728fa38fe3fd0842a1767d388b789f66b0272c335f0ef6e1e852c64_ppc64le",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:43a9111fa0579cc4ab1dc253077af73fb1e76beb963e99bbfdb30dc57ae3c5ef_ppc64le",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:4be81ccd4ce15e23487a0fcac930141c434f26795f102af608561f6fa4f36661_s390x",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:82b9a9f22dfbd69356aaf5b8c4cbfb7931974dbfe993ac5a0d35b952dcff96ef_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2273522"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the nodejs-undici package. Proxy-Authorization headers are not cleared on cross-origin redirects, which can allow for the exposure of sensitive data or allow an attacker to capture the persistent proxy-authentication header.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-undici: proxy-authorization header not cleared on cross-origin redirect for dispatch, request, stream, pipeline",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:8ec2a46b1ecf52e944e7ee44bf8275b72f09c71c48d93ee8220f09b3df013f09_amd64",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:9fa9ef8ccbf060e44bee2650980acd58db5b8ab7a75321dcc5a015774a4d0d9b_s390x",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:eccc09d2f5ebcca7748048c68ff36663b07bbf77db698dabb1208532c2ced7a6_ppc64le"
],
"known_not_affected": [
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:041378931ee0602b7bacc1b1a469e9bac97cdb77c73249e7ed6b1ab22d63a73e_ppc64le",
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:7c44847ee88c3ca6b55302fdd28a9fc643f32213ce47a43f7d34d72e1fb56cd4_amd64",
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:7cbaeaa9210ac27b797bf14b81d77cd2ee90fc0e346320f9c914f6718bf60612_s390x",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:15bba1a42e790bad55c8290712b3f36abb45975dd793fc107cda8baeb19db5f8_ppc64le",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:65a064cf2946861ba6b00d3ed60d399b3c37273d8dca7cda0fb4f969657f9a64_amd64",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:edac785793c2b5e87d0f7ffeea7bf5129f4958189591e78619f94df7903bd8af_s390x",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:124f570a143c892b2a50a3c8d451978d0127eefdf7905cfd6684110b2bbe283b_amd64",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:88bf479fe7aed60a3699ff6ddbec895515497cf4a4598e4535d2ece9ab3d403f_ppc64le",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:9aa2faf93b2dad63b141578afd220505c2f091c3498230b2fcc12827f3b87936_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:6c28b6264a66507e2d73500ad8f4c78163e450557bed1eea8cdc964e0233aee5_ppc64le",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:a58107d4a183fc02637b9f04ca63e71ec61ff93a6f098616bae7c3c8e7488faa_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:dcd45d89d8e8a7ab39a1ad2832f97ff46e8b1748991f32b2801eaad9f6eff8ba_amd64",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:2d19a94c9ed47a01cfbacdb6f555b748b2dfb5f789eb74a44b6e88ddf34e6ad2_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:7b9ffae5f1155a111ded6d4da37e2f1cf7252e01399b8af219c4005fdae08433_ppc64le",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:95ebe1eee34c39cb97ee35f587be06c801bc1df2799ff22957850484a374eef3_amd64",
"8Base-RHOSDS-3:devspaces/idea-rhel8@sha256:5900bae4a8f3937cc2cbe18fe3f9a0e67f9fbe45698a489be10ade4898654512_amd64",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:1a60b0526a5a224f3459a2543a126196e023cb72766459240cadb330552e135c_amd64",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:6d7ec3176c60abff3cb7dc0c42f01de3422279830992036eabd2ba4cc7239244_ppc64le",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:ce32303628b801de3c130ecf8dcd182fd242f269864879ddd0ddf43f83f4b76a_s390x",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:050219134f2c59c7be2109eb20e75dae9d92b930844afe794cee6a8e7751b724_amd64",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:16dec22235b1cc87f280b78f9f96842aa3980c3c3a76bf6aeb73ab0c02b198f7_ppc64le",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:bd454a1865e6b140fa803c6009624db373b38859ea33f12fcd5a23ab90e19b81_s390x",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:2f4ce15fd04dc92de55196f24faf69c34d17c972f8b031a9563fe6970ef92639_amd64",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:3842954883b1bded547b0026745b5c103321a90ae1902bcdb37705a1986cf9c8_s390x",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:71a8618a93f82f437c726f649fc7de98465482e21b77ea06c272d29ef02fed16_ppc64le",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:324aa225723803002a2380488b075451cd60a8842946ea2d5159ad4ce2244aaa_s390x",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:72b9652056ada0c3360c4f04d46afde5acdcc06c993cda71f8e1e6aaa79bb235_amd64",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:c150d401685f3d7f2bfdd03927591295c8d7f82e6e2bc410cc4dc314f9900e67_ppc64le",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:52ff9a81170acfd97df4451aef4830dd5b7474711233d892888b8424982bd158_s390x",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:67efa1d8929e5f38078357ba1aa17bca1cfa65460f478bafed142afceea0269a_amd64",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:c26001afd728fa38fe3fd0842a1767d388b789f66b0272c335f0ef6e1e852c64_ppc64le",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:43a9111fa0579cc4ab1dc253077af73fb1e76beb963e99bbfdb30dc57ae3c5ef_ppc64le",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:4be81ccd4ce15e23487a0fcac930141c434f26795f102af608561f6fa4f36661_s390x",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:82b9a9f22dfbd69356aaf5b8c4cbfb7931974dbfe993ac5a0d35b952dcff96ef_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-30260"
},
{
"category": "external",
"summary": "RHBZ#2273522",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273522"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-30260",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30260"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-30260",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-30260"
}
],
"release_date": "2024-04-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-12T21:30:49+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:8ec2a46b1ecf52e944e7ee44bf8275b72f09c71c48d93ee8220f09b3df013f09_amd64",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:9fa9ef8ccbf060e44bee2650980acd58db5b8ab7a75321dcc5a015774a4d0d9b_s390x",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:eccc09d2f5ebcca7748048c68ff36663b07bbf77db698dabb1208532c2ced7a6_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6667"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:041378931ee0602b7bacc1b1a469e9bac97cdb77c73249e7ed6b1ab22d63a73e_ppc64le",
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:7c44847ee88c3ca6b55302fdd28a9fc643f32213ce47a43f7d34d72e1fb56cd4_amd64",
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:7cbaeaa9210ac27b797bf14b81d77cd2ee90fc0e346320f9c914f6718bf60612_s390x",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:15bba1a42e790bad55c8290712b3f36abb45975dd793fc107cda8baeb19db5f8_ppc64le",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:65a064cf2946861ba6b00d3ed60d399b3c37273d8dca7cda0fb4f969657f9a64_amd64",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:edac785793c2b5e87d0f7ffeea7bf5129f4958189591e78619f94df7903bd8af_s390x",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:8ec2a46b1ecf52e944e7ee44bf8275b72f09c71c48d93ee8220f09b3df013f09_amd64",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:9fa9ef8ccbf060e44bee2650980acd58db5b8ab7a75321dcc5a015774a4d0d9b_s390x",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:eccc09d2f5ebcca7748048c68ff36663b07bbf77db698dabb1208532c2ced7a6_ppc64le",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:124f570a143c892b2a50a3c8d451978d0127eefdf7905cfd6684110b2bbe283b_amd64",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:88bf479fe7aed60a3699ff6ddbec895515497cf4a4598e4535d2ece9ab3d403f_ppc64le",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:9aa2faf93b2dad63b141578afd220505c2f091c3498230b2fcc12827f3b87936_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:6c28b6264a66507e2d73500ad8f4c78163e450557bed1eea8cdc964e0233aee5_ppc64le",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:a58107d4a183fc02637b9f04ca63e71ec61ff93a6f098616bae7c3c8e7488faa_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:dcd45d89d8e8a7ab39a1ad2832f97ff46e8b1748991f32b2801eaad9f6eff8ba_amd64",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:2d19a94c9ed47a01cfbacdb6f555b748b2dfb5f789eb74a44b6e88ddf34e6ad2_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:7b9ffae5f1155a111ded6d4da37e2f1cf7252e01399b8af219c4005fdae08433_ppc64le",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:95ebe1eee34c39cb97ee35f587be06c801bc1df2799ff22957850484a374eef3_amd64",
"8Base-RHOSDS-3:devspaces/idea-rhel8@sha256:5900bae4a8f3937cc2cbe18fe3f9a0e67f9fbe45698a489be10ade4898654512_amd64",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:1a60b0526a5a224f3459a2543a126196e023cb72766459240cadb330552e135c_amd64",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:6d7ec3176c60abff3cb7dc0c42f01de3422279830992036eabd2ba4cc7239244_ppc64le",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:ce32303628b801de3c130ecf8dcd182fd242f269864879ddd0ddf43f83f4b76a_s390x",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:050219134f2c59c7be2109eb20e75dae9d92b930844afe794cee6a8e7751b724_amd64",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:16dec22235b1cc87f280b78f9f96842aa3980c3c3a76bf6aeb73ab0c02b198f7_ppc64le",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:bd454a1865e6b140fa803c6009624db373b38859ea33f12fcd5a23ab90e19b81_s390x",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:2f4ce15fd04dc92de55196f24faf69c34d17c972f8b031a9563fe6970ef92639_amd64",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:3842954883b1bded547b0026745b5c103321a90ae1902bcdb37705a1986cf9c8_s390x",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:71a8618a93f82f437c726f649fc7de98465482e21b77ea06c272d29ef02fed16_ppc64le",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:324aa225723803002a2380488b075451cd60a8842946ea2d5159ad4ce2244aaa_s390x",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:72b9652056ada0c3360c4f04d46afde5acdcc06c993cda71f8e1e6aaa79bb235_amd64",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:c150d401685f3d7f2bfdd03927591295c8d7f82e6e2bc410cc4dc314f9900e67_ppc64le",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:52ff9a81170acfd97df4451aef4830dd5b7474711233d892888b8424982bd158_s390x",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:67efa1d8929e5f38078357ba1aa17bca1cfa65460f478bafed142afceea0269a_amd64",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:c26001afd728fa38fe3fd0842a1767d388b789f66b0272c335f0ef6e1e852c64_ppc64le",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:43a9111fa0579cc4ab1dc253077af73fb1e76beb963e99bbfdb30dc57ae3c5ef_ppc64le",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:4be81ccd4ce15e23487a0fcac930141c434f26795f102af608561f6fa4f36661_s390x",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:82b9a9f22dfbd69356aaf5b8c4cbfb7931974dbfe993ac5a0d35b952dcff96ef_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.9,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:041378931ee0602b7bacc1b1a469e9bac97cdb77c73249e7ed6b1ab22d63a73e_ppc64le",
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:7c44847ee88c3ca6b55302fdd28a9fc643f32213ce47a43f7d34d72e1fb56cd4_amd64",
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:7cbaeaa9210ac27b797bf14b81d77cd2ee90fc0e346320f9c914f6718bf60612_s390x",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:15bba1a42e790bad55c8290712b3f36abb45975dd793fc107cda8baeb19db5f8_ppc64le",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:65a064cf2946861ba6b00d3ed60d399b3c37273d8dca7cda0fb4f969657f9a64_amd64",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:edac785793c2b5e87d0f7ffeea7bf5129f4958189591e78619f94df7903bd8af_s390x",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:8ec2a46b1ecf52e944e7ee44bf8275b72f09c71c48d93ee8220f09b3df013f09_amd64",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:9fa9ef8ccbf060e44bee2650980acd58db5b8ab7a75321dcc5a015774a4d0d9b_s390x",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:eccc09d2f5ebcca7748048c68ff36663b07bbf77db698dabb1208532c2ced7a6_ppc64le",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:124f570a143c892b2a50a3c8d451978d0127eefdf7905cfd6684110b2bbe283b_amd64",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:88bf479fe7aed60a3699ff6ddbec895515497cf4a4598e4535d2ece9ab3d403f_ppc64le",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:9aa2faf93b2dad63b141578afd220505c2f091c3498230b2fcc12827f3b87936_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:6c28b6264a66507e2d73500ad8f4c78163e450557bed1eea8cdc964e0233aee5_ppc64le",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:a58107d4a183fc02637b9f04ca63e71ec61ff93a6f098616bae7c3c8e7488faa_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:dcd45d89d8e8a7ab39a1ad2832f97ff46e8b1748991f32b2801eaad9f6eff8ba_amd64",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:2d19a94c9ed47a01cfbacdb6f555b748b2dfb5f789eb74a44b6e88ddf34e6ad2_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:7b9ffae5f1155a111ded6d4da37e2f1cf7252e01399b8af219c4005fdae08433_ppc64le",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:95ebe1eee34c39cb97ee35f587be06c801bc1df2799ff22957850484a374eef3_amd64",
"8Base-RHOSDS-3:devspaces/idea-rhel8@sha256:5900bae4a8f3937cc2cbe18fe3f9a0e67f9fbe45698a489be10ade4898654512_amd64",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:1a60b0526a5a224f3459a2543a126196e023cb72766459240cadb330552e135c_amd64",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:6d7ec3176c60abff3cb7dc0c42f01de3422279830992036eabd2ba4cc7239244_ppc64le",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:ce32303628b801de3c130ecf8dcd182fd242f269864879ddd0ddf43f83f4b76a_s390x",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:050219134f2c59c7be2109eb20e75dae9d92b930844afe794cee6a8e7751b724_amd64",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:16dec22235b1cc87f280b78f9f96842aa3980c3c3a76bf6aeb73ab0c02b198f7_ppc64le",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:bd454a1865e6b140fa803c6009624db373b38859ea33f12fcd5a23ab90e19b81_s390x",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:2f4ce15fd04dc92de55196f24faf69c34d17c972f8b031a9563fe6970ef92639_amd64",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:3842954883b1bded547b0026745b5c103321a90ae1902bcdb37705a1986cf9c8_s390x",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:71a8618a93f82f437c726f649fc7de98465482e21b77ea06c272d29ef02fed16_ppc64le",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:324aa225723803002a2380488b075451cd60a8842946ea2d5159ad4ce2244aaa_s390x",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:72b9652056ada0c3360c4f04d46afde5acdcc06c993cda71f8e1e6aaa79bb235_amd64",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:c150d401685f3d7f2bfdd03927591295c8d7f82e6e2bc410cc4dc314f9900e67_ppc64le",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:52ff9a81170acfd97df4451aef4830dd5b7474711233d892888b8424982bd158_s390x",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:67efa1d8929e5f38078357ba1aa17bca1cfa65460f478bafed142afceea0269a_amd64",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:c26001afd728fa38fe3fd0842a1767d388b789f66b0272c335f0ef6e1e852c64_ppc64le",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:43a9111fa0579cc4ab1dc253077af73fb1e76beb963e99bbfdb30dc57ae3c5ef_ppc64le",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:4be81ccd4ce15e23487a0fcac930141c434f26795f102af608561f6fa4f36661_s390x",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:82b9a9f22dfbd69356aaf5b8c4cbfb7931974dbfe993ac5a0d35b952dcff96ef_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "nodejs-undici: proxy-authorization header not cleared on cross-origin redirect for dispatch, request, stream, pipeline"
},
{
"cve": "CVE-2024-30261",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2024-04-04T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:041378931ee0602b7bacc1b1a469e9bac97cdb77c73249e7ed6b1ab22d63a73e_ppc64le",
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:7c44847ee88c3ca6b55302fdd28a9fc643f32213ce47a43f7d34d72e1fb56cd4_amd64",
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:7cbaeaa9210ac27b797bf14b81d77cd2ee90fc0e346320f9c914f6718bf60612_s390x",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:15bba1a42e790bad55c8290712b3f36abb45975dd793fc107cda8baeb19db5f8_ppc64le",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:65a064cf2946861ba6b00d3ed60d399b3c37273d8dca7cda0fb4f969657f9a64_amd64",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:edac785793c2b5e87d0f7ffeea7bf5129f4958189591e78619f94df7903bd8af_s390x",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:124f570a143c892b2a50a3c8d451978d0127eefdf7905cfd6684110b2bbe283b_amd64",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:88bf479fe7aed60a3699ff6ddbec895515497cf4a4598e4535d2ece9ab3d403f_ppc64le",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:9aa2faf93b2dad63b141578afd220505c2f091c3498230b2fcc12827f3b87936_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:6c28b6264a66507e2d73500ad8f4c78163e450557bed1eea8cdc964e0233aee5_ppc64le",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:a58107d4a183fc02637b9f04ca63e71ec61ff93a6f098616bae7c3c8e7488faa_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:dcd45d89d8e8a7ab39a1ad2832f97ff46e8b1748991f32b2801eaad9f6eff8ba_amd64",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:2d19a94c9ed47a01cfbacdb6f555b748b2dfb5f789eb74a44b6e88ddf34e6ad2_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:7b9ffae5f1155a111ded6d4da37e2f1cf7252e01399b8af219c4005fdae08433_ppc64le",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:95ebe1eee34c39cb97ee35f587be06c801bc1df2799ff22957850484a374eef3_amd64",
"8Base-RHOSDS-3:devspaces/idea-rhel8@sha256:5900bae4a8f3937cc2cbe18fe3f9a0e67f9fbe45698a489be10ade4898654512_amd64",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:1a60b0526a5a224f3459a2543a126196e023cb72766459240cadb330552e135c_amd64",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:6d7ec3176c60abff3cb7dc0c42f01de3422279830992036eabd2ba4cc7239244_ppc64le",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:ce32303628b801de3c130ecf8dcd182fd242f269864879ddd0ddf43f83f4b76a_s390x",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:050219134f2c59c7be2109eb20e75dae9d92b930844afe794cee6a8e7751b724_amd64",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:16dec22235b1cc87f280b78f9f96842aa3980c3c3a76bf6aeb73ab0c02b198f7_ppc64le",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:bd454a1865e6b140fa803c6009624db373b38859ea33f12fcd5a23ab90e19b81_s390x",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:2f4ce15fd04dc92de55196f24faf69c34d17c972f8b031a9563fe6970ef92639_amd64",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:3842954883b1bded547b0026745b5c103321a90ae1902bcdb37705a1986cf9c8_s390x",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:71a8618a93f82f437c726f649fc7de98465482e21b77ea06c272d29ef02fed16_ppc64le",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:324aa225723803002a2380488b075451cd60a8842946ea2d5159ad4ce2244aaa_s390x",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:72b9652056ada0c3360c4f04d46afde5acdcc06c993cda71f8e1e6aaa79bb235_amd64",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:c150d401685f3d7f2bfdd03927591295c8d7f82e6e2bc410cc4dc314f9900e67_ppc64le",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:52ff9a81170acfd97df4451aef4830dd5b7474711233d892888b8424982bd158_s390x",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:67efa1d8929e5f38078357ba1aa17bca1cfa65460f478bafed142afceea0269a_amd64",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:c26001afd728fa38fe3fd0842a1767d388b789f66b0272c335f0ef6e1e852c64_ppc64le",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:43a9111fa0579cc4ab1dc253077af73fb1e76beb963e99bbfdb30dc57ae3c5ef_ppc64le",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:4be81ccd4ce15e23487a0fcac930141c434f26795f102af608561f6fa4f36661_s390x",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:82b9a9f22dfbd69356aaf5b8c4cbfb7931974dbfe993ac5a0d35b952dcff96ef_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2273519"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the nodejs-undici package. This issue may allow an attacker to alter the integrity option passed to fetch(), allowing fetch() to accept requests as valid even if they have been tampered with.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "nodejs-undici: fetch() with integrity option is too lax when algorithm is specified but hash value is in incorrect",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:8ec2a46b1ecf52e944e7ee44bf8275b72f09c71c48d93ee8220f09b3df013f09_amd64",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:9fa9ef8ccbf060e44bee2650980acd58db5b8ab7a75321dcc5a015774a4d0d9b_s390x",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:eccc09d2f5ebcca7748048c68ff36663b07bbf77db698dabb1208532c2ced7a6_ppc64le"
],
"known_not_affected": [
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:041378931ee0602b7bacc1b1a469e9bac97cdb77c73249e7ed6b1ab22d63a73e_ppc64le",
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:7c44847ee88c3ca6b55302fdd28a9fc643f32213ce47a43f7d34d72e1fb56cd4_amd64",
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:7cbaeaa9210ac27b797bf14b81d77cd2ee90fc0e346320f9c914f6718bf60612_s390x",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:15bba1a42e790bad55c8290712b3f36abb45975dd793fc107cda8baeb19db5f8_ppc64le",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:65a064cf2946861ba6b00d3ed60d399b3c37273d8dca7cda0fb4f969657f9a64_amd64",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:edac785793c2b5e87d0f7ffeea7bf5129f4958189591e78619f94df7903bd8af_s390x",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:124f570a143c892b2a50a3c8d451978d0127eefdf7905cfd6684110b2bbe283b_amd64",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:88bf479fe7aed60a3699ff6ddbec895515497cf4a4598e4535d2ece9ab3d403f_ppc64le",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:9aa2faf93b2dad63b141578afd220505c2f091c3498230b2fcc12827f3b87936_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:6c28b6264a66507e2d73500ad8f4c78163e450557bed1eea8cdc964e0233aee5_ppc64le",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:a58107d4a183fc02637b9f04ca63e71ec61ff93a6f098616bae7c3c8e7488faa_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:dcd45d89d8e8a7ab39a1ad2832f97ff46e8b1748991f32b2801eaad9f6eff8ba_amd64",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:2d19a94c9ed47a01cfbacdb6f555b748b2dfb5f789eb74a44b6e88ddf34e6ad2_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:7b9ffae5f1155a111ded6d4da37e2f1cf7252e01399b8af219c4005fdae08433_ppc64le",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:95ebe1eee34c39cb97ee35f587be06c801bc1df2799ff22957850484a374eef3_amd64",
"8Base-RHOSDS-3:devspaces/idea-rhel8@sha256:5900bae4a8f3937cc2cbe18fe3f9a0e67f9fbe45698a489be10ade4898654512_amd64",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:1a60b0526a5a224f3459a2543a126196e023cb72766459240cadb330552e135c_amd64",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:6d7ec3176c60abff3cb7dc0c42f01de3422279830992036eabd2ba4cc7239244_ppc64le",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:ce32303628b801de3c130ecf8dcd182fd242f269864879ddd0ddf43f83f4b76a_s390x",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:050219134f2c59c7be2109eb20e75dae9d92b930844afe794cee6a8e7751b724_amd64",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:16dec22235b1cc87f280b78f9f96842aa3980c3c3a76bf6aeb73ab0c02b198f7_ppc64le",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:bd454a1865e6b140fa803c6009624db373b38859ea33f12fcd5a23ab90e19b81_s390x",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:2f4ce15fd04dc92de55196f24faf69c34d17c972f8b031a9563fe6970ef92639_amd64",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:3842954883b1bded547b0026745b5c103321a90ae1902bcdb37705a1986cf9c8_s390x",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:71a8618a93f82f437c726f649fc7de98465482e21b77ea06c272d29ef02fed16_ppc64le",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:324aa225723803002a2380488b075451cd60a8842946ea2d5159ad4ce2244aaa_s390x",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:72b9652056ada0c3360c4f04d46afde5acdcc06c993cda71f8e1e6aaa79bb235_amd64",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:c150d401685f3d7f2bfdd03927591295c8d7f82e6e2bc410cc4dc314f9900e67_ppc64le",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:52ff9a81170acfd97df4451aef4830dd5b7474711233d892888b8424982bd158_s390x",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:67efa1d8929e5f38078357ba1aa17bca1cfa65460f478bafed142afceea0269a_amd64",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:c26001afd728fa38fe3fd0842a1767d388b789f66b0272c335f0ef6e1e852c64_ppc64le",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:43a9111fa0579cc4ab1dc253077af73fb1e76beb963e99bbfdb30dc57ae3c5ef_ppc64le",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:4be81ccd4ce15e23487a0fcac930141c434f26795f102af608561f6fa4f36661_s390x",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:82b9a9f22dfbd69356aaf5b8c4cbfb7931974dbfe993ac5a0d35b952dcff96ef_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-30261"
},
{
"category": "external",
"summary": "RHBZ#2273519",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273519"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-30261",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30261"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-30261",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-30261"
}
],
"release_date": "2024-04-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-12T21:30:49+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:8ec2a46b1ecf52e944e7ee44bf8275b72f09c71c48d93ee8220f09b3df013f09_amd64",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:9fa9ef8ccbf060e44bee2650980acd58db5b8ab7a75321dcc5a015774a4d0d9b_s390x",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:eccc09d2f5ebcca7748048c68ff36663b07bbf77db698dabb1208532c2ced7a6_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6667"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:041378931ee0602b7bacc1b1a469e9bac97cdb77c73249e7ed6b1ab22d63a73e_ppc64le",
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:7c44847ee88c3ca6b55302fdd28a9fc643f32213ce47a43f7d34d72e1fb56cd4_amd64",
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:7cbaeaa9210ac27b797bf14b81d77cd2ee90fc0e346320f9c914f6718bf60612_s390x",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:15bba1a42e790bad55c8290712b3f36abb45975dd793fc107cda8baeb19db5f8_ppc64le",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:65a064cf2946861ba6b00d3ed60d399b3c37273d8dca7cda0fb4f969657f9a64_amd64",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:edac785793c2b5e87d0f7ffeea7bf5129f4958189591e78619f94df7903bd8af_s390x",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:8ec2a46b1ecf52e944e7ee44bf8275b72f09c71c48d93ee8220f09b3df013f09_amd64",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:9fa9ef8ccbf060e44bee2650980acd58db5b8ab7a75321dcc5a015774a4d0d9b_s390x",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:eccc09d2f5ebcca7748048c68ff36663b07bbf77db698dabb1208532c2ced7a6_ppc64le",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:124f570a143c892b2a50a3c8d451978d0127eefdf7905cfd6684110b2bbe283b_amd64",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:88bf479fe7aed60a3699ff6ddbec895515497cf4a4598e4535d2ece9ab3d403f_ppc64le",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:9aa2faf93b2dad63b141578afd220505c2f091c3498230b2fcc12827f3b87936_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:6c28b6264a66507e2d73500ad8f4c78163e450557bed1eea8cdc964e0233aee5_ppc64le",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:a58107d4a183fc02637b9f04ca63e71ec61ff93a6f098616bae7c3c8e7488faa_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:dcd45d89d8e8a7ab39a1ad2832f97ff46e8b1748991f32b2801eaad9f6eff8ba_amd64",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:2d19a94c9ed47a01cfbacdb6f555b748b2dfb5f789eb74a44b6e88ddf34e6ad2_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:7b9ffae5f1155a111ded6d4da37e2f1cf7252e01399b8af219c4005fdae08433_ppc64le",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:95ebe1eee34c39cb97ee35f587be06c801bc1df2799ff22957850484a374eef3_amd64",
"8Base-RHOSDS-3:devspaces/idea-rhel8@sha256:5900bae4a8f3937cc2cbe18fe3f9a0e67f9fbe45698a489be10ade4898654512_amd64",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:1a60b0526a5a224f3459a2543a126196e023cb72766459240cadb330552e135c_amd64",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:6d7ec3176c60abff3cb7dc0c42f01de3422279830992036eabd2ba4cc7239244_ppc64le",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:ce32303628b801de3c130ecf8dcd182fd242f269864879ddd0ddf43f83f4b76a_s390x",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:050219134f2c59c7be2109eb20e75dae9d92b930844afe794cee6a8e7751b724_amd64",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:16dec22235b1cc87f280b78f9f96842aa3980c3c3a76bf6aeb73ab0c02b198f7_ppc64le",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:bd454a1865e6b140fa803c6009624db373b38859ea33f12fcd5a23ab90e19b81_s390x",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:2f4ce15fd04dc92de55196f24faf69c34d17c972f8b031a9563fe6970ef92639_amd64",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:3842954883b1bded547b0026745b5c103321a90ae1902bcdb37705a1986cf9c8_s390x",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:71a8618a93f82f437c726f649fc7de98465482e21b77ea06c272d29ef02fed16_ppc64le",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:324aa225723803002a2380488b075451cd60a8842946ea2d5159ad4ce2244aaa_s390x",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:72b9652056ada0c3360c4f04d46afde5acdcc06c993cda71f8e1e6aaa79bb235_amd64",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:c150d401685f3d7f2bfdd03927591295c8d7f82e6e2bc410cc4dc314f9900e67_ppc64le",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:52ff9a81170acfd97df4451aef4830dd5b7474711233d892888b8424982bd158_s390x",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:67efa1d8929e5f38078357ba1aa17bca1cfa65460f478bafed142afceea0269a_amd64",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:c26001afd728fa38fe3fd0842a1767d388b789f66b0272c335f0ef6e1e852c64_ppc64le",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:43a9111fa0579cc4ab1dc253077af73fb1e76beb963e99bbfdb30dc57ae3c5ef_ppc64le",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:4be81ccd4ce15e23487a0fcac930141c434f26795f102af608561f6fa4f36661_s390x",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:82b9a9f22dfbd69356aaf5b8c4cbfb7931974dbfe993ac5a0d35b952dcff96ef_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:041378931ee0602b7bacc1b1a469e9bac97cdb77c73249e7ed6b1ab22d63a73e_ppc64le",
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:7c44847ee88c3ca6b55302fdd28a9fc643f32213ce47a43f7d34d72e1fb56cd4_amd64",
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:7cbaeaa9210ac27b797bf14b81d77cd2ee90fc0e346320f9c914f6718bf60612_s390x",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:15bba1a42e790bad55c8290712b3f36abb45975dd793fc107cda8baeb19db5f8_ppc64le",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:65a064cf2946861ba6b00d3ed60d399b3c37273d8dca7cda0fb4f969657f9a64_amd64",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:edac785793c2b5e87d0f7ffeea7bf5129f4958189591e78619f94df7903bd8af_s390x",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:8ec2a46b1ecf52e944e7ee44bf8275b72f09c71c48d93ee8220f09b3df013f09_amd64",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:9fa9ef8ccbf060e44bee2650980acd58db5b8ab7a75321dcc5a015774a4d0d9b_s390x",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:eccc09d2f5ebcca7748048c68ff36663b07bbf77db698dabb1208532c2ced7a6_ppc64le",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:124f570a143c892b2a50a3c8d451978d0127eefdf7905cfd6684110b2bbe283b_amd64",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:88bf479fe7aed60a3699ff6ddbec895515497cf4a4598e4535d2ece9ab3d403f_ppc64le",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:9aa2faf93b2dad63b141578afd220505c2f091c3498230b2fcc12827f3b87936_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:6c28b6264a66507e2d73500ad8f4c78163e450557bed1eea8cdc964e0233aee5_ppc64le",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:a58107d4a183fc02637b9f04ca63e71ec61ff93a6f098616bae7c3c8e7488faa_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:dcd45d89d8e8a7ab39a1ad2832f97ff46e8b1748991f32b2801eaad9f6eff8ba_amd64",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:2d19a94c9ed47a01cfbacdb6f555b748b2dfb5f789eb74a44b6e88ddf34e6ad2_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:7b9ffae5f1155a111ded6d4da37e2f1cf7252e01399b8af219c4005fdae08433_ppc64le",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:95ebe1eee34c39cb97ee35f587be06c801bc1df2799ff22957850484a374eef3_amd64",
"8Base-RHOSDS-3:devspaces/idea-rhel8@sha256:5900bae4a8f3937cc2cbe18fe3f9a0e67f9fbe45698a489be10ade4898654512_amd64",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:1a60b0526a5a224f3459a2543a126196e023cb72766459240cadb330552e135c_amd64",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:6d7ec3176c60abff3cb7dc0c42f01de3422279830992036eabd2ba4cc7239244_ppc64le",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:ce32303628b801de3c130ecf8dcd182fd242f269864879ddd0ddf43f83f4b76a_s390x",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:050219134f2c59c7be2109eb20e75dae9d92b930844afe794cee6a8e7751b724_amd64",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:16dec22235b1cc87f280b78f9f96842aa3980c3c3a76bf6aeb73ab0c02b198f7_ppc64le",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:bd454a1865e6b140fa803c6009624db373b38859ea33f12fcd5a23ab90e19b81_s390x",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:2f4ce15fd04dc92de55196f24faf69c34d17c972f8b031a9563fe6970ef92639_amd64",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:3842954883b1bded547b0026745b5c103321a90ae1902bcdb37705a1986cf9c8_s390x",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:71a8618a93f82f437c726f649fc7de98465482e21b77ea06c272d29ef02fed16_ppc64le",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:324aa225723803002a2380488b075451cd60a8842946ea2d5159ad4ce2244aaa_s390x",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:72b9652056ada0c3360c4f04d46afde5acdcc06c993cda71f8e1e6aaa79bb235_amd64",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:c150d401685f3d7f2bfdd03927591295c8d7f82e6e2bc410cc4dc314f9900e67_ppc64le",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:52ff9a81170acfd97df4451aef4830dd5b7474711233d892888b8424982bd158_s390x",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:67efa1d8929e5f38078357ba1aa17bca1cfa65460f478bafed142afceea0269a_amd64",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:c26001afd728fa38fe3fd0842a1767d388b789f66b0272c335f0ef6e1e852c64_ppc64le",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:43a9111fa0579cc4ab1dc253077af73fb1e76beb963e99bbfdb30dc57ae3c5ef_ppc64le",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:4be81ccd4ce15e23487a0fcac930141c434f26795f102af608561f6fa4f36661_s390x",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:82b9a9f22dfbd69356aaf5b8c4cbfb7931974dbfe993ac5a0d35b952dcff96ef_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "nodejs-undici: fetch() with integrity option is too lax when algorithm is specified but hash value is in incorrect"
},
{
"cve": "CVE-2024-39338",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2024-08-13T17:21:32.774718+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:15bba1a42e790bad55c8290712b3f36abb45975dd793fc107cda8baeb19db5f8_ppc64le",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:65a064cf2946861ba6b00d3ed60d399b3c37273d8dca7cda0fb4f969657f9a64_amd64",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:edac785793c2b5e87d0f7ffeea7bf5129f4958189591e78619f94df7903bd8af_s390x",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:124f570a143c892b2a50a3c8d451978d0127eefdf7905cfd6684110b2bbe283b_amd64",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:88bf479fe7aed60a3699ff6ddbec895515497cf4a4598e4535d2ece9ab3d403f_ppc64le",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:9aa2faf93b2dad63b141578afd220505c2f091c3498230b2fcc12827f3b87936_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:6c28b6264a66507e2d73500ad8f4c78163e450557bed1eea8cdc964e0233aee5_ppc64le",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:a58107d4a183fc02637b9f04ca63e71ec61ff93a6f098616bae7c3c8e7488faa_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:dcd45d89d8e8a7ab39a1ad2832f97ff46e8b1748991f32b2801eaad9f6eff8ba_amd64",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:2d19a94c9ed47a01cfbacdb6f555b748b2dfb5f789eb74a44b6e88ddf34e6ad2_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:7b9ffae5f1155a111ded6d4da37e2f1cf7252e01399b8af219c4005fdae08433_ppc64le",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:95ebe1eee34c39cb97ee35f587be06c801bc1df2799ff22957850484a374eef3_amd64",
"8Base-RHOSDS-3:devspaces/idea-rhel8@sha256:5900bae4a8f3937cc2cbe18fe3f9a0e67f9fbe45698a489be10ade4898654512_amd64",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:1a60b0526a5a224f3459a2543a126196e023cb72766459240cadb330552e135c_amd64",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:6d7ec3176c60abff3cb7dc0c42f01de3422279830992036eabd2ba4cc7239244_ppc64le",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:ce32303628b801de3c130ecf8dcd182fd242f269864879ddd0ddf43f83f4b76a_s390x",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:050219134f2c59c7be2109eb20e75dae9d92b930844afe794cee6a8e7751b724_amd64",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:16dec22235b1cc87f280b78f9f96842aa3980c3c3a76bf6aeb73ab0c02b198f7_ppc64le",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:bd454a1865e6b140fa803c6009624db373b38859ea33f12fcd5a23ab90e19b81_s390x",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:2f4ce15fd04dc92de55196f24faf69c34d17c972f8b031a9563fe6970ef92639_amd64",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:3842954883b1bded547b0026745b5c103321a90ae1902bcdb37705a1986cf9c8_s390x",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:71a8618a93f82f437c726f649fc7de98465482e21b77ea06c272d29ef02fed16_ppc64le",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:324aa225723803002a2380488b075451cd60a8842946ea2d5159ad4ce2244aaa_s390x",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:72b9652056ada0c3360c4f04d46afde5acdcc06c993cda71f8e1e6aaa79bb235_amd64",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:c150d401685f3d7f2bfdd03927591295c8d7f82e6e2bc410cc4dc314f9900e67_ppc64le",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:52ff9a81170acfd97df4451aef4830dd5b7474711233d892888b8424982bd158_s390x",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:67efa1d8929e5f38078357ba1aa17bca1cfa65460f478bafed142afceea0269a_amd64",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:c26001afd728fa38fe3fd0842a1767d388b789f66b0272c335f0ef6e1e852c64_ppc64le",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:43a9111fa0579cc4ab1dc253077af73fb1e76beb963e99bbfdb30dc57ae3c5ef_ppc64le",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:4be81ccd4ce15e23487a0fcac930141c434f26795f102af608561f6fa4f36661_s390x",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:82b9a9f22dfbd69356aaf5b8c4cbfb7931974dbfe993ac5a0d35b952dcff96ef_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2304369"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Axios HTTP Client. It is vulnerable to a server-side request forgery attack (SSRF) caused by unexpected behavior where requests for path-relative URLs get processed as protocol-relative URLs. This flaw allows an attacker to perform arbitrary requests from the server, potentially accessing internal systems or exfiltrating sensitive data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: axios: Server-Side Request Forgery",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as IMPORTANT because it can be exploited remotely with low complexity and without user interaction, it poses a significant risk to confidentiality.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:041378931ee0602b7bacc1b1a469e9bac97cdb77c73249e7ed6b1ab22d63a73e_ppc64le",
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:7c44847ee88c3ca6b55302fdd28a9fc643f32213ce47a43f7d34d72e1fb56cd4_amd64",
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:7cbaeaa9210ac27b797bf14b81d77cd2ee90fc0e346320f9c914f6718bf60612_s390x",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:8ec2a46b1ecf52e944e7ee44bf8275b72f09c71c48d93ee8220f09b3df013f09_amd64",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:9fa9ef8ccbf060e44bee2650980acd58db5b8ab7a75321dcc5a015774a4d0d9b_s390x",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:eccc09d2f5ebcca7748048c68ff36663b07bbf77db698dabb1208532c2ced7a6_ppc64le"
],
"known_not_affected": [
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:15bba1a42e790bad55c8290712b3f36abb45975dd793fc107cda8baeb19db5f8_ppc64le",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:65a064cf2946861ba6b00d3ed60d399b3c37273d8dca7cda0fb4f969657f9a64_amd64",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:edac785793c2b5e87d0f7ffeea7bf5129f4958189591e78619f94df7903bd8af_s390x",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:124f570a143c892b2a50a3c8d451978d0127eefdf7905cfd6684110b2bbe283b_amd64",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:88bf479fe7aed60a3699ff6ddbec895515497cf4a4598e4535d2ece9ab3d403f_ppc64le",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:9aa2faf93b2dad63b141578afd220505c2f091c3498230b2fcc12827f3b87936_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:6c28b6264a66507e2d73500ad8f4c78163e450557bed1eea8cdc964e0233aee5_ppc64le",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:a58107d4a183fc02637b9f04ca63e71ec61ff93a6f098616bae7c3c8e7488faa_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:dcd45d89d8e8a7ab39a1ad2832f97ff46e8b1748991f32b2801eaad9f6eff8ba_amd64",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:2d19a94c9ed47a01cfbacdb6f555b748b2dfb5f789eb74a44b6e88ddf34e6ad2_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:7b9ffae5f1155a111ded6d4da37e2f1cf7252e01399b8af219c4005fdae08433_ppc64le",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:95ebe1eee34c39cb97ee35f587be06c801bc1df2799ff22957850484a374eef3_amd64",
"8Base-RHOSDS-3:devspaces/idea-rhel8@sha256:5900bae4a8f3937cc2cbe18fe3f9a0e67f9fbe45698a489be10ade4898654512_amd64",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:1a60b0526a5a224f3459a2543a126196e023cb72766459240cadb330552e135c_amd64",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:6d7ec3176c60abff3cb7dc0c42f01de3422279830992036eabd2ba4cc7239244_ppc64le",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:ce32303628b801de3c130ecf8dcd182fd242f269864879ddd0ddf43f83f4b76a_s390x",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:050219134f2c59c7be2109eb20e75dae9d92b930844afe794cee6a8e7751b724_amd64",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:16dec22235b1cc87f280b78f9f96842aa3980c3c3a76bf6aeb73ab0c02b198f7_ppc64le",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:bd454a1865e6b140fa803c6009624db373b38859ea33f12fcd5a23ab90e19b81_s390x",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:2f4ce15fd04dc92de55196f24faf69c34d17c972f8b031a9563fe6970ef92639_amd64",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:3842954883b1bded547b0026745b5c103321a90ae1902bcdb37705a1986cf9c8_s390x",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:71a8618a93f82f437c726f649fc7de98465482e21b77ea06c272d29ef02fed16_ppc64le",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:324aa225723803002a2380488b075451cd60a8842946ea2d5159ad4ce2244aaa_s390x",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:72b9652056ada0c3360c4f04d46afde5acdcc06c993cda71f8e1e6aaa79bb235_amd64",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:c150d401685f3d7f2bfdd03927591295c8d7f82e6e2bc410cc4dc314f9900e67_ppc64le",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:52ff9a81170acfd97df4451aef4830dd5b7474711233d892888b8424982bd158_s390x",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:67efa1d8929e5f38078357ba1aa17bca1cfa65460f478bafed142afceea0269a_amd64",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:c26001afd728fa38fe3fd0842a1767d388b789f66b0272c335f0ef6e1e852c64_ppc64le",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:43a9111fa0579cc4ab1dc253077af73fb1e76beb963e99bbfdb30dc57ae3c5ef_ppc64le",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:4be81ccd4ce15e23487a0fcac930141c434f26795f102af608561f6fa4f36661_s390x",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:82b9a9f22dfbd69356aaf5b8c4cbfb7931974dbfe993ac5a0d35b952dcff96ef_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-39338"
},
{
"category": "external",
"summary": "RHBZ#2304369",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304369"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-39338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39338"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-39338",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39338"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/releases",
"url": "https://github.com/axios/axios/releases"
},
{
"category": "external",
"summary": "https://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.html",
"url": "https://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.html"
}
],
"release_date": "2024-08-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-12T21:30:49+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:041378931ee0602b7bacc1b1a469e9bac97cdb77c73249e7ed6b1ab22d63a73e_ppc64le",
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:7c44847ee88c3ca6b55302fdd28a9fc643f32213ce47a43f7d34d72e1fb56cd4_amd64",
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:7cbaeaa9210ac27b797bf14b81d77cd2ee90fc0e346320f9c914f6718bf60612_s390x",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:8ec2a46b1ecf52e944e7ee44bf8275b72f09c71c48d93ee8220f09b3df013f09_amd64",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:9fa9ef8ccbf060e44bee2650980acd58db5b8ab7a75321dcc5a015774a4d0d9b_s390x",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:eccc09d2f5ebcca7748048c68ff36663b07bbf77db698dabb1208532c2ced7a6_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:6667"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:041378931ee0602b7bacc1b1a469e9bac97cdb77c73249e7ed6b1ab22d63a73e_ppc64le",
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:7c44847ee88c3ca6b55302fdd28a9fc643f32213ce47a43f7d34d72e1fb56cd4_amd64",
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:7cbaeaa9210ac27b797bf14b81d77cd2ee90fc0e346320f9c914f6718bf60612_s390x",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:15bba1a42e790bad55c8290712b3f36abb45975dd793fc107cda8baeb19db5f8_ppc64le",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:65a064cf2946861ba6b00d3ed60d399b3c37273d8dca7cda0fb4f969657f9a64_amd64",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:edac785793c2b5e87d0f7ffeea7bf5129f4958189591e78619f94df7903bd8af_s390x",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:8ec2a46b1ecf52e944e7ee44bf8275b72f09c71c48d93ee8220f09b3df013f09_amd64",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:9fa9ef8ccbf060e44bee2650980acd58db5b8ab7a75321dcc5a015774a4d0d9b_s390x",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:eccc09d2f5ebcca7748048c68ff36663b07bbf77db698dabb1208532c2ced7a6_ppc64le",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:124f570a143c892b2a50a3c8d451978d0127eefdf7905cfd6684110b2bbe283b_amd64",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:88bf479fe7aed60a3699ff6ddbec895515497cf4a4598e4535d2ece9ab3d403f_ppc64le",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:9aa2faf93b2dad63b141578afd220505c2f091c3498230b2fcc12827f3b87936_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:6c28b6264a66507e2d73500ad8f4c78163e450557bed1eea8cdc964e0233aee5_ppc64le",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:a58107d4a183fc02637b9f04ca63e71ec61ff93a6f098616bae7c3c8e7488faa_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:dcd45d89d8e8a7ab39a1ad2832f97ff46e8b1748991f32b2801eaad9f6eff8ba_amd64",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:2d19a94c9ed47a01cfbacdb6f555b748b2dfb5f789eb74a44b6e88ddf34e6ad2_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:7b9ffae5f1155a111ded6d4da37e2f1cf7252e01399b8af219c4005fdae08433_ppc64le",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:95ebe1eee34c39cb97ee35f587be06c801bc1df2799ff22957850484a374eef3_amd64",
"8Base-RHOSDS-3:devspaces/idea-rhel8@sha256:5900bae4a8f3937cc2cbe18fe3f9a0e67f9fbe45698a489be10ade4898654512_amd64",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:1a60b0526a5a224f3459a2543a126196e023cb72766459240cadb330552e135c_amd64",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:6d7ec3176c60abff3cb7dc0c42f01de3422279830992036eabd2ba4cc7239244_ppc64le",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:ce32303628b801de3c130ecf8dcd182fd242f269864879ddd0ddf43f83f4b76a_s390x",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:050219134f2c59c7be2109eb20e75dae9d92b930844afe794cee6a8e7751b724_amd64",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:16dec22235b1cc87f280b78f9f96842aa3980c3c3a76bf6aeb73ab0c02b198f7_ppc64le",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:bd454a1865e6b140fa803c6009624db373b38859ea33f12fcd5a23ab90e19b81_s390x",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:2f4ce15fd04dc92de55196f24faf69c34d17c972f8b031a9563fe6970ef92639_amd64",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:3842954883b1bded547b0026745b5c103321a90ae1902bcdb37705a1986cf9c8_s390x",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:71a8618a93f82f437c726f649fc7de98465482e21b77ea06c272d29ef02fed16_ppc64le",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:324aa225723803002a2380488b075451cd60a8842946ea2d5159ad4ce2244aaa_s390x",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:72b9652056ada0c3360c4f04d46afde5acdcc06c993cda71f8e1e6aaa79bb235_amd64",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:c150d401685f3d7f2bfdd03927591295c8d7f82e6e2bc410cc4dc314f9900e67_ppc64le",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:52ff9a81170acfd97df4451aef4830dd5b7474711233d892888b8424982bd158_s390x",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:67efa1d8929e5f38078357ba1aa17bca1cfa65460f478bafed142afceea0269a_amd64",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:c26001afd728fa38fe3fd0842a1767d388b789f66b0272c335f0ef6e1e852c64_ppc64le",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:43a9111fa0579cc4ab1dc253077af73fb1e76beb963e99bbfdb30dc57ae3c5ef_ppc64le",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:4be81ccd4ce15e23487a0fcac930141c434f26795f102af608561f6fa4f36661_s390x",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:82b9a9f22dfbd69356aaf5b8c4cbfb7931974dbfe993ac5a0d35b952dcff96ef_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:041378931ee0602b7bacc1b1a469e9bac97cdb77c73249e7ed6b1ab22d63a73e_ppc64le",
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:7c44847ee88c3ca6b55302fdd28a9fc643f32213ce47a43f7d34d72e1fb56cd4_amd64",
"8Base-RHOSDS-3:devspaces/code-rhel8@sha256:7cbaeaa9210ac27b797bf14b81d77cd2ee90fc0e346320f9c914f6718bf60612_s390x",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:15bba1a42e790bad55c8290712b3f36abb45975dd793fc107cda8baeb19db5f8_ppc64le",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:65a064cf2946861ba6b00d3ed60d399b3c37273d8dca7cda0fb4f969657f9a64_amd64",
"8Base-RHOSDS-3:devspaces/configbump-rhel8@sha256:edac785793c2b5e87d0f7ffeea7bf5129f4958189591e78619f94df7903bd8af_s390x",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:8ec2a46b1ecf52e944e7ee44bf8275b72f09c71c48d93ee8220f09b3df013f09_amd64",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:9fa9ef8ccbf060e44bee2650980acd58db5b8ab7a75321dcc5a015774a4d0d9b_s390x",
"8Base-RHOSDS-3:devspaces/dashboard-rhel8@sha256:eccc09d2f5ebcca7748048c68ff36663b07bbf77db698dabb1208532c2ced7a6_ppc64le",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:124f570a143c892b2a50a3c8d451978d0127eefdf7905cfd6684110b2bbe283b_amd64",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:88bf479fe7aed60a3699ff6ddbec895515497cf4a4598e4535d2ece9ab3d403f_ppc64le",
"8Base-RHOSDS-3:devspaces/devfileregistry-rhel8@sha256:9aa2faf93b2dad63b141578afd220505c2f091c3498230b2fcc12827f3b87936_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:6c28b6264a66507e2d73500ad8f4c78163e450557bed1eea8cdc964e0233aee5_ppc64le",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:a58107d4a183fc02637b9f04ca63e71ec61ff93a6f098616bae7c3c8e7488faa_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:dcd45d89d8e8a7ab39a1ad2832f97ff46e8b1748991f32b2801eaad9f6eff8ba_amd64",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:2d19a94c9ed47a01cfbacdb6f555b748b2dfb5f789eb74a44b6e88ddf34e6ad2_s390x",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:7b9ffae5f1155a111ded6d4da37e2f1cf7252e01399b8af219c4005fdae08433_ppc64le",
"8Base-RHOSDS-3:devspaces/devspaces-rhel8-operator@sha256:95ebe1eee34c39cb97ee35f587be06c801bc1df2799ff22957850484a374eef3_amd64",
"8Base-RHOSDS-3:devspaces/idea-rhel8@sha256:5900bae4a8f3937cc2cbe18fe3f9a0e67f9fbe45698a489be10ade4898654512_amd64",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:1a60b0526a5a224f3459a2543a126196e023cb72766459240cadb330552e135c_amd64",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:6d7ec3176c60abff3cb7dc0c42f01de3422279830992036eabd2ba4cc7239244_ppc64le",
"8Base-RHOSDS-3:devspaces/imagepuller-rhel8@sha256:ce32303628b801de3c130ecf8dcd182fd242f269864879ddd0ddf43f83f4b76a_s390x",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:050219134f2c59c7be2109eb20e75dae9d92b930844afe794cee6a8e7751b724_amd64",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:16dec22235b1cc87f280b78f9f96842aa3980c3c3a76bf6aeb73ab0c02b198f7_ppc64le",
"8Base-RHOSDS-3:devspaces/machineexec-rhel8@sha256:bd454a1865e6b140fa803c6009624db373b38859ea33f12fcd5a23ab90e19b81_s390x",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:2f4ce15fd04dc92de55196f24faf69c34d17c972f8b031a9563fe6970ef92639_amd64",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:3842954883b1bded547b0026745b5c103321a90ae1902bcdb37705a1986cf9c8_s390x",
"8Base-RHOSDS-3:devspaces/pluginregistry-rhel8@sha256:71a8618a93f82f437c726f649fc7de98465482e21b77ea06c272d29ef02fed16_ppc64le",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:324aa225723803002a2380488b075451cd60a8842946ea2d5159ad4ce2244aaa_s390x",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:72b9652056ada0c3360c4f04d46afde5acdcc06c993cda71f8e1e6aaa79bb235_amd64",
"8Base-RHOSDS-3:devspaces/server-rhel8@sha256:c150d401685f3d7f2bfdd03927591295c8d7f82e6e2bc410cc4dc314f9900e67_ppc64le",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:52ff9a81170acfd97df4451aef4830dd5b7474711233d892888b8424982bd158_s390x",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:67efa1d8929e5f38078357ba1aa17bca1cfa65460f478bafed142afceea0269a_amd64",
"8Base-RHOSDS-3:devspaces/traefik-rhel8@sha256:c26001afd728fa38fe3fd0842a1767d388b789f66b0272c335f0ef6e1e852c64_ppc64le",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:43a9111fa0579cc4ab1dc253077af73fb1e76beb963e99bbfdb30dc57ae3c5ef_ppc64le",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:4be81ccd4ce15e23487a0fcac930141c434f26795f102af608561f6fa4f36661_s390x",
"8Base-RHOSDS-3:devspaces/udi-rhel8@sha256:82b9a9f22dfbd69356aaf5b8c4cbfb7931974dbfe993ac5a0d35b952dcff96ef_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: axios: Server-Side Request Forgery"
}
]
}
RHSA-2024:7164
Vulnerability from csaf_redhat - Published: 2024-09-26 03:46 - Updated: 2026-06-02 23:03Summary
Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.8.4 security and bug fix update
Severity
Important
Notes
Topic: The Migration Toolkit for Containers (MTC) 1.8.4 is now available.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
Details: The Migration Toolkit for Containers (MTC) enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API.
Security Fix(es) from Bugzilla:
* golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS (CVE-2023-45288)
* webpack-dev-middleware: lack of URL validation may lead to file leak (CVE-2024-29180)
* express: cause malformed URLs to be evaluated (CVE-2024-29041)
* axios: axios: Server-Side Request Forgery (CVE-2024-39338)
* golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect (CVE-2023-45289)
* jose-go: improper handling of highly compressed data (CVE-2024-28180)
* follow-redirects: Possible credential leak (CVE-2024-28849)
* moby: external DNS requests from 'internal' networks could lead to data exfiltration (CVE-2024-29018)
* containers/image: digest type does not guarantee valid type (CVE-2024-3727)
* golang: net: malformed DNS message can cause infinite loop (CVE-2024-24788)
* braces: fails to limit the number of characters it can handle (CVE-2024-4068)
* node-tar: denial of service while parsing a tar file due to lack of folders depth validation (CVE-2024-28863)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the gin-gonic CORS middleware. Affected versions of this package are vulnerable to an Origin Validation Error due to the mishandling of wildcard characters at the end of an origin string. This flaw could allow an attacker to bypass intended CORS restrictions by crafting origin strings that exploit this wildcard handling.
6.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A vulnerability was discovered with the implementation of the HTTP/2 protocol in the Go programming language. There were insufficient limitations on the amount of CONTINUATION frames sent within a single stream. An attacker could potentially exploit this to cause a Denial of Service (DoS) attack.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in Go's net/http/cookiejar standard library package. When following an HTTP redirect to a domain that is not a subdomain match or an exact match of the initial domain, an http.Client does not forward sensitive headers such as "Authorization" or "Cookie". For example, a redirect from foo.com to www.foo.com will forward the Authorization header, but a redirect to bar.com will not. A maliciously crafted HTTP redirect could cause sensitive headers to be unexpectedly forwarded.
5.3 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks.
8.3 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64 | — |
Vendor Fix
fix
|
Known not affected
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64 | — |
Threats
Impact
Moderate
A flaw was found in the NPM package `braces.` It fails to limit the number of characters it can handle, which could lead to memory exhaustion. In `lib/parse.js,` if a malicious user sends "imbalanced braces" as input, the parsing will enter a loop, causing the program to start allocating heap memory without freeing it at any moment of the loop. Eventually, the JavaScript heap limit is reached, and the program will crash.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in the net package of the Go stdlib. When a malformed DNS message is received as a response to a query, the Lookup functions within the net package can get stuck in an infinite loop. This issue can lead to resource exhaustion and denial of service (DoS) conditions.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A vulnerability was found in Jose due to improper handling of highly compressed data. This issue could allow an attacker to send a JWE containing compressed data that uses large amounts of memory and CPU when decompressed by Decrypt or DecryptMulti.
4.3 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A vulnerability was found in the follow-redirects package. While processing the cross-domain redirection, `follow-redirects` clears authorization headers, however, it misses clearing proxy-authentication headers, which contain credentials as well. This issue may lead to credential leaking, having a high impact on data confidentiality.
6.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64 | — |
Vendor Fix
fix
|
Known not affected
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64 | — |
Threats
Impact
Moderate
A flaw was found in ISAACS's node-tar, where it is vulnerable to a denial of service, caused by the lack of folder count validation. The vulnerability exists due to the application not properly controlling the consumption of internal resources while parsing a tar file. By sending a specially crafted request, a remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.
6.5 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64 | — |
Vendor Fix
fix
|
Known not affected
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64 | — |
Threats
Impact
Moderate
A vulnerability was found in Moby due to excessive data output in external DNS requests from "internal" networks, enabling unauthorized access to sensitive system information by remote attackers. This flaw allows attackers to gain access to sensitive information by exploiting incorrect resource transfer between spheres through specially crafted requests.
5.9 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64 | — |
Vendor Fix
fix
|
Known not affected
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64 | — | ||
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64 | — |
Threats
Impact
Moderate
A flaw was found in the Express.js minimalist web framework for node. Upstream versions of Express.js before 4.19.0 and all pre-release alpha and beta versions of 5.0 are affected by an open redirect vulnerability using malformed URLs. When a user of Express performs a redirect using a user-provided URL, Express performs an encode [using `encodeurl`](https://github.com/pillarjs/encodeurl) on the contents before passing it to the `location` header. This issue can cause malformed URLs to be evaluated in unexpected ways by common redirect allow list implementations in Express applications, leading to an Open Redirect via bypass of a properly implemented allow list. The main method impacted is `res.location()`, but this is also called from within `res.redirect()`. The vulnerability is fixed in upstream version 4.19.2 and 5.0.0-beta.3.
6.1 (Medium)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in the webpack-dev-middleware package, where it failed to validate the supplied URL address sufficiently before returning local files. This flaw allows an attacker to craft URLs to return arbitrary local files from the developer's machine. The lack of normalization before calling the middleware also allows the attacker to perform path traversal attacks on the target environment.
7.4 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64 | — |
Workaround
|
Threats
Impact
Important
A vulnerability was found in the Axios HTTP Client. It is vulnerable to a server-side request forgery attack (SSRF) caused by unexpected behavior where requests for path-relative URLs get processed as protocol-relative URLs. This flaw allows an attacker to perform arbitrary requests from the server, potentially accessing internal systems or exfiltrating sensitive data.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64 | — |
Workaround
|
Threats
Impact
Important
References
103 references
Acknowledgments
nowotarski.info
Bartek Nowotarski
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "The Migration Toolkit for Containers (MTC) 1.8.4 is now available.\n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The Migration Toolkit for Containers (MTC) enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API.\n\nSecurity Fix(es) from Bugzilla:\n\n* golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS (CVE-2023-45288)\n\n* webpack-dev-middleware: lack of URL validation may lead to file leak (CVE-2024-29180)\n\n* express: cause malformed URLs to be evaluated (CVE-2024-29041)\n\n* axios: axios: Server-Side Request Forgery (CVE-2024-39338)\n\n* golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect (CVE-2023-45289)\n\n* jose-go: improper handling of highly compressed data (CVE-2024-28180)\n\n* follow-redirects: Possible credential leak (CVE-2024-28849)\n\n* moby: external DNS requests from \u0027internal\u0027 networks could lead to data exfiltration (CVE-2024-29018)\n\n* containers/image: digest type does not guarantee valid type (CVE-2024-3727)\n\n* golang: net: malformed DNS message can cause infinite loop (CVE-2024-24788)\n\n* braces: fails to limit the number of characters it can handle (CVE-2024-4068)\n\n* node-tar: denial of service while parsing a tar file due to lack of folders depth validation (CVE-2024-28863)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:7164",
"url": "https://access.redhat.com/errata/RHSA-2024:7164"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2268018",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268018"
},
{
"category": "external",
"summary": "2268273",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268273"
},
{
"category": "external",
"summary": "2268854",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268854"
},
{
"category": "external",
"summary": "2269576",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269576"
},
{
"category": "external",
"summary": "2270591",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270591"
},
{
"category": "external",
"summary": "2270863",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270863"
},
{
"category": "external",
"summary": "2274767",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2274767"
},
{
"category": "external",
"summary": "2279814",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2279814"
},
{
"category": "external",
"summary": "2280600",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280600"
},
{
"category": "external",
"summary": "2290901",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2290901"
},
{
"category": "external",
"summary": "2293200",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293200"
},
{
"category": "external",
"summary": "2295302",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295302"
},
{
"category": "external",
"summary": "2299624",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2299624"
},
{
"category": "external",
"summary": "2299625",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2299625"
},
{
"category": "external",
"summary": "2299628",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2299628"
},
{
"category": "external",
"summary": "2299668",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2299668"
},
{
"category": "external",
"summary": "MIG-1592",
"url": "https://issues.redhat.com/browse/MIG-1592"
},
{
"category": "external",
"summary": "MIG-1593",
"url": "https://issues.redhat.com/browse/MIG-1593"
},
{
"category": "external",
"summary": "MIG-1598",
"url": "https://issues.redhat.com/browse/MIG-1598"
},
{
"category": "external",
"summary": "MIG-1610",
"url": "https://issues.redhat.com/browse/MIG-1610"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_7164.json"
}
],
"title": "Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.8.4 security and bug fix update",
"tracking": {
"current_release_date": "2026-06-02T23:03:03+00:00",
"generator": {
"date": "2026-06-02T23:03:03+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2024:7164",
"initial_release_date": "2024-09-26T03:46:53+00:00",
"revision_history": [
{
"date": "2024-09-26T03:46:53+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-09-26T03:46:53+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-02T23:03:03+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "8Base-RHMTC-1.8",
"product": {
"name": "8Base-RHMTC-1.8",
"product_id": "8Base-RHMTC-1.8",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhmt:1.8::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Migration Toolkit"
},
{
"branches": [
{
"category": "product_version",
"name": "rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"product": {
"name": "rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"product_id": "rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-controller-rhel8\u0026tag=v1.8.4-22"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"product": {
"name": "rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"product_id": "rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-hook-runner-rhel8\u0026tag=v1.8.4-8"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"product": {
"name": "rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"product_id": "rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-log-reader-rhel8\u0026tag=v1.8.4-10"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"product": {
"name": "rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"product_id": "rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-must-gather-rhel8\u0026tag=v1.8.4-16"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"product": {
"name": "rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"product_id": "rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-openvpn-rhel8\u0026tag=v1.8.4-10"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"product": {
"name": "rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"product_id": "rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-rhel8-operator\u0026tag=v1.8.4-16"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"product": {
"name": "rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"product_id": "rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-operator-bundle\u0026tag=v1.8.4-33"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"product": {
"name": "rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"product_id": "rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-registry-rhel8\u0026tag=v1.8.4-11"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"product": {
"name": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"product_id": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-rsync-transfer-rhel8\u0026tag=v1.8.4-9"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"product": {
"name": "rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"product_id": "rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-ui-rhel8\u0026tag=v1.8.4-10"
}
}
},
{
"category": "product_version",
"name": "rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64",
"product": {
"name": "rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64",
"product_id": "rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9?arch=amd64\u0026repository_url=registry.redhat.io/rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8\u0026tag=v1.8.4-9"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64 as a component of 8Base-RHMTC-1.8",
"product_id": "8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64"
},
"product_reference": "rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64 as a component of 8Base-RHMTC-1.8",
"product_id": "8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64"
},
"product_reference": "rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64 as a component of 8Base-RHMTC-1.8",
"product_id": "8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64"
},
"product_reference": "rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64 as a component of 8Base-RHMTC-1.8",
"product_id": "8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64"
},
"product_reference": "rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64 as a component of 8Base-RHMTC-1.8",
"product_id": "8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64"
},
"product_reference": "rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64 as a component of 8Base-RHMTC-1.8",
"product_id": "8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64"
},
"product_reference": "rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64 as a component of 8Base-RHMTC-1.8",
"product_id": "8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64"
},
"product_reference": "rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64 as a component of 8Base-RHMTC-1.8",
"product_id": "8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64"
},
"product_reference": "rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64 as a component of 8Base-RHMTC-1.8",
"product_id": "8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64"
},
"product_reference": "rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64 as a component of 8Base-RHMTC-1.8",
"product_id": "8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64"
},
"product_reference": "rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64 as a component of 8Base-RHMTC-1.8",
"product_id": "8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
},
"product_reference": "rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64",
"relates_to_product_reference": "8Base-RHMTC-1.8"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-25211",
"cwe": {
"id": "CWE-346",
"name": "Origin Validation Error"
},
"discovery_date": "2024-07-02T21:00:45+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2295302"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the gin-gonic CORS middleware. Affected versions of this package are vulnerable to an Origin Validation Error due to the mishandling of wildcard characters at the end of an origin string. This flaw could allow an attacker to bypass intended CORS restrictions by crafting origin strings that exploit this wildcard handling.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/gin-contrib/cors: Gin mishandles a wildcard in the origin string in github.com/gin-contrib/cors",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-25211"
},
{
"category": "external",
"summary": "RHBZ#2295302",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295302"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-25211",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-25211"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-25211",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-25211"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-869c-j7wc-8jqv",
"url": "https://github.com/advisories/GHSA-869c-j7wc-8jqv"
},
{
"category": "external",
"summary": "https://github.com/gin-contrib/cors/commit/27b723a473efd80d5a498fa9f5933c80204c850d",
"url": "https://github.com/gin-contrib/cors/commit/27b723a473efd80d5a498fa9f5933c80204c850d"
},
{
"category": "external",
"summary": "https://github.com/gin-contrib/cors/compare/v1.5.0...v1.6.0",
"url": "https://github.com/gin-contrib/cors/compare/v1.5.0...v1.6.0"
},
{
"category": "external",
"summary": "https://github.com/gin-contrib/cors/pull/106",
"url": "https://github.com/gin-contrib/cors/pull/106"
},
{
"category": "external",
"summary": "https://github.com/gin-contrib/cors/pull/57",
"url": "https://github.com/gin-contrib/cors/pull/57"
},
{
"category": "external",
"summary": "https://github.com/gin-contrib/cors/releases/tag/v1.6.0",
"url": "https://github.com/gin-contrib/cors/releases/tag/v1.6.0"
}
],
"release_date": "2024-07-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-26T03:46:53+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7164"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "github.com/gin-contrib/cors: Gin mishandles a wildcard in the origin string in github.com/gin-contrib/cors"
},
{
"acknowledgments": [
{
"names": [
"Bartek Nowotarski"
],
"organization": "nowotarski.info"
}
],
"cve": "CVE-2023-45288",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-03-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268273"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered with the implementation of the HTTP/2 protocol in the Go programming language. There were insufficient limitations on the amount of CONTINUATION frames sent within a single stream. An attacker could potentially exploit this to cause a Denial of Service (DoS) attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat rates the security impact of this vulnerability as Important due to the worst case scenario resulting in a denial of service. It is simple to exploit, could significantly impact availability, and there is not a suitable mitigation for all use cases. Once an attack has ended, the system should return to normal operations on its own.\n\nThis vulnerability only impacts servers which have HTTP/2 enabled. It stems from an imperfect definition of the protocol. As the Go programming language is widely utilized across nearly every major Red Hat offering, a full listing of impacted packages will not be provided. Therefore, the \u201cAffected Packages and Issued Red Hat Security Errata\u201d section contains a simplified list of what offerings need to remediate this vulnerability. Every impacted offering has at least one representative component listed, but potentially not all of them. Rest assured that Red Hat is committed to remediating this vulnerability across our entire portfolio.\n\nMany components are rated as Low impact due to configurations which reduce the attack surface or significantly increase the difficulty of exploitation. A summary of these scenarios are:\n* The container includes a package that provides a vulnerable webserver, but it is not used or running during operation\n* HTTP/2 is disabled by default and is not supported\n* Only a client implementation is provided, which is not vulnerable\n* A vulnerable module (either golang.org/net/http or golang.org/x/net/http2) is included, but disabled\n* Access to a vulnerable server is restricted within the container (loopback only connections)\n* Golang is available in the container but is not used\n\n\nWithin the Red Hat OpenShift Container Platform, the majority of vulnerable components are not externally accessible. This means an attacker must already have access to a container within your environment to exploit this vulnerability. However, the ose-hyperkube (openshift-enterprise-hyperkube) container is externally accessible, so there are less barriers to exploitation. Fixes for this specific container are already available.\n\nWithin Red Hat Ansible Automation Platform, the impacted component is Receptor. The impact has been reduced to Low as the vulnerable code is present, but not utilized. There are three potential exposures within this component:\n* Receptor utilizes QUIC a UDP based protocol which does not run over HTTP/2\n* Receptor utilizes the x/net/ipv4 and ipv6 packages, both of which are not affected",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-45288"
},
{
"category": "external",
"summary": "RHBZ#2268273",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268273"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-45288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-45288",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45288"
},
{
"category": "external",
"summary": "https://nowotarski.info/http2-continuation-flood/",
"url": "https://nowotarski.info/http2-continuation-flood/"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-2687",
"url": "https://pkg.go.dev/vuln/GO-2024-2687"
},
{
"category": "external",
"summary": "https://www.kb.cert.org/vuls/id/421644",
"url": "https://www.kb.cert.org/vuls/id/421644"
}
],
"release_date": "2024-04-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-26T03:46:53+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7164"
},
{
"category": "workaround",
"details": "In some environments where http/2 support is not required, it may be possible to disable this feature to reduce risk.",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS"
},
{
"cve": "CVE-2023-45289",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2024-03-05T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268018"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s net/http/cookiejar standard library package. When following an HTTP redirect to a domain that is not a subdomain match or an exact match of the initial domain, an http.Client does not forward sensitive headers such as \"Authorization\" or \"Cookie\". For example, a redirect from foo.com to www.foo.com will forward the Authorization header, but a redirect to bar.com will not. A maliciously crafted HTTP redirect could cause sensitive headers to be unexpectedly forwarded.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-45289"
},
{
"category": "external",
"summary": "RHBZ#2268018",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268018"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-45289",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45289"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-45289",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-45289"
}
],
"release_date": "2024-03-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-26T03:46:53+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7164"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect"
},
{
"cve": "CVE-2024-3727",
"cwe": {
"id": "CWE-354",
"name": "Improper Validation of Integrity Check Value"
},
"discovery_date": "2024-04-12T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2274767"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "containers/image: digest type does not guarantee valid type",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Some conditions are necessary for this attack to occur, such as the attacker being able to upload malicious images to the registry and persuade a victim to pull them. Hence, the severity of this flaw was rated as Moderate.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-3727"
},
{
"category": "external",
"summary": "RHBZ#2274767",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2274767"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-3727",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3727"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-3727",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-3727"
}
],
"release_date": "2024-05-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-26T03:46:53+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7164"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "containers/image: digest type does not guarantee valid type"
},
{
"cve": "CVE-2024-4068",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2024-05-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2280600"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the NPM package `braces.` It fails to limit the number of characters it can handle, which could lead to memory exhaustion. In `lib/parse.js,` if a malicious user sends \"imbalanced braces\" as input, the parsing will enter a loop, causing the program to start allocating heap memory without freeing it at any moment of the loop. Eventually, the JavaScript heap limit is reached, and the program will crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "braces: fails to limit the number of characters it can handle",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-4068"
},
{
"category": "external",
"summary": "RHBZ#2280600",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280600"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-4068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4068"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-4068",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-4068"
},
{
"category": "external",
"summary": "https://devhub.checkmarx.com/cve-details/CVE-2024-4068/",
"url": "https://devhub.checkmarx.com/cve-details/CVE-2024-4068/"
},
{
"category": "external",
"summary": "https://github.com/micromatch/braces/blob/98414f9f1fabe021736e26836d8306d5de747e0d/lib/parse.js#L308",
"url": "https://github.com/micromatch/braces/blob/98414f9f1fabe021736e26836d8306d5de747e0d/lib/parse.js#L308"
},
{
"category": "external",
"summary": "https://github.com/micromatch/braces/issues/35",
"url": "https://github.com/micromatch/braces/issues/35"
}
],
"release_date": "2024-03-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-26T03:46:53+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7164"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "braces: fails to limit the number of characters it can handle"
},
{
"cve": "CVE-2024-24788",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2024-05-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2279814"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net package of the Go stdlib. When a malformed DNS message is received as a response to a query, the Lookup functions within the net package can get stuck in an infinite loop. This issue can lead to resource exhaustion and denial of service (DoS) conditions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net: malformed DNS message can cause infinite loop",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-24788"
},
{
"category": "external",
"summary": "RHBZ#2279814",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2279814"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-24788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24788"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-2824",
"url": "https://pkg.go.dev/vuln/GO-2024-2824"
}
],
"release_date": "2024-05-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-26T03:46:53+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7164"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: net: malformed DNS message can cause infinite loop"
},
{
"cve": "CVE-2024-28180",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2024-03-10T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268854"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Jose due to improper handling of highly compressed data. This issue could allow an attacker to send a JWE containing compressed data that uses large amounts of memory and CPU when decompressed by Decrypt or DecryptMulti.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jose-go: improper handling of highly compressed data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-28180"
},
{
"category": "external",
"summary": "RHBZ#2268854",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268854"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-28180",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28180"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-28180",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28180"
},
{
"category": "external",
"summary": "https://github.com/go-jose/go-jose/security/advisories/GHSA-c5q2-7r4c-mv6g",
"url": "https://github.com/go-jose/go-jose/security/advisories/GHSA-c5q2-7r4c-mv6g"
}
],
"release_date": "2024-03-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-26T03:46:53+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7164"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jose-go: improper handling of highly compressed data"
},
{
"cve": "CVE-2024-28849",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2024-03-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2269576"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the follow-redirects package. While processing the cross-domain redirection, `follow-redirects` clears authorization headers, however, it misses clearing proxy-authentication headers, which contain credentials as well. This issue may lead to credential leaking, having a high impact on data confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "follow-redirects: Possible credential leak",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-28849"
},
{
"category": "external",
"summary": "RHBZ#2269576",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269576"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-28849",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28849"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-28849",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28849"
},
{
"category": "external",
"summary": "https://github.com/follow-redirects/follow-redirects/security/advisories/GHSA-cxjh-pqwp-8mfp",
"url": "https://github.com/follow-redirects/follow-redirects/security/advisories/GHSA-cxjh-pqwp-8mfp"
}
],
"release_date": "2024-03-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-26T03:46:53+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7164"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "follow-redirects: Possible credential leak"
},
{
"cve": "CVE-2024-28863",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-06-20T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2293200"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in ISAACS\u0027s node-tar, where it is vulnerable to a denial of service, caused by the lack of folder count validation. The vulnerability exists due to the application not properly controlling the consumption of internal resources while parsing a tar file. By sending a specially crafted request, a remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-tar: denial of service while parsing a tar file due to lack of folders depth validation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-28863"
},
{
"category": "external",
"summary": "RHBZ#2293200",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293200"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-28863",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28863"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-28863",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28863"
},
{
"category": "external",
"summary": "https://github.com/isaacs/node-tar/security/advisories/GHSA-f5x3-32g6-xq36",
"url": "https://github.com/isaacs/node-tar/security/advisories/GHSA-f5x3-32g6-xq36"
},
{
"category": "external",
"summary": "https://security.netapp.com/advisory/ntap-20240524-0005/",
"url": "https://security.netapp.com/advisory/ntap-20240524-0005/"
}
],
"release_date": "2024-03-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-26T03:46:53+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7164"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "node-tar: denial of service while parsing a tar file due to lack of folders depth validation"
},
{
"cve": "CVE-2024-29018",
"cwe": {
"id": "CWE-669",
"name": "Incorrect Resource Transfer Between Spheres"
},
"discovery_date": "2024-03-21T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2270591"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Moby due to excessive data output in external DNS requests from \"internal\" networks, enabling unauthorized access to sensitive system information by remote attackers. This flaw allows attackers to gain access to sensitive information by exploiting incorrect resource transfer between spheres through specially crafted requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "moby: external DNS requests from \u0027internal\u0027 networks could lead to data exfiltration",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-29018"
},
{
"category": "external",
"summary": "RHBZ#2270591",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270591"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-29018",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29018"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29018",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29018"
},
{
"category": "external",
"summary": "https://github.com/moby/moby/pull/46609",
"url": "https://github.com/moby/moby/pull/46609"
},
{
"category": "external",
"summary": "https://github.com/moby/moby/security/advisories/GHSA-mq39-4gv4-mvpx",
"url": "https://github.com/moby/moby/security/advisories/GHSA-mq39-4gv4-mvpx"
}
],
"release_date": "2024-03-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-26T03:46:53+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7164"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "moby: external DNS requests from \u0027internal\u0027 networks could lead to data exfiltration"
},
{
"cve": "CVE-2024-29041",
"cwe": {
"id": "CWE-601",
"name": "URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)"
},
"discovery_date": "2024-06-07T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2290901"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Express.js minimalist web framework for node. Upstream versions of Express.js before 4.19.0 and all pre-release alpha and beta versions of 5.0 are affected by an open redirect vulnerability using malformed URLs. When a user of Express performs a redirect using a user-provided URL, Express performs an encode [using `encodeurl`](https://github.com/pillarjs/encodeurl) on the contents before passing it to the `location` header. This issue can cause malformed URLs to be evaluated in unexpected ways by common redirect allow list implementations in Express applications, leading to an Open Redirect via bypass of a properly implemented allow list. The main method impacted is `res.location()`, but this is also called from within `res.redirect()`. The vulnerability is fixed in upstream version 4.19.2 and 5.0.0-beta.3.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "express: cause malformed URLs to be evaluated",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Fuse 7 only uses express as part of build time development dependency, it is not part of the final product delivery.\n\nUpstream versions should not be relied upon for ultimate determination of affectedness. Red Hat might backport fixes from upstream versions on a case by case basis.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-29041"
},
{
"category": "external",
"summary": "RHBZ#2290901",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2290901"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-29041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29041"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29041",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29041"
},
{
"category": "external",
"summary": "https://expressjs.com/en/4x/api.html#res.location",
"url": "https://expressjs.com/en/4x/api.html#res.location"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/commit/0867302ddbde0e9463d0564fea5861feb708c2dd",
"url": "https://github.com/expressjs/express/commit/0867302ddbde0e9463d0564fea5861feb708c2dd"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/commit/0b746953c4bd8e377123527db11f9cd866e39f94",
"url": "https://github.com/expressjs/express/commit/0b746953c4bd8e377123527db11f9cd866e39f94"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/pull/5539",
"url": "https://github.com/expressjs/express/pull/5539"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/security/advisories/GHSA-rv95-896h-c2vc",
"url": "https://github.com/expressjs/express/security/advisories/GHSA-rv95-896h-c2vc"
},
{
"category": "external",
"summary": "https://github.com/koajs/koa/issues/1800",
"url": "https://github.com/koajs/koa/issues/1800"
}
],
"release_date": "2024-03-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-26T03:46:53+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7164"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "express: cause malformed URLs to be evaluated"
},
{
"cve": "CVE-2024-29180",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2024-03-21T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2270863"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the webpack-dev-middleware package, where it failed to validate the supplied URL address sufficiently before returning local files. This flaw allows an attacker to craft URLs to return arbitrary local files from the developer\u0027s machine. The lack of normalization before calling the middleware also allows the attacker to perform path traversal attacks on the target environment.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webpack-dev-middleware: lack of URL validation may lead to file leak",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability in webpack-dev represents a important security issue due to its potential to expose sensitive files and compromise developer machines. By failing to validate URLs and normalize paths effectively, the middleware allows attackers to craft malicious requests that can retrieve arbitrary local files or perform unauthorized path traversal. This could lead to unauthorized access to confidential information, including source code, configuration files, and even system-level files. Given the widespread use of webpack-dev-middleware in web development environments, addressing this vulnerability promptly is important to prevent serious data breaches and protect the integrity of development processes.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-29180"
},
{
"category": "external",
"summary": "RHBZ#2270863",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270863"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-29180",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29180"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-29180",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-29180"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack-dev-middleware/security/advisories/GHSA-wr3j-pwj9-hqq6",
"url": "https://github.com/webpack/webpack-dev-middleware/security/advisories/GHSA-wr3j-pwj9-hqq6"
}
],
"release_date": "2024-03-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-26T03:46:53+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7164"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "webpack-dev-middleware: lack of URL validation may lead to file leak"
},
{
"cve": "CVE-2024-39338",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2024-08-13T17:21:32.774718+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2304369"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Axios HTTP Client. It is vulnerable to a server-side request forgery attack (SSRF) caused by unexpected behavior where requests for path-relative URLs get processed as protocol-relative URLs. This flaw allows an attacker to perform arbitrary requests from the server, potentially accessing internal systems or exfiltrating sensitive data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: axios: Server-Side Request Forgery",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as IMPORTANT because it can be exploited remotely with low complexity and without user interaction, it poses a significant risk to confidentiality.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64"
],
"known_not_affected": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-39338"
},
{
"category": "external",
"summary": "RHBZ#2304369",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304369"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-39338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39338"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-39338",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39338"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/releases",
"url": "https://github.com/axios/axios/releases"
},
{
"category": "external",
"summary": "https://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.html",
"url": "https://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.html"
}
],
"release_date": "2024-08-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-09-26T03:46:53+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:7164"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHMTC-1.8:rhmtc/openshift-migration-controller-rhel8@sha256:a4025dfcd79bcb22e2ab91e1bc027c200f9c2741ed2c3a576a64cb24084c584e_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-hook-runner-rhel8@sha256:419c11ecd25664d16f77aec6589c9fa183832947766f75575dfab4bc059fe876_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-log-reader-rhel8@sha256:6886c4d68d7c6100b5eb7239ae8ce14871403a71ce69b35c42c0ce238b32ff87_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-must-gather-rhel8@sha256:08bb8048bb9fc00ba84e846fce7ce3e37506fbadf077b487c1d3d2dd607b2277_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-openvpn-rhel8@sha256:1e0cf80fab89615624cf7f9f62e72e161af4143ed1d6245db45f09ba8382dbc4_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-operator-bundle@sha256:9616b52c1d745b7bf37c0237a6cd2cde9a1d9e8dbfdb5e5cb49504805e706065_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-registry-rhel8@sha256:c7f229ac51306d667f9b766fb1a464686fa47eb06d5658dbe4977e25b4877b20_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rhel8-operator@sha256:79c957509adaff575917d1e70ec25965a4230c0a2deb9cd9007089dfc3ec39cc_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-rsync-transfer-rhel8@sha256:b556472a46fbac2508b8f36b975c8fdb26a77a2fc8bd43b2667f9151bf1cbc3f_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-ui-rhel8@sha256:db4903f395697e2eb244a0251ec1a5f89b12434501cb56889f2af37770f95f58_amd64",
"8Base-RHMTC-1.8:rhmtc/openshift-migration-velero-plugin-for-mtc-rhel8@sha256:8765eb907963a6677c1af44dee1168d635d243824396f73c829697b1582046e9_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: axios: Server-Side Request Forgery"
}
]
}
RHSA-2024:8014
Vulnerability from csaf_redhat - Published: 2024-10-22 01:05 - Updated: 2026-06-02 17:43Summary
Red Hat Security Advisory: Network Observability 1.7.0 for OpenShift
Severity
Important
Notes
Topic: Network Observability 1.7 for Red Hat OpenShift
Red Hat Product Security has rated this update as having a security impact of
Important. A Common Vulnerability Scoring System (CVSS) base score, which gives
a detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
Details: Network Observability 1.7.0
Security Fix(es):
* Network Observability: Code Execution Vulnerability in Send Library (CVE-2024-43799)
* Network Observability: XSS vulnerability via prototype pollution (CVE-2024-45801)
* Network Observability: axios: Server-Side Request Forgery (CVE-2024-39338)
* Network Observability: Denial of Service Vulnerability in body-parser (CVE-2024-45590)
* Network Observability: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)
* Network Observability: Backtracking regular expressions cause ReDoS (CVE-2024-45296)
* Network Observability: Improper Input Handling in Express Redirects (CVE-2024-43796)
* Network Observability: Improper Sanitization in serve-static (CVE-2024-43800)
* Network Observability: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion (CVE-2024-34156)
* Network Observability: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion (CVE-2024-34155)
* Network Observability: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion (CVE-2024-34158)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the go/parser package of the Golang standard library. Calling any Parse functions on Go source code containing deeply nested literals can cause a panic due to stack exhaustion.
5.9 (Medium)
Affected products
Fixed
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.
7.5 (High)
Affected products
Fixed
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in the go/build/constraint package of the Golang standard library. Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.
5.9 (Medium)
Affected products
Fixed
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A vulnerability was found in the Axios HTTP Client. It is vulnerable to a server-side request forgery attack (SSRF) caused by unexpected behavior where requests for path-relative URLs get processed as protocol-relative URLs. This flaw allows an attacker to perform arbitrary requests from the server, potentially accessing internal systems or exfiltrating sensitive data.
7.5 (High)
Affected products
Fixed
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.
6.1 (Medium)
Affected products
Fixed
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in Express. This vulnerability allows untrusted code execution via passing untrusted user input to response.redirect(), even if the input is sanitized.
5.0 (Medium)
Affected products
Fixed
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the Send library. This vulnerability allows remote code execution via untrusted input passed to the SendStream.redirect() function.
5.0 (Medium)
Affected products
Fixed
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in serve-static. This issue may allow the execution of untrusted code via passing sanitized yet untrusted user input to redirect().
5.0 (Medium)
Affected products
Fixed
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in path-to-regexp package, where it turns path strings into regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. Because JavaScript is single-threaded and regex matching runs on the main thread, poor performance will block the event loop and lead to a denial of service (DoS).
5.3 (Medium)
Affected products
Fixed
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in body-parser. This vulnerability causes denial of service via a specially crafted payload when the URL encoding is enabled.
7.5 (High)
Affected products
Fixed
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in DOMPurify. This issue may allow an attacker to use specially-crafted HTML to bypass the depth checking or use Prototype Pollution to weaken the depth check, which can lead to cross site scripting (XSS) attacks.
7.0 (High)
Affected products
Fixed
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
115 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Network Observability 1.7 for Red Hat OpenShift\n\nRed Hat Product Security has rated this update as having a security impact of\nImportant. A Common Vulnerability Scoring System (CVSS) base score, which gives\na detailed severity rating, is available for each vulnerability from the CVE\nlink(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Network Observability 1.7.0\n\nSecurity Fix(es):\n\n* Network Observability: Code Execution Vulnerability in Send Library (CVE-2024-43799)\n* Network Observability: XSS vulnerability via prototype pollution (CVE-2024-45801)\n* Network Observability: axios: Server-Side Request Forgery (CVE-2024-39338)\n* Network Observability: Denial of Service Vulnerability in body-parser (CVE-2024-45590)\n* Network Observability: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)\n* Network Observability: Backtracking regular expressions cause ReDoS (CVE-2024-45296)\n* Network Observability: Improper Input Handling in Express Redirects (CVE-2024-43796)\n* Network Observability: Improper Sanitization in serve-static (CVE-2024-43800)\n* Network Observability: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion (CVE-2024-34156)\n* Network Observability: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion (CVE-2024-34155)\n* Network Observability: Calling Parse on a \"// +build\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion (CVE-2024-34158)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:8014",
"url": "https://access.redhat.com/errata/RHSA-2024:8014"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2308193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308193"
},
{
"category": "external",
"summary": "2310527",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310527"
},
{
"category": "external",
"summary": "2310528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310528"
},
{
"category": "external",
"summary": "2310529",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310529"
},
{
"category": "external",
"summary": "2310908",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310908"
},
{
"category": "external",
"summary": "2311152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311152"
},
{
"category": "external",
"summary": "2311153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311153"
},
{
"category": "external",
"summary": "2311154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311154"
},
{
"category": "external",
"summary": "2311171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311171"
},
{
"category": "external",
"summary": "2312631",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312631"
},
{
"category": "external",
"summary": "NETOBSERV-1377",
"url": "https://issues.redhat.com/browse/NETOBSERV-1377"
},
{
"category": "external",
"summary": "NETOBSERV-1509",
"url": "https://issues.redhat.com/browse/NETOBSERV-1509"
},
{
"category": "external",
"summary": "NETOBSERV-1538",
"url": "https://issues.redhat.com/browse/NETOBSERV-1538"
},
{
"category": "external",
"summary": "NETOBSERV-1540",
"url": "https://issues.redhat.com/browse/NETOBSERV-1540"
},
{
"category": "external",
"summary": "NETOBSERV-1564",
"url": "https://issues.redhat.com/browse/NETOBSERV-1564"
},
{
"category": "external",
"summary": "NETOBSERV-163",
"url": "https://issues.redhat.com/browse/NETOBSERV-163"
},
{
"category": "external",
"summary": "NETOBSERV-1666",
"url": "https://issues.redhat.com/browse/NETOBSERV-1666"
},
{
"category": "external",
"summary": "NETOBSERV-1667",
"url": "https://issues.redhat.com/browse/NETOBSERV-1667"
},
{
"category": "external",
"summary": "NETOBSERV-1733",
"url": "https://issues.redhat.com/browse/NETOBSERV-1733"
},
{
"category": "external",
"summary": "NETOBSERV-1746",
"url": "https://issues.redhat.com/browse/NETOBSERV-1746"
},
{
"category": "external",
"summary": "NETOBSERV-1748",
"url": "https://issues.redhat.com/browse/NETOBSERV-1748"
},
{
"category": "external",
"summary": "NETOBSERV-1753",
"url": "https://issues.redhat.com/browse/NETOBSERV-1753"
},
{
"category": "external",
"summary": "NETOBSERV-1766",
"url": "https://issues.redhat.com/browse/NETOBSERV-1766"
},
{
"category": "external",
"summary": "NETOBSERV-1779",
"url": "https://issues.redhat.com/browse/NETOBSERV-1779"
},
{
"category": "external",
"summary": "NETOBSERV-1783",
"url": "https://issues.redhat.com/browse/NETOBSERV-1783"
},
{
"category": "external",
"summary": "NETOBSERV-1788",
"url": "https://issues.redhat.com/browse/NETOBSERV-1788"
},
{
"category": "external",
"summary": "NETOBSERV-1798",
"url": "https://issues.redhat.com/browse/NETOBSERV-1798"
},
{
"category": "external",
"summary": "NETOBSERV-1805",
"url": "https://issues.redhat.com/browse/NETOBSERV-1805"
},
{
"category": "external",
"summary": "NETOBSERV-1806",
"url": "https://issues.redhat.com/browse/NETOBSERV-1806"
},
{
"category": "external",
"summary": "NETOBSERV-1808",
"url": "https://issues.redhat.com/browse/NETOBSERV-1808"
},
{
"category": "external",
"summary": "NETOBSERV-1811",
"url": "https://issues.redhat.com/browse/NETOBSERV-1811"
},
{
"category": "external",
"summary": "NETOBSERV-1812",
"url": "https://issues.redhat.com/browse/NETOBSERV-1812"
},
{
"category": "external",
"summary": "NETOBSERV-1813",
"url": "https://issues.redhat.com/browse/NETOBSERV-1813"
},
{
"category": "external",
"summary": "NETOBSERV-1816",
"url": "https://issues.redhat.com/browse/NETOBSERV-1816"
},
{
"category": "external",
"summary": "NETOBSERV-1819",
"url": "https://issues.redhat.com/browse/NETOBSERV-1819"
},
{
"category": "external",
"summary": "NETOBSERV-1848",
"url": "https://issues.redhat.com/browse/NETOBSERV-1848"
},
{
"category": "external",
"summary": "NETOBSERV-1884",
"url": "https://issues.redhat.com/browse/NETOBSERV-1884"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8014.json"
}
],
"title": "Red Hat Security Advisory: Network Observability 1.7.0 for OpenShift",
"tracking": {
"current_release_date": "2026-06-02T17:43:36+00:00",
"generator": {
"date": "2026-06-02T17:43:36+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2024:8014",
"initial_release_date": "2024-10-22T01:05:39+00:00",
"revision_history": [
{
"date": "2024-10-22T01:05:39+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-10-22T01:05:39+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-02T17:43:36+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "NETOBSERV 1.7 for RHEL 9",
"product": {
"name": "NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:network_observ_optr:1.7.0::el9"
}
}
}
],
"category": "product_family",
"name": "Network Observability"
},
{
"branches": [
{
"category": "product_version",
"name": "network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"product": {
"name": "network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"product_id": "network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee?arch=amd64\u0026repository_url=registry.redhat.io/network-observability/network-observability-cli-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"product": {
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"product_id": "network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f?arch=amd64\u0026repository_url=registry.redhat.io/network-observability/network-observability-console-plugin-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"product": {
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"product_id": "network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056?arch=amd64\u0026repository_url=registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"product": {
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"product_id": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45?arch=amd64\u0026repository_url=registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"product": {
"name": "network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"product_id": "network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1?arch=amd64\u0026repository_url=registry.redhat.io/network-observability/network-observability-operator-bundle\u0026tag=1.7.0-86"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"product": {
"name": "network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"product_id": "network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba?arch=amd64\u0026repository_url=registry.redhat.io/network-observability/network-observability-rhel9-operator\u0026tag=v1.7.0-67"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"product": {
"name": "network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"product_id": "network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d?arch=ppc64le\u0026repository_url=registry.redhat.io/network-observability/network-observability-cli-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"product": {
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"product_id": "network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86?arch=ppc64le\u0026repository_url=registry.redhat.io/network-observability/network-observability-console-plugin-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"product": {
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"product_id": "network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe?arch=ppc64le\u0026repository_url=registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"product": {
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"product_id": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840?arch=ppc64le\u0026repository_url=registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"product": {
"name": "network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"product_id": "network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b?arch=ppc64le\u0026repository_url=registry.redhat.io/network-observability/network-observability-operator-bundle\u0026tag=1.7.0-86"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le",
"product": {
"name": "network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le",
"product_id": "network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a?arch=ppc64le\u0026repository_url=registry.redhat.io/network-observability/network-observability-rhel9-operator\u0026tag=v1.7.0-67"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"product": {
"name": "network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"product_id": "network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd?arch=arm64\u0026repository_url=registry.redhat.io/network-observability/network-observability-cli-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"product": {
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"product_id": "network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9?arch=arm64\u0026repository_url=registry.redhat.io/network-observability/network-observability-console-plugin-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"product": {
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"product_id": "network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf?arch=arm64\u0026repository_url=registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"product": {
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"product_id": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844?arch=arm64\u0026repository_url=registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"product": {
"name": "network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"product_id": "network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe?arch=arm64\u0026repository_url=registry.redhat.io/network-observability/network-observability-operator-bundle\u0026tag=1.7.0-86"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"product": {
"name": "network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"product_id": "network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080?arch=arm64\u0026repository_url=registry.redhat.io/network-observability/network-observability-rhel9-operator\u0026tag=v1.7.0-67"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"product": {
"name": "network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"product_id": "network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd?arch=s390x\u0026repository_url=registry.redhat.io/network-observability/network-observability-cli-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"product": {
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"product_id": "network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd?arch=s390x\u0026repository_url=registry.redhat.io/network-observability/network-observability-console-plugin-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"product": {
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"product_id": "network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b?arch=s390x\u0026repository_url=registry.redhat.io/network-observability/network-observability-ebpf-agent-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"product": {
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"product_id": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e?arch=s390x\u0026repository_url=registry.redhat.io/network-observability/network-observability-flowlogs-pipeline-rhel9\u0026tag=v1.7.0-67"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"product": {
"name": "network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"product_id": "network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02?arch=s390x\u0026repository_url=registry.redhat.io/network-observability/network-observability-operator-bundle\u0026tag=1.7.0-86"
}
}
},
{
"category": "product_version",
"name": "network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"product": {
"name": "network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"product_id": "network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"product_identification_helper": {
"purl": "pkg:oci/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134?arch=s390x\u0026repository_url=registry.redhat.io/network-observability/network-observability-rhel9-operator\u0026tag=v1.7.0-67"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le"
},
"product_reference": "network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64 as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64"
},
"product_reference": "network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x"
},
"product_reference": "network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64 as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64"
},
"product_reference": "network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64 as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64"
},
"product_reference": "network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x"
},
"product_reference": "network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le"
},
"product_reference": "network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64 as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64"
},
"product_reference": "network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64 as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64"
},
"product_reference": "network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x"
},
"product_reference": "network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le"
},
"product_reference": "network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64 as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64"
},
"product_reference": "network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64 as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64"
},
"product_reference": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64 as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64"
},
"product_reference": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x"
},
"product_reference": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le"
},
"product_reference": "network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64 as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64"
},
"product_reference": "network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64 as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64"
},
"product_reference": "network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x"
},
"product_reference": "network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le"
},
"product_reference": "network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64 as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64"
},
"product_reference": "network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x"
},
"product_reference": "network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64 as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64"
},
"product_reference": "network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le as a component of NETOBSERV 1.7 for RHEL 9",
"product_id": "9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
},
"product_reference": "network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le",
"relates_to_product_reference": "9Base-NETWORK-OBSERVABILITY-1.7.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-34155",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2024-09-06T21:20:06.929766+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310527"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the go/parser package of the Golang standard library. Calling any Parse functions on Go source code containing deeply nested literals can cause a panic due to stack exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-34155"
},
{
"category": "external",
"summary": "RHBZ#2310527",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310527"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-34155",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34155"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-34155",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34155"
},
{
"category": "external",
"summary": "https://go.dev/cl/611238",
"url": "https://go.dev/cl/611238"
},
{
"category": "external",
"summary": "https://go.dev/issue/69138",
"url": "https://go.dev/issue/69138"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk",
"url": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3105",
"url": "https://pkg.go.dev/vuln/GO-2024-3105"
}
],
"release_date": "2024-09-06T21:15:11.947000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-22T01:05:39+00:00",
"details": "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8014"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion"
},
{
"cve": "CVE-2024-34156",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2024-09-06T21:20:09.377905+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310528"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in Go\u0027s `encoding/gob` package is of high severity because it exposes applications to potential Denial of Service (DoS) attacks through stack exhaustion. Since `gob` relies on recursive function calls to decode nested structures, an attacker could exploit this by sending crafted messages with excessively deep nesting, causing the application to panic due to stack overflow. This risk is particularly important in scenarios where untrusted or external input is processed, as it can lead to system unavailability or crashes, undermining the reliability and availability of services.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-34156"
},
{
"category": "external",
"summary": "RHBZ#2310528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310528"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-34156",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34156"
},
{
"category": "external",
"summary": "https://go.dev/cl/611239",
"url": "https://go.dev/cl/611239"
},
{
"category": "external",
"summary": "https://go.dev/issue/69139",
"url": "https://go.dev/issue/69139"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk",
"url": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3106",
"url": "https://pkg.go.dev/vuln/GO-2024-3106"
}
],
"release_date": "2024-09-06T21:15:12.020000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-22T01:05:39+00:00",
"details": "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8014"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion"
},
{
"cve": "CVE-2024-34158",
"cwe": {
"id": "CWE-1325",
"name": "Improperly Controlled Sequential Memory Allocation"
},
"discovery_date": "2024-09-06T21:20:12.126400+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310529"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the go/build/constraint package of the Golang standard library. Calling Parse on a \"// +build\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "go/build/constraint: golang: Calling Parse on a \"// +build\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-34158"
},
{
"category": "external",
"summary": "RHBZ#2310529",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310529"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-34158",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34158"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-34158",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34158"
},
{
"category": "external",
"summary": "https://go.dev/cl/611240",
"url": "https://go.dev/cl/611240"
},
{
"category": "external",
"summary": "https://go.dev/issue/69141",
"url": "https://go.dev/issue/69141"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk",
"url": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3107",
"url": "https://pkg.go.dev/vuln/GO-2024-3107"
}
],
"release_date": "2024-09-06T21:15:12.083000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-22T01:05:39+00:00",
"details": "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8014"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "go/build/constraint: golang: Calling Parse on a \"// +build\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion"
},
{
"cve": "CVE-2024-39338",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2024-08-13T17:21:32.774718+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2304369"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Axios HTTP Client. It is vulnerable to a server-side request forgery attack (SSRF) caused by unexpected behavior where requests for path-relative URLs get processed as protocol-relative URLs. This flaw allows an attacker to perform arbitrary requests from the server, potentially accessing internal systems or exfiltrating sensitive data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: axios: Server-Side Request Forgery",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as IMPORTANT because it can be exploited remotely with low complexity and without user interaction, it poses a significant risk to confidentiality.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-39338"
},
{
"category": "external",
"summary": "RHBZ#2304369",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304369"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-39338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39338"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-39338",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39338"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/releases",
"url": "https://github.com/axios/axios/releases"
},
{
"category": "external",
"summary": "https://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.html",
"url": "https://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.html"
}
],
"release_date": "2024-08-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-22T01:05:39+00:00",
"details": "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8014"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: axios: Server-Side Request Forgery"
},
{
"cve": "CVE-2024-43788",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-08-27T17:20:06.890123+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2308193"
}
],
"notes": [
{
"category": "description",
"text": "A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The severity of this issue is classified as moderate rather than important due to the specific conditions required for exploitation. DOM Clobbering, while serious, can only be leveraged in environments where an attacker has the ability to inject unsanitized HTML attributes (e.g., `name` or `id`) into a web page. This limits the attack surface to applications that improperly sanitize user input and rely on Webpack-generated files. Furthermore, the exploitation depends on existing vulnerabilities in the sanitization process, rather than the direct execution of arbitrary scripts. As a result, while the issue can lead to XSS, its impact is constrained by the contextual requirement of HTML injection, lowering its overall severity compared to more direct XSS vectors.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43788"
},
{
"category": "external",
"summary": "RHBZ#2308193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308193"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61",
"url": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986",
"url": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986"
},
{
"category": "external",
"summary": "https://research.securitum.com/xss-in-amp4email-dom-clobbering",
"url": "https://research.securitum.com/xss-in-amp4email-dom-clobbering"
},
{
"category": "external",
"summary": "https://scnps.co/papers/sp23_domclob.pdf",
"url": "https://scnps.co/papers/sp23_domclob.pdf"
}
],
"release_date": "2024-08-27T17:15:07.967000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-22T01:05:39+00:00",
"details": "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8014"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule"
},
{
"cve": "CVE-2024-43796",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:28.106254+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311152"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Express. This vulnerability allows untrusted code execution via passing untrusted user input to response.redirect(), even if the input is sanitized.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "express: Improper Input Handling in Express Redirects",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43796"
},
{
"category": "external",
"summary": "RHBZ#2311152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311152"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43796",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43796"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43796",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43796"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553",
"url": "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx",
"url": "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx"
}
],
"release_date": "2024-09-10T15:15:17.510000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-22T01:05:39+00:00",
"details": "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8014"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "express: Improper Input Handling in Express Redirects"
},
{
"cve": "CVE-2024-43799",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:30.869487+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311153"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Send library. This vulnerability allows remote code execution via untrusted input passed to the SendStream.redirect() function.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "send: Code Execution Vulnerability in Send Library",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43799"
},
{
"category": "external",
"summary": "RHBZ#2311153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311153"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43799",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43799"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43799",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43799"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35",
"url": "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg",
"url": "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg"
}
],
"release_date": "2024-09-10T15:15:17.727000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-22T01:05:39+00:00",
"details": "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8014"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "send: Code Execution Vulnerability in Send Library"
},
{
"cve": "CVE-2024-43800",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:33.631718+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311154"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in serve-static. This issue may allow the execution of untrusted code via passing sanitized yet untrusted user input to redirect().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "serve-static: Improper Sanitization in serve-static",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "rhdh-hub-container 1.2 and 1.3 have included patches for this vulnerability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43800"
},
{
"category": "external",
"summary": "RHBZ#2311154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311154"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43800",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43800"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43800",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43800"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b",
"url": "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa",
"url": "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p",
"url": "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p"
}
],
"release_date": "2024-09-10T15:15:17.937000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-22T01:05:39+00:00",
"details": "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8014"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "serve-static: Improper Sanitization in serve-static"
},
{
"cve": "CVE-2024-45296",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2024-09-09T19:20:18.127723+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310908"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in path-to-regexp package, where it turns path strings into regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. Because JavaScript is single-threaded and regex matching runs on the main thread, poor performance will block the event loop and lead to a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "path-to-regexp: Backtracking regular expressions cause ReDoS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45296"
},
{
"category": "external",
"summary": "RHBZ#2310908",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310908"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45296",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45296"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45296",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45296"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f",
"url": "https://github.com/pillarjs/path-to-regexp/commit/29b96b4a1de52824e1ca0f49a701183cc4ed476f"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6",
"url": "https://github.com/pillarjs/path-to-regexp/commit/60f2121e9b66b7b622cc01080df0aabda9eedee6"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j",
"url": "https://github.com/pillarjs/path-to-regexp/security/advisories/GHSA-9wv6-86v2-598j"
}
],
"release_date": "2024-09-09T19:15:13.330000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-22T01:05:39+00:00",
"details": "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8014"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "path-to-regexp: Backtracking regular expressions cause ReDoS"
},
{
"cve": "CVE-2024-45590",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2024-09-10T16:20:29.292154+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311171"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in body-parser. This vulnerability causes denial of service via a specially crafted payload when the URL encoding is enabled.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "body-parser: Denial of Service Vulnerability in body-parser",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45590"
},
{
"category": "external",
"summary": "RHBZ#2311171",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311171"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45590",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45590"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45590",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45590"
},
{
"category": "external",
"summary": "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce",
"url": "https://github.com/expressjs/body-parser/commit/b2695c4450f06ba3b0ccf48d872a229bb41c9bce"
},
{
"category": "external",
"summary": "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7",
"url": "https://github.com/expressjs/body-parser/security/advisories/GHSA-qwcr-r2fm-qrc7"
}
],
"release_date": "2024-09-10T16:15:21.083000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-22T01:05:39+00:00",
"details": "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8014"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "body-parser: Denial of Service Vulnerability in body-parser"
},
{
"cve": "CVE-2024-45801",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2024-09-16T19:20:09.863249+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2312631"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in DOMPurify. This issue may allow an attacker to use specially-crafted HTML to bypass the depth checking or use Prototype Pollution to weaken the depth check, which can lead to cross site scripting (XSS) attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "dompurify: XSS vulnerability via prototype pollution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The vulnerability in DOMPurify, while significant, is categorized as moderate severity rather than important due to its specific conditions for exploitation. The issue requires not only a sophisticated nesting technique to bypass the depth checks but also the ability to leverage Prototype Pollution to weaken these protections. This makes the attack scenario relatively complex and less likely to be encountered in general use cases. Furthermore, the flaw impacts only certain configurations and usage patterns, thus reducing its immediate risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45801"
},
{
"category": "external",
"summary": "RHBZ#2312631",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312631"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45801"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45801",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45801"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/commit/1e520262bf4c66b5efda49e2316d6d1246ca7b21",
"url": "https://github.com/cure53/DOMPurify/commit/1e520262bf4c66b5efda49e2316d6d1246ca7b21"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/commit/26e1d69ca7f769f5c558619d644d90dd8bf26ebc",
"url": "https://github.com/cure53/DOMPurify/commit/26e1d69ca7f769f5c558619d644d90dd8bf26ebc"
},
{
"category": "external",
"summary": "https://github.com/cure53/DOMPurify/security/advisories/GHSA-mmhx-hmjr-r674",
"url": "https://github.com/cure53/DOMPurify/security/advisories/GHSA-mmhx-hmjr-r674"
}
],
"release_date": "2024-09-16T19:16:11.080000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-22T01:05:39+00:00",
"details": "For details on how to apply this update, refer to: \n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8014"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:1587047e407a77f7ac1d963cc9bbfdb5c2472554cad8367f0a96a4699528134d_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:7c2c2c0c0c255c1ef1579b63337d35174a330374a7deaff3c3c1e39ff48e89ee_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:bd8b5a7f1f9369c1f6fe3782c79b4145c3467b3f82e083e1eb83d76a8df21fdd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-cli-rhel9@sha256:c469d89f77d04b257c6bf9814a3782540139e35c83ac73c2e5820c20ec2146fd_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:10d159c57623d2e098b401331de93d8d591b78e133785dea89d9694ee76ded0f_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:46cee52d96fee8b3f5cd151c21e5b886841cff53b4d65cb6264d39acd9c6a7cd_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:b811f8d5b133d9a90f575d23f7a91e184ef8b6d640fb0cd7732f155d40f51c86_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-console-plugin-rhel9@sha256:ccf31db5ef85f57422a16a61a5c6aea883396699e1cc8c0f6043d2fc7eb0b8e9_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:8016c95a9891094692764956dc9df211e8a0f8cdcf14e6682565d4c35325e0bf_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:ae64fda5860fa3cbdd9a81d56924cd32d69fbf67804e16cc2e1e5ca6f786dd8b_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:d36488d180acdca0e6b0fbe8dbe77af3464d5b1fc3efc9440ed130fec5e71ebe_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-ebpf-agent-rhel9@sha256:e979023e2e93f1ada9e3fd3e1268b39b4ac1fb9fe51357462e2ac7ddc8c49056_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:54a8042443e480f3543527d6121dbbaab57394554282b8f4fc885a1ba2b28844_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:87f4f7757826faf37710a88be3c2917b855088e02acb73f43eb7a77f61d00d45_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:8bb22f295ec8087a7163997588a4af0dce8f838407aa83f8bd09190a2943ad1e_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-flowlogs-pipeline-rhel9@sha256:b875fece4d49972e278450730f90bb5defa818aa2774dfa0e15d6f36ba50c840_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:268ac72b4a0bf05893cca0924a80ebd2107f3e859329406257da6ce59ec08dfe_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:3a3c70c990bd3a012453857698433d674b98445e55cc9c5c4ed38eea29eb82b1_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:c32c5ec7c6048f652200677c2a9cbde09ed05beeb818e292f21e6a52786b0a02_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-operator-bundle@sha256:ccf531d1181ccd1c6eb9ec45ea20069aa01b2924242596f25e551d055c9a0e1b_ppc64le",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:349de1a5389f131933bf39235705a4aa8137a8d4be561f66aa2b74f986489fba_amd64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:4f9cdf8c1c22a79d0690b18c363ade514262510f5fbb4062746210005e832134_s390x",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:8c5836a79d4f6562ed17db8488422db567f4a920908e1800b770ec04ffa78080_arm64",
"9Base-NETWORK-OBSERVABILITY-1.7.0:network-observability/network-observability-rhel9-operator@sha256:9c2c0e0b8f9c061983f48fca9c18d7a496d38fbc4f8b9274d2fef39a5824c40a_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "dompurify: XSS vulnerability via prototype pollution"
}
]
}
RHSA-2024:8023
Vulnerability from csaf_redhat - Published: 2024-10-14 00:59 - Updated: 2026-06-02 17:43Summary
Red Hat Security Advisory: Release of OpenShift Serverless Logic 1.34.0 security update & enhancements
Severity
Important
Notes
Topic: Release of OpenShift Serverless Logic 1.34.0
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: This release includes security, bug fixes, and enhancements.
Security Fix(es):
* axios: axios: Server-Side Request Forgery (CVE-2024-39338)
* express: Improper Input Handling in Express Redirects (CVE-2024-43796)
* io.vertx/vertx-grpc-client: Vertx gRPC server does not limit the maximum message size (CVE-2024-8391)
* io.vertx/vertx-grpc-server: Vertx gRPC server does not limit the maximum message size (CVE-2024-8391)
* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)
* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)
* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)
For more details about the security issues, including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE pages listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the gRPC server in Eclipse Vert.x, which does not limit the maximum length of the message payload. This may lead to excessive memory consumption in a server or a client, causing a denial of service.
7.5 (High)
Affected products
Fixed
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A vulnerability was found in the Axios HTTP Client. It is vulnerable to a server-side request forgery attack (SSRF) caused by unexpected behavior where requests for path-relative URLs get processed as protocol-relative URLs. This flaw allows an attacker to perform arbitrary requests from the server, potentially accessing internal systems or exfiltrating sensitive data.
7.5 (High)
Affected products
Fixed
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.
6.1 (Medium)
Affected products
Fixed
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in Express. This vulnerability allows untrusted code execution via passing untrusted user input to response.redirect(), even if the input is sanitized.
5.0 (Medium)
Affected products
Fixed
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the Send library. This vulnerability allows remote code execution via untrusted input passed to the SendStream.redirect() function.
5.0 (Medium)
Affected products
Fixed
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in serve-static. This issue may allow the execution of untrusted code via passing sanitized yet untrusted user input to redirect().
5.0 (Medium)
Affected products
Fixed
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
References
47 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Release of OpenShift Serverless Logic 1.34.0\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release includes security, bug fixes, and enhancements.\n\nSecurity Fix(es):\n\n* axios: axios: Server-Side Request Forgery (CVE-2024-39338)\n\n* express: Improper Input Handling in Express Redirects (CVE-2024-43796)\n\n* io.vertx/vertx-grpc-client: Vertx gRPC server does not limit the maximum message size (CVE-2024-8391)\n\n* io.vertx/vertx-grpc-server: Vertx gRPC server does not limit the maximum message size (CVE-2024-8391)\n\n* send: Code Execution Vulnerability in Send Library (CVE-2024-43799)\n\n* serve-static: Improper Sanitization in serve-static (CVE-2024-43800)\n\n* webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule (CVE-2024-43788)\n\nFor more details about the security issues, including the impact, a CVSS score, acknowledgements, and other related information, refer to the CVE pages listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:8023",
"url": "https://access.redhat.com/errata/RHSA-2024:8023"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2308193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308193"
},
{
"category": "external",
"summary": "2309758",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309758"
},
{
"category": "external",
"summary": "2311152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311152"
},
{
"category": "external",
"summary": "2311153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311153"
},
{
"category": "external",
"summary": "2311154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311154"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_8023.json"
}
],
"title": "Red Hat Security Advisory: Release of OpenShift Serverless Logic 1.34.0 security update \u0026 enhancements",
"tracking": {
"current_release_date": "2026-06-02T17:43:36+00:00",
"generator": {
"date": "2026-06-02T17:43:36+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.1"
}
},
"id": "RHSA-2024:8023",
"initial_release_date": "2024-10-14T00:59:58+00:00",
"revision_history": [
{
"date": "2024-10-14T00:59:58+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-10-14T00:59:58+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-02T17:43:36+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "8Base-Openshift-Serverless-1.34",
"product": {
"name": "8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_serverless:1.34::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Serverless"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"product": {
"name": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"product_id": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-data-index-ephemeral-rhel8\u0026tag=1.34.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"product": {
"name": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"product_id": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-data-index-postgresql-rhel8\u0026tag=1.34.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"product": {
"name": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"product_id": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-jobs-service-ephemeral-rhel8\u0026tag=1.34.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"product": {
"name": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"product_id": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-jobs-service-postgresql-rhel8\u0026tag=1.34.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"product": {
"name": "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"product_id": "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8\u0026tag=1.34.0-2"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"product": {
"name": "openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"product_id": "openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-management-console-rhel8\u0026tag=1.34.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"product": {
"name": "openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"product_id": "openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-operator-bundle\u0026tag=1.34.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"product": {
"name": "openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"product_id": "openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-rhel8-operator\u0026tag=1.34.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"product": {
"name": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"product_id": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-swf-builder-rhel8\u0026tag=1.34.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"product": {
"name": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"product_id": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d?arch=amd64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-swf-devmode-rhel8\u0026tag=1.34.0-6"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"product": {
"name": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"product_id": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03?arch=arm64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-data-index-ephemeral-rhel8\u0026tag=1.34.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"product": {
"name": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"product_id": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64?arch=arm64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-data-index-postgresql-rhel8\u0026tag=1.34.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"product": {
"name": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"product_id": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6?arch=arm64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-jobs-service-ephemeral-rhel8\u0026tag=1.34.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"product": {
"name": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"product_id": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f?arch=arm64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-jobs-service-postgresql-rhel8\u0026tag=1.34.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"product": {
"name": "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"product_id": "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1?arch=arm64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8\u0026tag=1.34.0-2"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"product": {
"name": "openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"product_id": "openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba?arch=arm64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-operator-bundle\u0026tag=1.34.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"product": {
"name": "openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"product_id": "openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28?arch=arm64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-rhel8-operator\u0026tag=1.34.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"product": {
"name": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"product_id": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0?arch=arm64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-swf-builder-rhel8\u0026tag=1.34.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64",
"product": {
"name": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64",
"product_id": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9?arch=arm64\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-swf-devmode-rhel8\u0026tag=1.34.0-6"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"product": {
"name": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"product_id": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-data-index-ephemeral-rhel8\u0026tag=1.34.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"product": {
"name": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"product_id": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-data-index-postgresql-rhel8\u0026tag=1.34.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"product": {
"name": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"product_id": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-jobs-service-ephemeral-rhel8\u0026tag=1.34.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"product": {
"name": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"product_id": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-jobs-service-postgresql-rhel8\u0026tag=1.34.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"product": {
"name": "openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"product_id": "openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-operator-bundle\u0026tag=1.34.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"product": {
"name": "openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"product_id": "openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-rhel8-operator\u0026tag=1.34.0-5"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"product": {
"name": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"product_id": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-swf-builder-rhel8\u0026tag=1.34.0-6"
}
}
},
{
"category": "product_version",
"name": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"product": {
"name": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"product_id": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-serverless-1/logic-swf-devmode-rhel8\u0026tag=1.34.0-6"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64"
},
"product_reference": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le"
},
"product_reference": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64"
},
"product_reference": "openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le"
},
"product_reference": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64"
},
"product_reference": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64"
},
"product_reference": "openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64"
},
"product_reference": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64"
},
"product_reference": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le"
},
"product_reference": "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64"
},
"product_reference": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64"
},
"product_reference": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le"
},
"product_reference": "openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64"
},
"product_reference": "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64"
},
"product_reference": "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64"
},
"product_reference": "openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64"
},
"product_reference": "openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64"
},
"product_reference": "openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le"
},
"product_reference": "openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le"
},
"product_reference": "openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64"
},
"product_reference": "openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64"
},
"product_reference": "openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64"
},
"product_reference": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64"
},
"product_reference": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le"
},
"product_reference": "openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64"
},
"product_reference": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le"
},
"product_reference": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"relates_to_product_reference": "8Base-RHOSS-1.34"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64 as a component of 8Base-Openshift-Serverless-1.34",
"product_id": "8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
},
"product_reference": "openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64",
"relates_to_product_reference": "8Base-RHOSS-1.34"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-8391",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-09-04T16:20:44.762419+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2309758"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the gRPC server in Eclipse Vert.x, which does not limit the maximum length of the message payload. This may lead to excessive memory consumption in a server or a client, causing a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "io.vertx:vertx-grpc-client: io.vertx:vertx-grpc-server: Vertx gRPC server does not limit the maximum message size",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-8391"
},
{
"category": "external",
"summary": "RHBZ#2309758",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309758"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-8391",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-8391"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-8391",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-8391"
},
{
"category": "external",
"summary": "https://github.com/eclipse-vertx/vertx-grpc/issues/113",
"url": "https://github.com/eclipse-vertx/vertx-grpc/issues/113"
},
{
"category": "external",
"summary": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/31",
"url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/31"
}
],
"release_date": "2024-09-04T16:15:09.253000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T00:59:58+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8023"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "io.vertx:vertx-grpc-client: io.vertx:vertx-grpc-server: Vertx gRPC server does not limit the maximum message size"
},
{
"cve": "CVE-2024-39338",
"cwe": {
"id": "CWE-918",
"name": "Server-Side Request Forgery (SSRF)"
},
"discovery_date": "2024-08-13T17:21:32.774718+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2304369"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in the Axios HTTP Client. It is vulnerable to a server-side request forgery attack (SSRF) caused by unexpected behavior where requests for path-relative URLs get processed as protocol-relative URLs. This flaw allows an attacker to perform arbitrary requests from the server, potentially accessing internal systems or exfiltrating sensitive data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "axios: axios: Server-Side Request Forgery",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as IMPORTANT because it can be exploited remotely with low complexity and without user interaction, it poses a significant risk to confidentiality.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-39338"
},
{
"category": "external",
"summary": "RHBZ#2304369",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2304369"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-39338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39338"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-39338",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39338"
},
{
"category": "external",
"summary": "https://github.com/axios/axios/releases",
"url": "https://github.com/axios/axios/releases"
},
{
"category": "external",
"summary": "https://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.html",
"url": "https://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.html"
}
],
"release_date": "2024-08-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T00:59:58+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8023"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "axios: axios: Server-Side Request Forgery"
},
{
"cve": "CVE-2024-43788",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-08-27T17:20:06.890123+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2308193"
}
],
"notes": [
{
"category": "description",
"text": "A DOM Clobbering vulnerability was found in Webpack via `AutoPublicPathRuntimeModule`. DOM Clobbering is a type of code-reuse attack where the attacker first embeds a piece of non-script through seemingly benign HTML markups in the webpage, for example, through a post or comment, and leverages the gadgets (pieces of JS code) living in the existing javascript code to transform it into executable code. This vulnerability can lead to Cross-site scripting (XSS) on websites that include Webpack-generated files and allow users to inject certain scriptless HTML tags with improperly sanitized name or ID attributes.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The severity of this issue is classified as moderate rather than important due to the specific conditions required for exploitation. DOM Clobbering, while serious, can only be leveraged in environments where an attacker has the ability to inject unsanitized HTML attributes (e.g., `name` or `id`) into a web page. This limits the attack surface to applications that improperly sanitize user input and rely on Webpack-generated files. Furthermore, the exploitation depends on existing vulnerabilities in the sanitization process, rather than the direct execution of arbitrary scripts. As a result, while the issue can lead to XSS, its impact is constrained by the contextual requirement of HTML injection, lowering its overall severity compared to more direct XSS vectors.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43788"
},
{
"category": "external",
"summary": "RHBZ#2308193",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308193"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43788"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61",
"url": "https://github.com/webpack/webpack/commit/955e057abc6cc83cbc3fa1e1ef67a49758bf5a61"
},
{
"category": "external",
"summary": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986",
"url": "https://github.com/webpack/webpack/security/advisories/GHSA-4vvj-4cpr-p986"
},
{
"category": "external",
"summary": "https://research.securitum.com/xss-in-amp4email-dom-clobbering",
"url": "https://research.securitum.com/xss-in-amp4email-dom-clobbering"
},
{
"category": "external",
"summary": "https://scnps.co/papers/sp23_domclob.pdf",
"url": "https://scnps.co/papers/sp23_domclob.pdf"
}
],
"release_date": "2024-08-27T17:15:07.967000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T00:59:58+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8023"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "webpack: DOM Clobbering vulnerability in AutoPublicPathRuntimeModule"
},
{
"cve": "CVE-2024-43796",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:28.106254+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311152"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Express. This vulnerability allows untrusted code execution via passing untrusted user input to response.redirect(), even if the input is sanitized.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "express: Improper Input Handling in Express Redirects",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43796"
},
{
"category": "external",
"summary": "RHBZ#2311152",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311152"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43796",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43796"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43796",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43796"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553",
"url": "https://github.com/expressjs/express/commit/54271f69b511fea198471e6ff3400ab805d6b553"
},
{
"category": "external",
"summary": "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx",
"url": "https://github.com/expressjs/express/security/advisories/GHSA-qw6h-vgh9-j6wx"
}
],
"release_date": "2024-09-10T15:15:17.510000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T00:59:58+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8023"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "express: Improper Input Handling in Express Redirects"
},
{
"cve": "CVE-2024-43799",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:30.869487+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311153"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Send library. This vulnerability allows remote code execution via untrusted input passed to the SendStream.redirect() function.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "send: Code Execution Vulnerability in Send Library",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43799"
},
{
"category": "external",
"summary": "RHBZ#2311153",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311153"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43799",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43799"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43799",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43799"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35",
"url": "https://github.com/pillarjs/send/commit/ae4f2989491b392ae2ef3b0015a019770ae65d35"
},
{
"category": "external",
"summary": "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg",
"url": "https://github.com/pillarjs/send/security/advisories/GHSA-m6fv-jmcg-4jfg"
}
],
"release_date": "2024-09-10T15:15:17.727000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T00:59:58+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8023"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "send: Code Execution Vulnerability in Send Library"
},
{
"cve": "CVE-2024-43800",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2024-09-10T15:30:33.631718+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2311154"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in serve-static. This issue may allow the execution of untrusted code via passing sanitized yet untrusted user input to redirect().",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "serve-static: Improper Sanitization in serve-static",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "rhdh-hub-container 1.2 and 1.3 have included patches for this vulnerability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-43800"
},
{
"category": "external",
"summary": "RHBZ#2311154",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2311154"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-43800",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43800"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-43800",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-43800"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b",
"url": "https://github.com/expressjs/serve-static/commit/0c11fad159898cdc69fd9ab63269b72468ecaf6b"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa",
"url": "https://github.com/expressjs/serve-static/commit/ce730896fddce1588111d9ef6fdf20896de5c6fa"
},
{
"category": "external",
"summary": "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p",
"url": "https://github.com/expressjs/serve-static/security/advisories/GHSA-cm22-4g7w-348p"
}
],
"release_date": "2024-09-10T15:15:17.937000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-10-14T00:59:58+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:8023"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:94ce5f16f364c6bf82c2aa19fcca31252c0d2f49478b8f85509db11744319eb2_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:ad91aeedfc1a9b9bfdbd12a3c677e1c48105390bff94a7cf979f0819f62a6054_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-ephemeral-rhel8@sha256:e8835e2bc0797b374b3df1954a641548e3b68ae87e9e361af958510d8a53cb03_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:2d2df1b94c764a5c7ad3a4e6f1815c5a6aca97bb18a7af8f131847ee8ef72da7_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:64e31d00bfe2b447a7453f65ef623438c9f639aec6b080d2800734e30ba3dc03_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-data-index-postgresql-rhel8@sha256:8a426b45b19ff2e4e60fc8549867bb197d40facc2fb2bf9bb18602b25eaaec64_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:85869a28f42e085162ef2fb923a82f5eb98aeb814917b3bcbaaaf9f0f5b618b6_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:8ae440545e8279872ef9bc067759058e0e1fdb1ddd3ddc65256ee6168d8387b1_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-ephemeral-rhel8@sha256:c4eaadd36a466917c4892973880b1a0bd0f9f8f3ee6ead074005181a4d10829a_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:0a59dd2b44a7bfa278b681479adc939cca2f659a0c72f756d20101f8abd31fbe_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:1f9af9106baea114fa4925ad83b4e7a78a5ef18a03ddf5c0e320ec1fcc4a897f_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-jobs-service-postgresql-rhel8@sha256:c01aa1d30898b14e49d0dcfa17b09a47af8be48060ac4c5c7d5c9aaabf02534b_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:600ec68c5a02591b7e91e7d68624780b64d93ec38df96e7b0ec7585860553c47_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8@sha256:787b96f329f6eaa2d7090c6cc9564ef074ecc17dcd4edde245fd6e2c17706fd1_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-management-console-rhel8@sha256:34326328e976b3aeaed0e30aa8c6d5b3e05a3cb61a65f24646c5bedf4254c442_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:65e38cb16fb23ce575e2461ef6a45ed12d7fc506570ff43a6143b31c81d0a4ba_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:92183a5a74862220bf4d2099e4cc7528dcaa460be24ec3e41ad22d94a1305314_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-operator-bundle@sha256:e5e2e0bf4ba63e8c16b711ea23fdf65544f7ed95270828f59020e68351baf766_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:4df659da0c41c40be3baeae236250a210d4e21006fcb3b9e12b6bb033953cc78_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:86085a6e571ebc3fb071823ecf55d84912de3da11a881fc725a47065945bbe28_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-rhel8-operator@sha256:a8a20d7324a8cfc7b7c770e0f2c57586526b96cb53cc4356bf0fa3040a1794fb_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:11820bec2d06cb35ae97955a6ecbb6446dae133b12438387668b56ea9a9cd391_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:173f51cd9894077b1c413b0511583cbfa70972f620e2dde8809dce30c4f274c0_arm64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-builder-rhel8@sha256:3e1171783be9b5d6f673a730a339ea415b0dae44506b682a725889439855c91e_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:73da4612443c573d96937ed8f97f9d2eb4b9fa82a51b2d932b46e8a6b76aac4d_amd64",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:75a5f90c7e4ba64ca4713a0cdd505a4715af9c0ad85a4bb88513b6d9a362ae36_ppc64le",
"8Base-RHOSS-1.34:openshift-serverless-1/logic-swf-devmode-rhel8@sha256:c55f775978f92125dac837d72a901d3c2d9bb0b17db5a51ac59127a89d2a5fe9_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "serve-static: Improper Sanitization in serve-static"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…