Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-23207 (GCVE-0-2025-23207)
Vulnerability from cvelistv5 – Published: 2025-01-17 21:25 – Updated: 2025-01-17 21:32
VLAI?
EPSS
Title
\htmlData does not validate attribute names in KaTeX
Summary
KaTeX is a fast, easy-to-use JavaScript library for TeX math rendering on the web. KaTeX users who render untrusted mathematical expressions with `renderToString` could encounter malicious input using `\htmlData` that runs arbitrary JavaScript, or generate invalid HTML. Users are advised to upgrade to KaTeX v0.16.21 to remove this vulnerability. Users unable to upgrade should avoid use of or turn off the `trust` option, or set it to forbid `\htmlData` commands, forbid inputs containing the substring `"\\htmlData"` and sanitize HTML output from KaTeX.
Severity ?
6.3 (Medium)
CWE
- CWE-116 - Improper Encoding or Escaping of Output
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-23207",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-17T21:32:10.973799Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-17T21:32:24.984Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "KaTeX",
"vendor": "KaTeX",
"versions": [
{
"status": "affected",
"version": "\u003e= 0.12.0, \u003c 0.16.21"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "KaTeX is a fast, easy-to-use JavaScript library for TeX math rendering on the web. KaTeX users who render untrusted mathematical expressions with `renderToString` could encounter malicious input using `\\htmlData` that runs arbitrary JavaScript, or generate invalid HTML. Users are advised to upgrade to KaTeX v0.16.21 to remove this vulnerability. Users unable to upgrade should avoid use of or turn off the `trust` option, or set it to forbid `\\htmlData` commands, forbid inputs containing the substring `\"\\\\htmlData\"` and sanitize HTML output from KaTeX."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-116",
"description": "CWE-116: Improper Encoding or Escaping of Output",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-17T21:25:05.746Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/KaTeX/KaTeX/security/advisories/GHSA-cg87-wmx4-v546",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/KaTeX/KaTeX/security/advisories/GHSA-cg87-wmx4-v546"
},
{
"name": "https://github.com/KaTeX/KaTeX/commit/ff289955e81aab89086eef09254cbf88573d415c",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/KaTeX/KaTeX/commit/ff289955e81aab89086eef09254cbf88573d415c"
}
],
"source": {
"advisory": "GHSA-cg87-wmx4-v546",
"discovery": "UNKNOWN"
},
"title": "\\htmlData does not validate attribute names in KaTeX"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-23207",
"datePublished": "2025-01-17T21:25:05.746Z",
"dateReserved": "2025-01-13T17:15:41.050Z",
"dateUpdated": "2025-01-17T21:32:24.984Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2025-23207",
"date": "2026-04-25",
"epss": "0.00028",
"percentile": "0.07926"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2025-23207\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2025-01-17T22:15:29.523\",\"lastModified\":\"2025-09-08T21:17:11.243\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"KaTeX is a fast, easy-to-use JavaScript library for TeX math rendering on the web. KaTeX users who render untrusted mathematical expressions with `renderToString` could encounter malicious input using `\\\\htmlData` that runs arbitrary JavaScript, or generate invalid HTML. Users are advised to upgrade to KaTeX v0.16.21 to remove this vulnerability. Users unable to upgrade should avoid use of or turn off the `trust` option, or set it to forbid `\\\\htmlData` commands, forbid inputs containing the substring `\\\"\\\\\\\\htmlData\\\"` and sanitize HTML output from KaTeX.\"},{\"lang\":\"es\",\"value\":\"KaTeX es una Librer\u00eda de JavaScript r\u00e1pida y f\u00e1cil de usar para la representaci\u00f3n matem\u00e1tica de TeX en la web. Los usuarios de KaTeX que representen expresiones matem\u00e1ticas no confiables con `renderToString` podr\u00edan encontrarse con entradas maliciosas utilizando `\\\\htmlData` que ejecutan JavaScript arbitrario o generan HTML no v\u00e1lido. Se recomienda a los usuarios que actualicen a KaTeX v0.16.21 para eliminar esta vulnerabilidad. Los usuarios que no puedan actualizar deben evitar el uso de la opci\u00f3n `trust` o desactivarla, o configurarla para prohibir los comandos `\\\\htmlData`, prohibir las entradas que contengan la subcadena `\\\"\\\\\\\\htmlData\\\"` y la salida HTML Desinfectar de KaTeX.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L\",\"baseScore\":6.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":2.8,\"impactScore\":3.4},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N\",\"baseScore\":7.2,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":2.7}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-116\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:katex:katex:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"0.12.0\",\"versionEndExcluding\":\"0.16.21\",\"matchCriteriaId\":\"A3E88F5B-F0D8-4833-9C57-8198C9562AEC\"}]}]}],\"references\":[{\"url\":\"https://github.com/KaTeX/KaTeX/commit/ff289955e81aab89086eef09254cbf88573d415c\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/KaTeX/KaTeX/security/advisories/GHSA-cg87-wmx4-v546\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Third Party Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-23207\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-01-17T21:32:10.973799Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-01-17T21:32:14.850Z\"}}], \"cna\": {\"title\": \"\\\\htmlData does not validate attribute names in KaTeX\", \"source\": {\"advisory\": \"GHSA-cg87-wmx4-v546\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"LOW\"}}], \"affected\": [{\"vendor\": \"KaTeX\", \"product\": \"KaTeX\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003e= 0.12.0, \u003c 0.16.21\"}]}], \"references\": [{\"url\": \"https://github.com/KaTeX/KaTeX/security/advisories/GHSA-cg87-wmx4-v546\", \"name\": \"https://github.com/KaTeX/KaTeX/security/advisories/GHSA-cg87-wmx4-v546\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/KaTeX/KaTeX/commit/ff289955e81aab89086eef09254cbf88573d415c\", \"name\": \"https://github.com/KaTeX/KaTeX/commit/ff289955e81aab89086eef09254cbf88573d415c\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"KaTeX is a fast, easy-to-use JavaScript library for TeX math rendering on the web. KaTeX users who render untrusted mathematical expressions with `renderToString` could encounter malicious input using `\\\\htmlData` that runs arbitrary JavaScript, or generate invalid HTML. Users are advised to upgrade to KaTeX v0.16.21 to remove this vulnerability. Users unable to upgrade should avoid use of or turn off the `trust` option, or set it to forbid `\\\\htmlData` commands, forbid inputs containing the substring `\\\"\\\\\\\\htmlData\\\"` and sanitize HTML output from KaTeX.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-116\", \"description\": \"CWE-116: Improper Encoding or Escaping of Output\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2025-01-17T21:25:05.746Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-23207\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-01-17T21:32:24.984Z\", \"dateReserved\": \"2025-01-13T17:15:41.050Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2025-01-17T21:25:05.746Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
RHSA-2025:2753
Vulnerability from csaf_redhat - Published: 2025-03-13 16:40 - Updated: 2026-03-18 02:51Summary
Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.19.0 release
Severity
Moderate
Notes
Topic: Red Hat OpenShift Dev Spaces 3.19 has been released.
All containers have been updated to include feature enhancements, bug fixes and CVE fixes.
Following the Red Hat Product Security standards this update is rated as having a security impact of Important. The Common Vulnerability Scoring System (CVSS) base score is available for every fixed CVE in the references section.
Details: Red Hat OpenShift Dev Spaces provides a cloud developer workspace server and a browser-based IDE built for teams and organizations. Dev Spaces runs in OpenShift and is well-suited for container-based development.
The 3.19 release is based on Eclipse Che 7.98 and uses the DevWorkspace engine to provide support for workspaces based on devfile v2.1 and v2.2.
This release includes fixes to the following CVE:
CVE-2025-23207 fixed in devspaces-code
Users still using the v1 standard should migrate as soon as possible.
https://devfile.io/docs/2.2.0/migrating-to-devfile-v2
Dev Spaces releases support the latest two OpenShift 4 EUS releases. Users are expected to update to newer OpenShift releases in order to continue to get Dev Spaces updates.
https://access.redhat.com/support/policy/updates/openshift#devspaces
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the KaTeX library. KaTeX users who render untrusted mathematical expressions with `renderToString` could encounter malicious input using `\htmlData` that runs arbitrary JavaScript or generate invalid HTML.
6.3 (Medium)
Vendor Fix
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
https://access.redhat.com/errata/RHSA-2025:2753
Workaround
Users unable to upgrade should turn off the `trust` option or set it to forbid `\htmlData` commands, forbid inputs containing the substring `"\\htmlData"` and sanitize HTML output from KaTeX.
References
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Dev Spaces 3.19 has been released.\n\nAll containers have been updated to include feature enhancements, bug fixes and CVE fixes.\n\nFollowing the Red Hat Product Security standards this update is rated as having a security impact of Important. The Common Vulnerability Scoring System (CVSS) base score is available for every fixed CVE in the references section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Dev Spaces provides a cloud developer workspace server and a browser-based IDE built for teams and organizations. Dev Spaces runs in OpenShift and is well-suited for container-based development.\n\nThe 3.19 release is based on Eclipse Che 7.98 and uses the DevWorkspace engine to provide support for workspaces based on devfile v2.1 and v2.2.\n\nThis release includes fixes to the following CVE:\nCVE-2025-23207 fixed in devspaces-code\n\nUsers still using the v1 standard should migrate as soon as possible.\n\nhttps://devfile.io/docs/2.2.0/migrating-to-devfile-v2\n\nDev Spaces releases support the latest two OpenShift 4 EUS releases. Users are expected to update to newer OpenShift releases in order to continue to get Dev Spaces updates. \n\nhttps://access.redhat.com/support/policy/updates/openshift#devspaces",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:2753",
"url": "https://access.redhat.com/errata/RHSA-2025:2753"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2338681",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2338681"
},
{
"category": "external",
"summary": "CRW-7972",
"url": "https://issues.redhat.com/browse/CRW-7972"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_2753.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.19.0 release",
"tracking": {
"current_release_date": "2026-03-18T02:51:54+00:00",
"generator": {
"date": "2026-03-18T02:51:54+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.3"
}
},
"id": "RHSA-2025:2753",
"initial_release_date": "2025-03-13T16:40:08+00:00",
"revision_history": [
{
"date": "2025-03-13T16:40:08+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-03-13T16:40:08+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-03-18T02:51:54+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Dev Spaces 3",
"product": {
"name": "Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_devspaces:3::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Dev Spaces"
},
{
"branches": [
{
"category": "product_version",
"name": "devspaces/code-rhel9@sha256:5721cf5cede1d1f177048b897b880f35bf6208c79521d8867dfa1c0b5cd6e58d_ppc64le",
"product": {
"name": "devspaces/code-rhel9@sha256:5721cf5cede1d1f177048b897b880f35bf6208c79521d8867dfa1c0b5cd6e58d_ppc64le",
"product_id": "devspaces/code-rhel9@sha256:5721cf5cede1d1f177048b897b880f35bf6208c79521d8867dfa1c0b5cd6e58d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/code-rhel9@sha256:5721cf5cede1d1f177048b897b880f35bf6208c79521d8867dfa1c0b5cd6e58d?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces/code-rhel9\u0026tag=3.19-20"
}
}
},
{
"category": "product_version",
"name": "devspaces/configbump-rhel9@sha256:ed952b1595da133948cc2f63c26f8294f1ad57dda4fc911b3e68c342f9d05ffc_ppc64le",
"product": {
"name": "devspaces/configbump-rhel9@sha256:ed952b1595da133948cc2f63c26f8294f1ad57dda4fc911b3e68c342f9d05ffc_ppc64le",
"product_id": "devspaces/configbump-rhel9@sha256:ed952b1595da133948cc2f63c26f8294f1ad57dda4fc911b3e68c342f9d05ffc_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/configbump-rhel9@sha256:ed952b1595da133948cc2f63c26f8294f1ad57dda4fc911b3e68c342f9d05ffc?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces/configbump-rhel9\u0026tag=3.19-4"
}
}
},
{
"category": "product_version",
"name": "devspaces/dashboard-rhel9@sha256:b7db9f8c10fa9476c9b2daa0029695c1b5ef5d03c2203ad359fcac2e97892ac9_ppc64le",
"product": {
"name": "devspaces/dashboard-rhel9@sha256:b7db9f8c10fa9476c9b2daa0029695c1b5ef5d03c2203ad359fcac2e97892ac9_ppc64le",
"product_id": "devspaces/dashboard-rhel9@sha256:b7db9f8c10fa9476c9b2daa0029695c1b5ef5d03c2203ad359fcac2e97892ac9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/dashboard-rhel9@sha256:b7db9f8c10fa9476c9b2daa0029695c1b5ef5d03c2203ad359fcac2e97892ac9?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces/dashboard-rhel9\u0026tag=3.19-18"
}
}
},
{
"category": "product_version",
"name": "devspaces/imagepuller-rhel9@sha256:4dcd09c3ce61afc15858db3b6adb2f6931dfb8556a686d1a96c4eebf4bb5f6bb_ppc64le",
"product": {
"name": "devspaces/imagepuller-rhel9@sha256:4dcd09c3ce61afc15858db3b6adb2f6931dfb8556a686d1a96c4eebf4bb5f6bb_ppc64le",
"product_id": "devspaces/imagepuller-rhel9@sha256:4dcd09c3ce61afc15858db3b6adb2f6931dfb8556a686d1a96c4eebf4bb5f6bb_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/imagepuller-rhel9@sha256:4dcd09c3ce61afc15858db3b6adb2f6931dfb8556a686d1a96c4eebf4bb5f6bb?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces/imagepuller-rhel9\u0026tag=3.19-1"
}
}
},
{
"category": "product_version",
"name": "devspaces-tech-preview/jetbrains-ide-rhel9@sha256:1d8ea018fe82220a2def92de9f6417b5213ff4341e56ab603891e70e208643ad_ppc64le",
"product": {
"name": "devspaces-tech-preview/jetbrains-ide-rhel9@sha256:1d8ea018fe82220a2def92de9f6417b5213ff4341e56ab603891e70e208643ad_ppc64le",
"product_id": "devspaces-tech-preview/jetbrains-ide-rhel9@sha256:1d8ea018fe82220a2def92de9f6417b5213ff4341e56ab603891e70e208643ad_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/jetbrains-ide-rhel9@sha256:1d8ea018fe82220a2def92de9f6417b5213ff4341e56ab603891e70e208643ad?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9\u0026tag=3.19-1"
}
}
},
{
"category": "product_version",
"name": "devspaces/machineexec-rhel9@sha256:d799111ba9af355c1ba070b591a0fb6f601b6e6e41cef5b5466146f4f8c75fc4_ppc64le",
"product": {
"name": "devspaces/machineexec-rhel9@sha256:d799111ba9af355c1ba070b591a0fb6f601b6e6e41cef5b5466146f4f8c75fc4_ppc64le",
"product_id": "devspaces/machineexec-rhel9@sha256:d799111ba9af355c1ba070b591a0fb6f601b6e6e41cef5b5466146f4f8c75fc4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/machineexec-rhel9@sha256:d799111ba9af355c1ba070b591a0fb6f601b6e6e41cef5b5466146f4f8c75fc4?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces/machineexec-rhel9\u0026tag=3.19-3"
}
}
},
{
"category": "product_version",
"name": "devspaces/devspaces-operator-bundle@sha256:dfa48e044bf23c7da2cc9d18317f1ec14f591a125ef39ddfaefebbe434dcce90_ppc64le",
"product": {
"name": "devspaces/devspaces-operator-bundle@sha256:dfa48e044bf23c7da2cc9d18317f1ec14f591a125ef39ddfaefebbe434dcce90_ppc64le",
"product_id": "devspaces/devspaces-operator-bundle@sha256:dfa48e044bf23c7da2cc9d18317f1ec14f591a125ef39ddfaefebbe434dcce90_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/devspaces-operator-bundle@sha256:dfa48e044bf23c7da2cc9d18317f1ec14f591a125ef39ddfaefebbe434dcce90?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces/devspaces-operator-bundle\u0026tag=3.19-28"
}
}
},
{
"category": "product_version",
"name": "devspaces/pluginregistry-rhel9@sha256:768dec74e699d285d338095445229d7aaa3516ca1878dc95d4f57aee9ec3c982_ppc64le",
"product": {
"name": "devspaces/pluginregistry-rhel9@sha256:768dec74e699d285d338095445229d7aaa3516ca1878dc95d4f57aee9ec3c982_ppc64le",
"product_id": "devspaces/pluginregistry-rhel9@sha256:768dec74e699d285d338095445229d7aaa3516ca1878dc95d4f57aee9ec3c982_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pluginregistry-rhel9@sha256:768dec74e699d285d338095445229d7aaa3516ca1878dc95d4f57aee9ec3c982?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces/pluginregistry-rhel9\u0026tag=3.19-6"
}
}
},
{
"category": "product_version",
"name": "devspaces/devspaces-rhel9-operator@sha256:c641190d036ca6d270a4a65f181b4e2c584a62fdc374937c71e64d2ff24ed3c0_ppc64le",
"product": {
"name": "devspaces/devspaces-rhel9-operator@sha256:c641190d036ca6d270a4a65f181b4e2c584a62fdc374937c71e64d2ff24ed3c0_ppc64le",
"product_id": "devspaces/devspaces-rhel9-operator@sha256:c641190d036ca6d270a4a65f181b4e2c584a62fdc374937c71e64d2ff24ed3c0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/devspaces-rhel9-operator@sha256:c641190d036ca6d270a4a65f181b4e2c584a62fdc374937c71e64d2ff24ed3c0?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces/devspaces-rhel9-operator\u0026tag=3.19-9"
}
}
},
{
"category": "product_version",
"name": "devspaces/server-rhel9@sha256:c351151b5c7b20b7b425629a1f6390e3da770383ee5558060a53b91721e97426_ppc64le",
"product": {
"name": "devspaces/server-rhel9@sha256:c351151b5c7b20b7b425629a1f6390e3da770383ee5558060a53b91721e97426_ppc64le",
"product_id": "devspaces/server-rhel9@sha256:c351151b5c7b20b7b425629a1f6390e3da770383ee5558060a53b91721e97426_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/server-rhel9@sha256:c351151b5c7b20b7b425629a1f6390e3da770383ee5558060a53b91721e97426?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces/server-rhel9\u0026tag=3.19-11"
}
}
},
{
"category": "product_version",
"name": "devspaces/traefik-rhel9@sha256:6485c5b8697b6a7bf4e1d1a7894aa1d776f992e7233ac496f6ac1aa4eeb87892_ppc64le",
"product": {
"name": "devspaces/traefik-rhel9@sha256:6485c5b8697b6a7bf4e1d1a7894aa1d776f992e7233ac496f6ac1aa4eeb87892_ppc64le",
"product_id": "devspaces/traefik-rhel9@sha256:6485c5b8697b6a7bf4e1d1a7894aa1d776f992e7233ac496f6ac1aa4eeb87892_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/traefik-rhel9@sha256:6485c5b8697b6a7bf4e1d1a7894aa1d776f992e7233ac496f6ac1aa4eeb87892?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces/traefik-rhel9\u0026tag=3.19-2"
}
}
},
{
"category": "product_version",
"name": "devspaces/udi-rhel9@sha256:bccd955215d40f7bb4ab20554aee523476301130a96d612c729fad3cad1a75d7_ppc64le",
"product": {
"name": "devspaces/udi-rhel9@sha256:bccd955215d40f7bb4ab20554aee523476301130a96d612c729fad3cad1a75d7_ppc64le",
"product_id": "devspaces/udi-rhel9@sha256:bccd955215d40f7bb4ab20554aee523476301130a96d612c729fad3cad1a75d7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/udi-rhel9@sha256:bccd955215d40f7bb4ab20554aee523476301130a96d612c729fad3cad1a75d7?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces/udi-rhel9\u0026tag=3.19-6"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "devspaces/code-rhel9@sha256:71460099eab18a7308bf716446adad7f89db6801787c48506c90a6da553886be_s390x",
"product": {
"name": "devspaces/code-rhel9@sha256:71460099eab18a7308bf716446adad7f89db6801787c48506c90a6da553886be_s390x",
"product_id": "devspaces/code-rhel9@sha256:71460099eab18a7308bf716446adad7f89db6801787c48506c90a6da553886be_s390x",
"product_identification_helper": {
"purl": "pkg:oci/code-rhel9@sha256:71460099eab18a7308bf716446adad7f89db6801787c48506c90a6da553886be?arch=s390x\u0026repository_url=registry.redhat.io/devspaces/code-rhel9\u0026tag=3.19-20"
}
}
},
{
"category": "product_version",
"name": "devspaces/configbump-rhel9@sha256:35097e997aa9afb7e4d5809db7ff9b3e4164d0d56265ab89e5005d78340c0471_s390x",
"product": {
"name": "devspaces/configbump-rhel9@sha256:35097e997aa9afb7e4d5809db7ff9b3e4164d0d56265ab89e5005d78340c0471_s390x",
"product_id": "devspaces/configbump-rhel9@sha256:35097e997aa9afb7e4d5809db7ff9b3e4164d0d56265ab89e5005d78340c0471_s390x",
"product_identification_helper": {
"purl": "pkg:oci/configbump-rhel9@sha256:35097e997aa9afb7e4d5809db7ff9b3e4164d0d56265ab89e5005d78340c0471?arch=s390x\u0026repository_url=registry.redhat.io/devspaces/configbump-rhel9\u0026tag=3.19-4"
}
}
},
{
"category": "product_version",
"name": "devspaces/dashboard-rhel9@sha256:0077e027ccac4e5d7bb75ffa9679f51405a9afa2cad62cbfad60db483c3c457c_s390x",
"product": {
"name": "devspaces/dashboard-rhel9@sha256:0077e027ccac4e5d7bb75ffa9679f51405a9afa2cad62cbfad60db483c3c457c_s390x",
"product_id": "devspaces/dashboard-rhel9@sha256:0077e027ccac4e5d7bb75ffa9679f51405a9afa2cad62cbfad60db483c3c457c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/dashboard-rhel9@sha256:0077e027ccac4e5d7bb75ffa9679f51405a9afa2cad62cbfad60db483c3c457c?arch=s390x\u0026repository_url=registry.redhat.io/devspaces/dashboard-rhel9\u0026tag=3.19-18"
}
}
},
{
"category": "product_version",
"name": "devspaces/imagepuller-rhel9@sha256:664c3848a01aef9533a77f5cbdf388c78e9dedb8bb364b20346edadb0165de00_s390x",
"product": {
"name": "devspaces/imagepuller-rhel9@sha256:664c3848a01aef9533a77f5cbdf388c78e9dedb8bb364b20346edadb0165de00_s390x",
"product_id": "devspaces/imagepuller-rhel9@sha256:664c3848a01aef9533a77f5cbdf388c78e9dedb8bb364b20346edadb0165de00_s390x",
"product_identification_helper": {
"purl": "pkg:oci/imagepuller-rhel9@sha256:664c3848a01aef9533a77f5cbdf388c78e9dedb8bb364b20346edadb0165de00?arch=s390x\u0026repository_url=registry.redhat.io/devspaces/imagepuller-rhel9\u0026tag=3.19-1"
}
}
},
{
"category": "product_version",
"name": "devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d615c925a4157a9cecc786a0456d4e630f06525d63935f504dad6627aeb85d34_s390x",
"product": {
"name": "devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d615c925a4157a9cecc786a0456d4e630f06525d63935f504dad6627aeb85d34_s390x",
"product_id": "devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d615c925a4157a9cecc786a0456d4e630f06525d63935f504dad6627aeb85d34_s390x",
"product_identification_helper": {
"purl": "pkg:oci/jetbrains-ide-rhel9@sha256:d615c925a4157a9cecc786a0456d4e630f06525d63935f504dad6627aeb85d34?arch=s390x\u0026repository_url=registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9\u0026tag=3.19-1"
}
}
},
{
"category": "product_version",
"name": "devspaces/machineexec-rhel9@sha256:961cb6073b19f2dc3769b8e5bae1fffbe5ee712b26744e1ff7e250cf16329106_s390x",
"product": {
"name": "devspaces/machineexec-rhel9@sha256:961cb6073b19f2dc3769b8e5bae1fffbe5ee712b26744e1ff7e250cf16329106_s390x",
"product_id": "devspaces/machineexec-rhel9@sha256:961cb6073b19f2dc3769b8e5bae1fffbe5ee712b26744e1ff7e250cf16329106_s390x",
"product_identification_helper": {
"purl": "pkg:oci/machineexec-rhel9@sha256:961cb6073b19f2dc3769b8e5bae1fffbe5ee712b26744e1ff7e250cf16329106?arch=s390x\u0026repository_url=registry.redhat.io/devspaces/machineexec-rhel9\u0026tag=3.19-3"
}
}
},
{
"category": "product_version",
"name": "devspaces/devspaces-operator-bundle@sha256:23ee857e916a11369454290e62a705293db4a000f2f206118d1d234ab3cf9236_s390x",
"product": {
"name": "devspaces/devspaces-operator-bundle@sha256:23ee857e916a11369454290e62a705293db4a000f2f206118d1d234ab3cf9236_s390x",
"product_id": "devspaces/devspaces-operator-bundle@sha256:23ee857e916a11369454290e62a705293db4a000f2f206118d1d234ab3cf9236_s390x",
"product_identification_helper": {
"purl": "pkg:oci/devspaces-operator-bundle@sha256:23ee857e916a11369454290e62a705293db4a000f2f206118d1d234ab3cf9236?arch=s390x\u0026repository_url=registry.redhat.io/devspaces/devspaces-operator-bundle\u0026tag=3.19-28"
}
}
},
{
"category": "product_version",
"name": "devspaces/pluginregistry-rhel9@sha256:2f7a8b09c04abbbc29af8dfd5a8e4f5133fa467c42ed0b7d8b64724b27882b0d_s390x",
"product": {
"name": "devspaces/pluginregistry-rhel9@sha256:2f7a8b09c04abbbc29af8dfd5a8e4f5133fa467c42ed0b7d8b64724b27882b0d_s390x",
"product_id": "devspaces/pluginregistry-rhel9@sha256:2f7a8b09c04abbbc29af8dfd5a8e4f5133fa467c42ed0b7d8b64724b27882b0d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pluginregistry-rhel9@sha256:2f7a8b09c04abbbc29af8dfd5a8e4f5133fa467c42ed0b7d8b64724b27882b0d?arch=s390x\u0026repository_url=registry.redhat.io/devspaces/pluginregistry-rhel9\u0026tag=3.19-6"
}
}
},
{
"category": "product_version",
"name": "devspaces/devspaces-rhel9-operator@sha256:fb0eca71563b4aaeda85e7f7cb4fc87b4ddc772802b246e88f34a91fa57d2e1a_s390x",
"product": {
"name": "devspaces/devspaces-rhel9-operator@sha256:fb0eca71563b4aaeda85e7f7cb4fc87b4ddc772802b246e88f34a91fa57d2e1a_s390x",
"product_id": "devspaces/devspaces-rhel9-operator@sha256:fb0eca71563b4aaeda85e7f7cb4fc87b4ddc772802b246e88f34a91fa57d2e1a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/devspaces-rhel9-operator@sha256:fb0eca71563b4aaeda85e7f7cb4fc87b4ddc772802b246e88f34a91fa57d2e1a?arch=s390x\u0026repository_url=registry.redhat.io/devspaces/devspaces-rhel9-operator\u0026tag=3.19-9"
}
}
},
{
"category": "product_version",
"name": "devspaces/server-rhel9@sha256:bf9d3f2419c27273a4c4f586d88aa0e64c2d11a583e5dc1f1679c8d8b92d892f_s390x",
"product": {
"name": "devspaces/server-rhel9@sha256:bf9d3f2419c27273a4c4f586d88aa0e64c2d11a583e5dc1f1679c8d8b92d892f_s390x",
"product_id": "devspaces/server-rhel9@sha256:bf9d3f2419c27273a4c4f586d88aa0e64c2d11a583e5dc1f1679c8d8b92d892f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/server-rhel9@sha256:bf9d3f2419c27273a4c4f586d88aa0e64c2d11a583e5dc1f1679c8d8b92d892f?arch=s390x\u0026repository_url=registry.redhat.io/devspaces/server-rhel9\u0026tag=3.19-11"
}
}
},
{
"category": "product_version",
"name": "devspaces/traefik-rhel9@sha256:1715902537309e3f1dbbc12bfbb25b440e6db531efcbf33e5b51d991fc979bd4_s390x",
"product": {
"name": "devspaces/traefik-rhel9@sha256:1715902537309e3f1dbbc12bfbb25b440e6db531efcbf33e5b51d991fc979bd4_s390x",
"product_id": "devspaces/traefik-rhel9@sha256:1715902537309e3f1dbbc12bfbb25b440e6db531efcbf33e5b51d991fc979bd4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/traefik-rhel9@sha256:1715902537309e3f1dbbc12bfbb25b440e6db531efcbf33e5b51d991fc979bd4?arch=s390x\u0026repository_url=registry.redhat.io/devspaces/traefik-rhel9\u0026tag=3.19-2"
}
}
},
{
"category": "product_version",
"name": "devspaces/udi-rhel9@sha256:32a9325a9909b8387fe384e0a43e1be72c9a3989b260fdfc41229bd221134e53_s390x",
"product": {
"name": "devspaces/udi-rhel9@sha256:32a9325a9909b8387fe384e0a43e1be72c9a3989b260fdfc41229bd221134e53_s390x",
"product_id": "devspaces/udi-rhel9@sha256:32a9325a9909b8387fe384e0a43e1be72c9a3989b260fdfc41229bd221134e53_s390x",
"product_identification_helper": {
"purl": "pkg:oci/udi-rhel9@sha256:32a9325a9909b8387fe384e0a43e1be72c9a3989b260fdfc41229bd221134e53?arch=s390x\u0026repository_url=registry.redhat.io/devspaces/udi-rhel9\u0026tag=3.19-6"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "devspaces/code-rhel9@sha256:a58c6da36a5b402d9852a8671af976b94975d48dfe694fa600871f356814b64d_amd64",
"product": {
"name": "devspaces/code-rhel9@sha256:a58c6da36a5b402d9852a8671af976b94975d48dfe694fa600871f356814b64d_amd64",
"product_id": "devspaces/code-rhel9@sha256:a58c6da36a5b402d9852a8671af976b94975d48dfe694fa600871f356814b64d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/code-rhel9@sha256:a58c6da36a5b402d9852a8671af976b94975d48dfe694fa600871f356814b64d?arch=amd64\u0026repository_url=registry.redhat.io/devspaces/code-rhel9\u0026tag=3.19-20"
}
}
},
{
"category": "product_version",
"name": "devspaces/configbump-rhel9@sha256:38eb6a388833aefb0cfcd2a1ffbe597a6b9cbbae67d22aaec4f3cae0e09292ee_amd64",
"product": {
"name": "devspaces/configbump-rhel9@sha256:38eb6a388833aefb0cfcd2a1ffbe597a6b9cbbae67d22aaec4f3cae0e09292ee_amd64",
"product_id": "devspaces/configbump-rhel9@sha256:38eb6a388833aefb0cfcd2a1ffbe597a6b9cbbae67d22aaec4f3cae0e09292ee_amd64",
"product_identification_helper": {
"purl": "pkg:oci/configbump-rhel9@sha256:38eb6a388833aefb0cfcd2a1ffbe597a6b9cbbae67d22aaec4f3cae0e09292ee?arch=amd64\u0026repository_url=registry.redhat.io/devspaces/configbump-rhel9\u0026tag=3.19-4"
}
}
},
{
"category": "product_version",
"name": "devspaces/dashboard-rhel9@sha256:178678bb38a68826b7fa57766150661860c91faee6af2e73921bb4483ae36896_amd64",
"product": {
"name": "devspaces/dashboard-rhel9@sha256:178678bb38a68826b7fa57766150661860c91faee6af2e73921bb4483ae36896_amd64",
"product_id": "devspaces/dashboard-rhel9@sha256:178678bb38a68826b7fa57766150661860c91faee6af2e73921bb4483ae36896_amd64",
"product_identification_helper": {
"purl": "pkg:oci/dashboard-rhel9@sha256:178678bb38a68826b7fa57766150661860c91faee6af2e73921bb4483ae36896?arch=amd64\u0026repository_url=registry.redhat.io/devspaces/dashboard-rhel9\u0026tag=3.19-18"
}
}
},
{
"category": "product_version",
"name": "devspaces-tech-preview/idea-rhel9@sha256:7a43d596b13d43bd689f9cfbc29327fb988e0ea15d8790258379943f429998b9_amd64",
"product": {
"name": "devspaces-tech-preview/idea-rhel9@sha256:7a43d596b13d43bd689f9cfbc29327fb988e0ea15d8790258379943f429998b9_amd64",
"product_id": "devspaces-tech-preview/idea-rhel9@sha256:7a43d596b13d43bd689f9cfbc29327fb988e0ea15d8790258379943f429998b9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/idea-rhel9@sha256:7a43d596b13d43bd689f9cfbc29327fb988e0ea15d8790258379943f429998b9?arch=amd64\u0026repository_url=registry.redhat.io/devspaces-tech-preview/idea-rhel9\u0026tag=3.19-3"
}
}
},
{
"category": "product_version",
"name": "devspaces/imagepuller-rhel9@sha256:7e7cf118995a7eaf37f909dafa40fb031f5a036de31344c51d4e944eb74bcbbc_amd64",
"product": {
"name": "devspaces/imagepuller-rhel9@sha256:7e7cf118995a7eaf37f909dafa40fb031f5a036de31344c51d4e944eb74bcbbc_amd64",
"product_id": "devspaces/imagepuller-rhel9@sha256:7e7cf118995a7eaf37f909dafa40fb031f5a036de31344c51d4e944eb74bcbbc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/imagepuller-rhel9@sha256:7e7cf118995a7eaf37f909dafa40fb031f5a036de31344c51d4e944eb74bcbbc?arch=amd64\u0026repository_url=registry.redhat.io/devspaces/imagepuller-rhel9\u0026tag=3.19-1"
}
}
},
{
"category": "product_version",
"name": "devspaces-tech-preview/jetbrains-ide-rhel9@sha256:99197f82cc9b3a1fb0cf9f6ec458aac5b3b7a3ebefe58cb4d7ee96ed16e88366_amd64",
"product": {
"name": "devspaces-tech-preview/jetbrains-ide-rhel9@sha256:99197f82cc9b3a1fb0cf9f6ec458aac5b3b7a3ebefe58cb4d7ee96ed16e88366_amd64",
"product_id": "devspaces-tech-preview/jetbrains-ide-rhel9@sha256:99197f82cc9b3a1fb0cf9f6ec458aac5b3b7a3ebefe58cb4d7ee96ed16e88366_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jetbrains-ide-rhel9@sha256:99197f82cc9b3a1fb0cf9f6ec458aac5b3b7a3ebefe58cb4d7ee96ed16e88366?arch=amd64\u0026repository_url=registry.redhat.io/devspaces-tech-preview/jetbrains-ide-rhel9\u0026tag=3.19-1"
}
}
},
{
"category": "product_version",
"name": "devspaces/machineexec-rhel9@sha256:196a6811343f082a0daa0dbf2a1fd73f80d1da546f8d72073eb37027609ec45a_amd64",
"product": {
"name": "devspaces/machineexec-rhel9@sha256:196a6811343f082a0daa0dbf2a1fd73f80d1da546f8d72073eb37027609ec45a_amd64",
"product_id": "devspaces/machineexec-rhel9@sha256:196a6811343f082a0daa0dbf2a1fd73f80d1da546f8d72073eb37027609ec45a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/machineexec-rhel9@sha256:196a6811343f082a0daa0dbf2a1fd73f80d1da546f8d72073eb37027609ec45a?arch=amd64\u0026repository_url=registry.redhat.io/devspaces/machineexec-rhel9\u0026tag=3.19-3"
}
}
},
{
"category": "product_version",
"name": "devspaces/devspaces-operator-bundle@sha256:a584ae6a7f9f5facfb84ca068b08c1dab9e68c8ccf0fca7d8f6e492e3eacb039_amd64",
"product": {
"name": "devspaces/devspaces-operator-bundle@sha256:a584ae6a7f9f5facfb84ca068b08c1dab9e68c8ccf0fca7d8f6e492e3eacb039_amd64",
"product_id": "devspaces/devspaces-operator-bundle@sha256:a584ae6a7f9f5facfb84ca068b08c1dab9e68c8ccf0fca7d8f6e492e3eacb039_amd64",
"product_identification_helper": {
"purl": "pkg:oci/devspaces-operator-bundle@sha256:a584ae6a7f9f5facfb84ca068b08c1dab9e68c8ccf0fca7d8f6e492e3eacb039?arch=amd64\u0026repository_url=registry.redhat.io/devspaces/devspaces-operator-bundle\u0026tag=3.19-28"
}
}
},
{
"category": "product_version",
"name": "devspaces/pluginregistry-rhel9@sha256:58b11d05aff7b68d1a74c29a828f8cb382c5752a3fcf207b5d1d318057b7a170_amd64",
"product": {
"name": "devspaces/pluginregistry-rhel9@sha256:58b11d05aff7b68d1a74c29a828f8cb382c5752a3fcf207b5d1d318057b7a170_amd64",
"product_id": "devspaces/pluginregistry-rhel9@sha256:58b11d05aff7b68d1a74c29a828f8cb382c5752a3fcf207b5d1d318057b7a170_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pluginregistry-rhel9@sha256:58b11d05aff7b68d1a74c29a828f8cb382c5752a3fcf207b5d1d318057b7a170?arch=amd64\u0026repository_url=registry.redhat.io/devspaces/pluginregistry-rhel9\u0026tag=3.19-6"
}
}
},
{
"category": "product_version",
"name": "devspaces/devspaces-rhel9-operator@sha256:3878adbe4177af302b16d5e30626125d6c3a6ddd93cad20b4aee54ea54b69af0_amd64",
"product": {
"name": "devspaces/devspaces-rhel9-operator@sha256:3878adbe4177af302b16d5e30626125d6c3a6ddd93cad20b4aee54ea54b69af0_amd64",
"product_id": "devspaces/devspaces-rhel9-operator@sha256:3878adbe4177af302b16d5e30626125d6c3a6ddd93cad20b4aee54ea54b69af0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/devspaces-rhel9-operator@sha256:3878adbe4177af302b16d5e30626125d6c3a6ddd93cad20b4aee54ea54b69af0?arch=amd64\u0026repository_url=registry.redhat.io/devspaces/devspaces-rhel9-operator\u0026tag=3.19-9"
}
}
},
{
"category": "product_version",
"name": "devspaces/server-rhel9@sha256:587baf931fb97c939ee3c4b90510215c97d7ec790e7387e478a9c506b99b5d4a_amd64",
"product": {
"name": "devspaces/server-rhel9@sha256:587baf931fb97c939ee3c4b90510215c97d7ec790e7387e478a9c506b99b5d4a_amd64",
"product_id": "devspaces/server-rhel9@sha256:587baf931fb97c939ee3c4b90510215c97d7ec790e7387e478a9c506b99b5d4a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/server-rhel9@sha256:587baf931fb97c939ee3c4b90510215c97d7ec790e7387e478a9c506b99b5d4a?arch=amd64\u0026repository_url=registry.redhat.io/devspaces/server-rhel9\u0026tag=3.19-11"
}
}
},
{
"category": "product_version",
"name": "devspaces/traefik-rhel9@sha256:b05d482bc642262bb1b5470fc9a60e74099f22d8b658edfea34a6490a32fd7dc_amd64",
"product": {
"name": "devspaces/traefik-rhel9@sha256:b05d482bc642262bb1b5470fc9a60e74099f22d8b658edfea34a6490a32fd7dc_amd64",
"product_id": "devspaces/traefik-rhel9@sha256:b05d482bc642262bb1b5470fc9a60e74099f22d8b658edfea34a6490a32fd7dc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/traefik-rhel9@sha256:b05d482bc642262bb1b5470fc9a60e74099f22d8b658edfea34a6490a32fd7dc?arch=amd64\u0026repository_url=registry.redhat.io/devspaces/traefik-rhel9\u0026tag=3.19-2"
}
}
},
{
"category": "product_version",
"name": "devspaces/udi-rhel9@sha256:abefbfd48f420988ebbdd30e8cba1f6e2d06b1ec4d38a6394d532ab16f966b9d_amd64",
"product": {
"name": "devspaces/udi-rhel9@sha256:abefbfd48f420988ebbdd30e8cba1f6e2d06b1ec4d38a6394d532ab16f966b9d_amd64",
"product_id": "devspaces/udi-rhel9@sha256:abefbfd48f420988ebbdd30e8cba1f6e2d06b1ec4d38a6394d532ab16f966b9d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/udi-rhel9@sha256:abefbfd48f420988ebbdd30e8cba1f6e2d06b1ec4d38a6394d532ab16f966b9d?arch=amd64\u0026repository_url=registry.redhat.io/devspaces/udi-rhel9\u0026tag=3.19-6"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces-tech-preview/idea-rhel9@sha256:7a43d596b13d43bd689f9cfbc29327fb988e0ea15d8790258379943f429998b9_amd64 as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces-tech-preview/idea-rhel9@sha256:7a43d596b13d43bd689f9cfbc29327fb988e0ea15d8790258379943f429998b9_amd64"
},
"product_reference": "devspaces-tech-preview/idea-rhel9@sha256:7a43d596b13d43bd689f9cfbc29327fb988e0ea15d8790258379943f429998b9_amd64",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces-tech-preview/jetbrains-ide-rhel9@sha256:1d8ea018fe82220a2def92de9f6417b5213ff4341e56ab603891e70e208643ad_ppc64le as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:1d8ea018fe82220a2def92de9f6417b5213ff4341e56ab603891e70e208643ad_ppc64le"
},
"product_reference": "devspaces-tech-preview/jetbrains-ide-rhel9@sha256:1d8ea018fe82220a2def92de9f6417b5213ff4341e56ab603891e70e208643ad_ppc64le",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces-tech-preview/jetbrains-ide-rhel9@sha256:99197f82cc9b3a1fb0cf9f6ec458aac5b3b7a3ebefe58cb4d7ee96ed16e88366_amd64 as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:99197f82cc9b3a1fb0cf9f6ec458aac5b3b7a3ebefe58cb4d7ee96ed16e88366_amd64"
},
"product_reference": "devspaces-tech-preview/jetbrains-ide-rhel9@sha256:99197f82cc9b3a1fb0cf9f6ec458aac5b3b7a3ebefe58cb4d7ee96ed16e88366_amd64",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d615c925a4157a9cecc786a0456d4e630f06525d63935f504dad6627aeb85d34_s390x as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d615c925a4157a9cecc786a0456d4e630f06525d63935f504dad6627aeb85d34_s390x"
},
"product_reference": "devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d615c925a4157a9cecc786a0456d4e630f06525d63935f504dad6627aeb85d34_s390x",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/code-rhel9@sha256:5721cf5cede1d1f177048b897b880f35bf6208c79521d8867dfa1c0b5cd6e58d_ppc64le as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/code-rhel9@sha256:5721cf5cede1d1f177048b897b880f35bf6208c79521d8867dfa1c0b5cd6e58d_ppc64le"
},
"product_reference": "devspaces/code-rhel9@sha256:5721cf5cede1d1f177048b897b880f35bf6208c79521d8867dfa1c0b5cd6e58d_ppc64le",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/code-rhel9@sha256:71460099eab18a7308bf716446adad7f89db6801787c48506c90a6da553886be_s390x as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/code-rhel9@sha256:71460099eab18a7308bf716446adad7f89db6801787c48506c90a6da553886be_s390x"
},
"product_reference": "devspaces/code-rhel9@sha256:71460099eab18a7308bf716446adad7f89db6801787c48506c90a6da553886be_s390x",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/code-rhel9@sha256:a58c6da36a5b402d9852a8671af976b94975d48dfe694fa600871f356814b64d_amd64 as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/code-rhel9@sha256:a58c6da36a5b402d9852a8671af976b94975d48dfe694fa600871f356814b64d_amd64"
},
"product_reference": "devspaces/code-rhel9@sha256:a58c6da36a5b402d9852a8671af976b94975d48dfe694fa600871f356814b64d_amd64",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/configbump-rhel9@sha256:35097e997aa9afb7e4d5809db7ff9b3e4164d0d56265ab89e5005d78340c0471_s390x as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:35097e997aa9afb7e4d5809db7ff9b3e4164d0d56265ab89e5005d78340c0471_s390x"
},
"product_reference": "devspaces/configbump-rhel9@sha256:35097e997aa9afb7e4d5809db7ff9b3e4164d0d56265ab89e5005d78340c0471_s390x",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/configbump-rhel9@sha256:38eb6a388833aefb0cfcd2a1ffbe597a6b9cbbae67d22aaec4f3cae0e09292ee_amd64 as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:38eb6a388833aefb0cfcd2a1ffbe597a6b9cbbae67d22aaec4f3cae0e09292ee_amd64"
},
"product_reference": "devspaces/configbump-rhel9@sha256:38eb6a388833aefb0cfcd2a1ffbe597a6b9cbbae67d22aaec4f3cae0e09292ee_amd64",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/configbump-rhel9@sha256:ed952b1595da133948cc2f63c26f8294f1ad57dda4fc911b3e68c342f9d05ffc_ppc64le as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:ed952b1595da133948cc2f63c26f8294f1ad57dda4fc911b3e68c342f9d05ffc_ppc64le"
},
"product_reference": "devspaces/configbump-rhel9@sha256:ed952b1595da133948cc2f63c26f8294f1ad57dda4fc911b3e68c342f9d05ffc_ppc64le",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/dashboard-rhel9@sha256:0077e027ccac4e5d7bb75ffa9679f51405a9afa2cad62cbfad60db483c3c457c_s390x as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:0077e027ccac4e5d7bb75ffa9679f51405a9afa2cad62cbfad60db483c3c457c_s390x"
},
"product_reference": "devspaces/dashboard-rhel9@sha256:0077e027ccac4e5d7bb75ffa9679f51405a9afa2cad62cbfad60db483c3c457c_s390x",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/dashboard-rhel9@sha256:178678bb38a68826b7fa57766150661860c91faee6af2e73921bb4483ae36896_amd64 as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:178678bb38a68826b7fa57766150661860c91faee6af2e73921bb4483ae36896_amd64"
},
"product_reference": "devspaces/dashboard-rhel9@sha256:178678bb38a68826b7fa57766150661860c91faee6af2e73921bb4483ae36896_amd64",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/dashboard-rhel9@sha256:b7db9f8c10fa9476c9b2daa0029695c1b5ef5d03c2203ad359fcac2e97892ac9_ppc64le as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:b7db9f8c10fa9476c9b2daa0029695c1b5ef5d03c2203ad359fcac2e97892ac9_ppc64le"
},
"product_reference": "devspaces/dashboard-rhel9@sha256:b7db9f8c10fa9476c9b2daa0029695c1b5ef5d03c2203ad359fcac2e97892ac9_ppc64le",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/devspaces-operator-bundle@sha256:23ee857e916a11369454290e62a705293db4a000f2f206118d1d234ab3cf9236_s390x as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:23ee857e916a11369454290e62a705293db4a000f2f206118d1d234ab3cf9236_s390x"
},
"product_reference": "devspaces/devspaces-operator-bundle@sha256:23ee857e916a11369454290e62a705293db4a000f2f206118d1d234ab3cf9236_s390x",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/devspaces-operator-bundle@sha256:a584ae6a7f9f5facfb84ca068b08c1dab9e68c8ccf0fca7d8f6e492e3eacb039_amd64 as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:a584ae6a7f9f5facfb84ca068b08c1dab9e68c8ccf0fca7d8f6e492e3eacb039_amd64"
},
"product_reference": "devspaces/devspaces-operator-bundle@sha256:a584ae6a7f9f5facfb84ca068b08c1dab9e68c8ccf0fca7d8f6e492e3eacb039_amd64",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/devspaces-operator-bundle@sha256:dfa48e044bf23c7da2cc9d18317f1ec14f591a125ef39ddfaefebbe434dcce90_ppc64le as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:dfa48e044bf23c7da2cc9d18317f1ec14f591a125ef39ddfaefebbe434dcce90_ppc64le"
},
"product_reference": "devspaces/devspaces-operator-bundle@sha256:dfa48e044bf23c7da2cc9d18317f1ec14f591a125ef39ddfaefebbe434dcce90_ppc64le",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/devspaces-rhel9-operator@sha256:3878adbe4177af302b16d5e30626125d6c3a6ddd93cad20b4aee54ea54b69af0_amd64 as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:3878adbe4177af302b16d5e30626125d6c3a6ddd93cad20b4aee54ea54b69af0_amd64"
},
"product_reference": "devspaces/devspaces-rhel9-operator@sha256:3878adbe4177af302b16d5e30626125d6c3a6ddd93cad20b4aee54ea54b69af0_amd64",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/devspaces-rhel9-operator@sha256:c641190d036ca6d270a4a65f181b4e2c584a62fdc374937c71e64d2ff24ed3c0_ppc64le as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:c641190d036ca6d270a4a65f181b4e2c584a62fdc374937c71e64d2ff24ed3c0_ppc64le"
},
"product_reference": "devspaces/devspaces-rhel9-operator@sha256:c641190d036ca6d270a4a65f181b4e2c584a62fdc374937c71e64d2ff24ed3c0_ppc64le",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/devspaces-rhel9-operator@sha256:fb0eca71563b4aaeda85e7f7cb4fc87b4ddc772802b246e88f34a91fa57d2e1a_s390x as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:fb0eca71563b4aaeda85e7f7cb4fc87b4ddc772802b246e88f34a91fa57d2e1a_s390x"
},
"product_reference": "devspaces/devspaces-rhel9-operator@sha256:fb0eca71563b4aaeda85e7f7cb4fc87b4ddc772802b246e88f34a91fa57d2e1a_s390x",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/imagepuller-rhel9@sha256:4dcd09c3ce61afc15858db3b6adb2f6931dfb8556a686d1a96c4eebf4bb5f6bb_ppc64le as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:4dcd09c3ce61afc15858db3b6adb2f6931dfb8556a686d1a96c4eebf4bb5f6bb_ppc64le"
},
"product_reference": "devspaces/imagepuller-rhel9@sha256:4dcd09c3ce61afc15858db3b6adb2f6931dfb8556a686d1a96c4eebf4bb5f6bb_ppc64le",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/imagepuller-rhel9@sha256:664c3848a01aef9533a77f5cbdf388c78e9dedb8bb364b20346edadb0165de00_s390x as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:664c3848a01aef9533a77f5cbdf388c78e9dedb8bb364b20346edadb0165de00_s390x"
},
"product_reference": "devspaces/imagepuller-rhel9@sha256:664c3848a01aef9533a77f5cbdf388c78e9dedb8bb364b20346edadb0165de00_s390x",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/imagepuller-rhel9@sha256:7e7cf118995a7eaf37f909dafa40fb031f5a036de31344c51d4e944eb74bcbbc_amd64 as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:7e7cf118995a7eaf37f909dafa40fb031f5a036de31344c51d4e944eb74bcbbc_amd64"
},
"product_reference": "devspaces/imagepuller-rhel9@sha256:7e7cf118995a7eaf37f909dafa40fb031f5a036de31344c51d4e944eb74bcbbc_amd64",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/machineexec-rhel9@sha256:196a6811343f082a0daa0dbf2a1fd73f80d1da546f8d72073eb37027609ec45a_amd64 as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:196a6811343f082a0daa0dbf2a1fd73f80d1da546f8d72073eb37027609ec45a_amd64"
},
"product_reference": "devspaces/machineexec-rhel9@sha256:196a6811343f082a0daa0dbf2a1fd73f80d1da546f8d72073eb37027609ec45a_amd64",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/machineexec-rhel9@sha256:961cb6073b19f2dc3769b8e5bae1fffbe5ee712b26744e1ff7e250cf16329106_s390x as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:961cb6073b19f2dc3769b8e5bae1fffbe5ee712b26744e1ff7e250cf16329106_s390x"
},
"product_reference": "devspaces/machineexec-rhel9@sha256:961cb6073b19f2dc3769b8e5bae1fffbe5ee712b26744e1ff7e250cf16329106_s390x",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/machineexec-rhel9@sha256:d799111ba9af355c1ba070b591a0fb6f601b6e6e41cef5b5466146f4f8c75fc4_ppc64le as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:d799111ba9af355c1ba070b591a0fb6f601b6e6e41cef5b5466146f4f8c75fc4_ppc64le"
},
"product_reference": "devspaces/machineexec-rhel9@sha256:d799111ba9af355c1ba070b591a0fb6f601b6e6e41cef5b5466146f4f8c75fc4_ppc64le",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/pluginregistry-rhel9@sha256:2f7a8b09c04abbbc29af8dfd5a8e4f5133fa467c42ed0b7d8b64724b27882b0d_s390x as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:2f7a8b09c04abbbc29af8dfd5a8e4f5133fa467c42ed0b7d8b64724b27882b0d_s390x"
},
"product_reference": "devspaces/pluginregistry-rhel9@sha256:2f7a8b09c04abbbc29af8dfd5a8e4f5133fa467c42ed0b7d8b64724b27882b0d_s390x",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/pluginregistry-rhel9@sha256:58b11d05aff7b68d1a74c29a828f8cb382c5752a3fcf207b5d1d318057b7a170_amd64 as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:58b11d05aff7b68d1a74c29a828f8cb382c5752a3fcf207b5d1d318057b7a170_amd64"
},
"product_reference": "devspaces/pluginregistry-rhel9@sha256:58b11d05aff7b68d1a74c29a828f8cb382c5752a3fcf207b5d1d318057b7a170_amd64",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/pluginregistry-rhel9@sha256:768dec74e699d285d338095445229d7aaa3516ca1878dc95d4f57aee9ec3c982_ppc64le as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:768dec74e699d285d338095445229d7aaa3516ca1878dc95d4f57aee9ec3c982_ppc64le"
},
"product_reference": "devspaces/pluginregistry-rhel9@sha256:768dec74e699d285d338095445229d7aaa3516ca1878dc95d4f57aee9ec3c982_ppc64le",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/server-rhel9@sha256:587baf931fb97c939ee3c4b90510215c97d7ec790e7387e478a9c506b99b5d4a_amd64 as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/server-rhel9@sha256:587baf931fb97c939ee3c4b90510215c97d7ec790e7387e478a9c506b99b5d4a_amd64"
},
"product_reference": "devspaces/server-rhel9@sha256:587baf931fb97c939ee3c4b90510215c97d7ec790e7387e478a9c506b99b5d4a_amd64",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/server-rhel9@sha256:bf9d3f2419c27273a4c4f586d88aa0e64c2d11a583e5dc1f1679c8d8b92d892f_s390x as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/server-rhel9@sha256:bf9d3f2419c27273a4c4f586d88aa0e64c2d11a583e5dc1f1679c8d8b92d892f_s390x"
},
"product_reference": "devspaces/server-rhel9@sha256:bf9d3f2419c27273a4c4f586d88aa0e64c2d11a583e5dc1f1679c8d8b92d892f_s390x",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/server-rhel9@sha256:c351151b5c7b20b7b425629a1f6390e3da770383ee5558060a53b91721e97426_ppc64le as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/server-rhel9@sha256:c351151b5c7b20b7b425629a1f6390e3da770383ee5558060a53b91721e97426_ppc64le"
},
"product_reference": "devspaces/server-rhel9@sha256:c351151b5c7b20b7b425629a1f6390e3da770383ee5558060a53b91721e97426_ppc64le",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/traefik-rhel9@sha256:1715902537309e3f1dbbc12bfbb25b440e6db531efcbf33e5b51d991fc979bd4_s390x as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:1715902537309e3f1dbbc12bfbb25b440e6db531efcbf33e5b51d991fc979bd4_s390x"
},
"product_reference": "devspaces/traefik-rhel9@sha256:1715902537309e3f1dbbc12bfbb25b440e6db531efcbf33e5b51d991fc979bd4_s390x",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/traefik-rhel9@sha256:6485c5b8697b6a7bf4e1d1a7894aa1d776f992e7233ac496f6ac1aa4eeb87892_ppc64le as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:6485c5b8697b6a7bf4e1d1a7894aa1d776f992e7233ac496f6ac1aa4eeb87892_ppc64le"
},
"product_reference": "devspaces/traefik-rhel9@sha256:6485c5b8697b6a7bf4e1d1a7894aa1d776f992e7233ac496f6ac1aa4eeb87892_ppc64le",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/traefik-rhel9@sha256:b05d482bc642262bb1b5470fc9a60e74099f22d8b658edfea34a6490a32fd7dc_amd64 as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:b05d482bc642262bb1b5470fc9a60e74099f22d8b658edfea34a6490a32fd7dc_amd64"
},
"product_reference": "devspaces/traefik-rhel9@sha256:b05d482bc642262bb1b5470fc9a60e74099f22d8b658edfea34a6490a32fd7dc_amd64",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/udi-rhel9@sha256:32a9325a9909b8387fe384e0a43e1be72c9a3989b260fdfc41229bd221134e53_s390x as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:32a9325a9909b8387fe384e0a43e1be72c9a3989b260fdfc41229bd221134e53_s390x"
},
"product_reference": "devspaces/udi-rhel9@sha256:32a9325a9909b8387fe384e0a43e1be72c9a3989b260fdfc41229bd221134e53_s390x",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/udi-rhel9@sha256:abefbfd48f420988ebbdd30e8cba1f6e2d06b1ec4d38a6394d532ab16f966b9d_amd64 as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:abefbfd48f420988ebbdd30e8cba1f6e2d06b1ec4d38a6394d532ab16f966b9d_amd64"
},
"product_reference": "devspaces/udi-rhel9@sha256:abefbfd48f420988ebbdd30e8cba1f6e2d06b1ec4d38a6394d532ab16f966b9d_amd64",
"relates_to_product_reference": "9Base-RHOSDS-3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "devspaces/udi-rhel9@sha256:bccd955215d40f7bb4ab20554aee523476301130a96d612c729fad3cad1a75d7_ppc64le as a component of Red Hat OpenShift Dev Spaces 3",
"product_id": "9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:bccd955215d40f7bb4ab20554aee523476301130a96d612c729fad3cad1a75d7_ppc64le"
},
"product_reference": "devspaces/udi-rhel9@sha256:bccd955215d40f7bb4ab20554aee523476301130a96d612c729fad3cad1a75d7_ppc64le",
"relates_to_product_reference": "9Base-RHOSDS-3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-23207",
"cwe": {
"id": "CWE-116",
"name": "Improper Encoding or Escaping of Output"
},
"discovery_date": "2025-01-17T22:00:43.066864+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2338681"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the KaTeX library. KaTeX users who render untrusted mathematical expressions with `renderToString` could encounter malicious input using `\\htmlData` that runs arbitrary JavaScript or generate invalid HTML.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "katex: \\htmlData does not validate attribute names in KaTeX",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSDS-3:devspaces-tech-preview/idea-rhel9@sha256:7a43d596b13d43bd689f9cfbc29327fb988e0ea15d8790258379943f429998b9_amd64",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:1d8ea018fe82220a2def92de9f6417b5213ff4341e56ab603891e70e208643ad_ppc64le",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:99197f82cc9b3a1fb0cf9f6ec458aac5b3b7a3ebefe58cb4d7ee96ed16e88366_amd64",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d615c925a4157a9cecc786a0456d4e630f06525d63935f504dad6627aeb85d34_s390x",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:5721cf5cede1d1f177048b897b880f35bf6208c79521d8867dfa1c0b5cd6e58d_ppc64le",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:71460099eab18a7308bf716446adad7f89db6801787c48506c90a6da553886be_s390x",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:a58c6da36a5b402d9852a8671af976b94975d48dfe694fa600871f356814b64d_amd64",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:35097e997aa9afb7e4d5809db7ff9b3e4164d0d56265ab89e5005d78340c0471_s390x",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:38eb6a388833aefb0cfcd2a1ffbe597a6b9cbbae67d22aaec4f3cae0e09292ee_amd64",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:ed952b1595da133948cc2f63c26f8294f1ad57dda4fc911b3e68c342f9d05ffc_ppc64le",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:0077e027ccac4e5d7bb75ffa9679f51405a9afa2cad62cbfad60db483c3c457c_s390x",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:178678bb38a68826b7fa57766150661860c91faee6af2e73921bb4483ae36896_amd64",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:b7db9f8c10fa9476c9b2daa0029695c1b5ef5d03c2203ad359fcac2e97892ac9_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:23ee857e916a11369454290e62a705293db4a000f2f206118d1d234ab3cf9236_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:a584ae6a7f9f5facfb84ca068b08c1dab9e68c8ccf0fca7d8f6e492e3eacb039_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:dfa48e044bf23c7da2cc9d18317f1ec14f591a125ef39ddfaefebbe434dcce90_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:3878adbe4177af302b16d5e30626125d6c3a6ddd93cad20b4aee54ea54b69af0_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:c641190d036ca6d270a4a65f181b4e2c584a62fdc374937c71e64d2ff24ed3c0_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:fb0eca71563b4aaeda85e7f7cb4fc87b4ddc772802b246e88f34a91fa57d2e1a_s390x",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:4dcd09c3ce61afc15858db3b6adb2f6931dfb8556a686d1a96c4eebf4bb5f6bb_ppc64le",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:664c3848a01aef9533a77f5cbdf388c78e9dedb8bb364b20346edadb0165de00_s390x",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:7e7cf118995a7eaf37f909dafa40fb031f5a036de31344c51d4e944eb74bcbbc_amd64",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:196a6811343f082a0daa0dbf2a1fd73f80d1da546f8d72073eb37027609ec45a_amd64",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:961cb6073b19f2dc3769b8e5bae1fffbe5ee712b26744e1ff7e250cf16329106_s390x",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:d799111ba9af355c1ba070b591a0fb6f601b6e6e41cef5b5466146f4f8c75fc4_ppc64le",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:2f7a8b09c04abbbc29af8dfd5a8e4f5133fa467c42ed0b7d8b64724b27882b0d_s390x",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:58b11d05aff7b68d1a74c29a828f8cb382c5752a3fcf207b5d1d318057b7a170_amd64",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:768dec74e699d285d338095445229d7aaa3516ca1878dc95d4f57aee9ec3c982_ppc64le",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:587baf931fb97c939ee3c4b90510215c97d7ec790e7387e478a9c506b99b5d4a_amd64",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:bf9d3f2419c27273a4c4f586d88aa0e64c2d11a583e5dc1f1679c8d8b92d892f_s390x",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:c351151b5c7b20b7b425629a1f6390e3da770383ee5558060a53b91721e97426_ppc64le",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:1715902537309e3f1dbbc12bfbb25b440e6db531efcbf33e5b51d991fc979bd4_s390x",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:6485c5b8697b6a7bf4e1d1a7894aa1d776f992e7233ac496f6ac1aa4eeb87892_ppc64le",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:b05d482bc642262bb1b5470fc9a60e74099f22d8b658edfea34a6490a32fd7dc_amd64",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:32a9325a9909b8387fe384e0a43e1be72c9a3989b260fdfc41229bd221134e53_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:abefbfd48f420988ebbdd30e8cba1f6e2d06b1ec4d38a6394d532ab16f966b9d_amd64",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:bccd955215d40f7bb4ab20554aee523476301130a96d612c729fad3cad1a75d7_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-23207"
},
{
"category": "external",
"summary": "RHBZ#2338681",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2338681"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-23207",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23207"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-23207",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-23207"
},
{
"category": "external",
"summary": "https://github.com/KaTeX/KaTeX/commit/ff289955e81aab89086eef09254cbf88573d415c",
"url": "https://github.com/KaTeX/KaTeX/commit/ff289955e81aab89086eef09254cbf88573d415c"
},
{
"category": "external",
"summary": "https://github.com/KaTeX/KaTeX/security/advisories/GHSA-cg87-wmx4-v546",
"url": "https://github.com/KaTeX/KaTeX/security/advisories/GHSA-cg87-wmx4-v546"
}
],
"release_date": "2025-01-17T21:25:05.746000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-03-13T16:40:08+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHOSDS-3:devspaces-tech-preview/idea-rhel9@sha256:7a43d596b13d43bd689f9cfbc29327fb988e0ea15d8790258379943f429998b9_amd64",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:1d8ea018fe82220a2def92de9f6417b5213ff4341e56ab603891e70e208643ad_ppc64le",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:99197f82cc9b3a1fb0cf9f6ec458aac5b3b7a3ebefe58cb4d7ee96ed16e88366_amd64",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d615c925a4157a9cecc786a0456d4e630f06525d63935f504dad6627aeb85d34_s390x",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:5721cf5cede1d1f177048b897b880f35bf6208c79521d8867dfa1c0b5cd6e58d_ppc64le",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:71460099eab18a7308bf716446adad7f89db6801787c48506c90a6da553886be_s390x",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:a58c6da36a5b402d9852a8671af976b94975d48dfe694fa600871f356814b64d_amd64",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:35097e997aa9afb7e4d5809db7ff9b3e4164d0d56265ab89e5005d78340c0471_s390x",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:38eb6a388833aefb0cfcd2a1ffbe597a6b9cbbae67d22aaec4f3cae0e09292ee_amd64",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:ed952b1595da133948cc2f63c26f8294f1ad57dda4fc911b3e68c342f9d05ffc_ppc64le",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:0077e027ccac4e5d7bb75ffa9679f51405a9afa2cad62cbfad60db483c3c457c_s390x",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:178678bb38a68826b7fa57766150661860c91faee6af2e73921bb4483ae36896_amd64",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:b7db9f8c10fa9476c9b2daa0029695c1b5ef5d03c2203ad359fcac2e97892ac9_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:23ee857e916a11369454290e62a705293db4a000f2f206118d1d234ab3cf9236_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:a584ae6a7f9f5facfb84ca068b08c1dab9e68c8ccf0fca7d8f6e492e3eacb039_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:dfa48e044bf23c7da2cc9d18317f1ec14f591a125ef39ddfaefebbe434dcce90_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:3878adbe4177af302b16d5e30626125d6c3a6ddd93cad20b4aee54ea54b69af0_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:c641190d036ca6d270a4a65f181b4e2c584a62fdc374937c71e64d2ff24ed3c0_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:fb0eca71563b4aaeda85e7f7cb4fc87b4ddc772802b246e88f34a91fa57d2e1a_s390x",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:4dcd09c3ce61afc15858db3b6adb2f6931dfb8556a686d1a96c4eebf4bb5f6bb_ppc64le",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:664c3848a01aef9533a77f5cbdf388c78e9dedb8bb364b20346edadb0165de00_s390x",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:7e7cf118995a7eaf37f909dafa40fb031f5a036de31344c51d4e944eb74bcbbc_amd64",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:196a6811343f082a0daa0dbf2a1fd73f80d1da546f8d72073eb37027609ec45a_amd64",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:961cb6073b19f2dc3769b8e5bae1fffbe5ee712b26744e1ff7e250cf16329106_s390x",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:d799111ba9af355c1ba070b591a0fb6f601b6e6e41cef5b5466146f4f8c75fc4_ppc64le",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:2f7a8b09c04abbbc29af8dfd5a8e4f5133fa467c42ed0b7d8b64724b27882b0d_s390x",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:58b11d05aff7b68d1a74c29a828f8cb382c5752a3fcf207b5d1d318057b7a170_amd64",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:768dec74e699d285d338095445229d7aaa3516ca1878dc95d4f57aee9ec3c982_ppc64le",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:587baf931fb97c939ee3c4b90510215c97d7ec790e7387e478a9c506b99b5d4a_amd64",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:bf9d3f2419c27273a4c4f586d88aa0e64c2d11a583e5dc1f1679c8d8b92d892f_s390x",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:c351151b5c7b20b7b425629a1f6390e3da770383ee5558060a53b91721e97426_ppc64le",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:1715902537309e3f1dbbc12bfbb25b440e6db531efcbf33e5b51d991fc979bd4_s390x",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:6485c5b8697b6a7bf4e1d1a7894aa1d776f992e7233ac496f6ac1aa4eeb87892_ppc64le",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:b05d482bc642262bb1b5470fc9a60e74099f22d8b658edfea34a6490a32fd7dc_amd64",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:32a9325a9909b8387fe384e0a43e1be72c9a3989b260fdfc41229bd221134e53_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:abefbfd48f420988ebbdd30e8cba1f6e2d06b1ec4d38a6394d532ab16f966b9d_amd64",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:bccd955215d40f7bb4ab20554aee523476301130a96d612c729fad3cad1a75d7_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:2753"
},
{
"category": "workaround",
"details": "Users unable to upgrade should turn off the `trust` option or set it to forbid `\\htmlData` commands, forbid inputs containing the substring `\"\\\\htmlData\"` and sanitize HTML output from KaTeX.",
"product_ids": [
"9Base-RHOSDS-3:devspaces-tech-preview/idea-rhel9@sha256:7a43d596b13d43bd689f9cfbc29327fb988e0ea15d8790258379943f429998b9_amd64",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:1d8ea018fe82220a2def92de9f6417b5213ff4341e56ab603891e70e208643ad_ppc64le",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:99197f82cc9b3a1fb0cf9f6ec458aac5b3b7a3ebefe58cb4d7ee96ed16e88366_amd64",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d615c925a4157a9cecc786a0456d4e630f06525d63935f504dad6627aeb85d34_s390x",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:5721cf5cede1d1f177048b897b880f35bf6208c79521d8867dfa1c0b5cd6e58d_ppc64le",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:71460099eab18a7308bf716446adad7f89db6801787c48506c90a6da553886be_s390x",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:a58c6da36a5b402d9852a8671af976b94975d48dfe694fa600871f356814b64d_amd64",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:35097e997aa9afb7e4d5809db7ff9b3e4164d0d56265ab89e5005d78340c0471_s390x",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:38eb6a388833aefb0cfcd2a1ffbe597a6b9cbbae67d22aaec4f3cae0e09292ee_amd64",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:ed952b1595da133948cc2f63c26f8294f1ad57dda4fc911b3e68c342f9d05ffc_ppc64le",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:0077e027ccac4e5d7bb75ffa9679f51405a9afa2cad62cbfad60db483c3c457c_s390x",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:178678bb38a68826b7fa57766150661860c91faee6af2e73921bb4483ae36896_amd64",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:b7db9f8c10fa9476c9b2daa0029695c1b5ef5d03c2203ad359fcac2e97892ac9_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:23ee857e916a11369454290e62a705293db4a000f2f206118d1d234ab3cf9236_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:a584ae6a7f9f5facfb84ca068b08c1dab9e68c8ccf0fca7d8f6e492e3eacb039_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:dfa48e044bf23c7da2cc9d18317f1ec14f591a125ef39ddfaefebbe434dcce90_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:3878adbe4177af302b16d5e30626125d6c3a6ddd93cad20b4aee54ea54b69af0_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:c641190d036ca6d270a4a65f181b4e2c584a62fdc374937c71e64d2ff24ed3c0_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:fb0eca71563b4aaeda85e7f7cb4fc87b4ddc772802b246e88f34a91fa57d2e1a_s390x",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:4dcd09c3ce61afc15858db3b6adb2f6931dfb8556a686d1a96c4eebf4bb5f6bb_ppc64le",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:664c3848a01aef9533a77f5cbdf388c78e9dedb8bb364b20346edadb0165de00_s390x",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:7e7cf118995a7eaf37f909dafa40fb031f5a036de31344c51d4e944eb74bcbbc_amd64",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:196a6811343f082a0daa0dbf2a1fd73f80d1da546f8d72073eb37027609ec45a_amd64",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:961cb6073b19f2dc3769b8e5bae1fffbe5ee712b26744e1ff7e250cf16329106_s390x",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:d799111ba9af355c1ba070b591a0fb6f601b6e6e41cef5b5466146f4f8c75fc4_ppc64le",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:2f7a8b09c04abbbc29af8dfd5a8e4f5133fa467c42ed0b7d8b64724b27882b0d_s390x",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:58b11d05aff7b68d1a74c29a828f8cb382c5752a3fcf207b5d1d318057b7a170_amd64",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:768dec74e699d285d338095445229d7aaa3516ca1878dc95d4f57aee9ec3c982_ppc64le",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:587baf931fb97c939ee3c4b90510215c97d7ec790e7387e478a9c506b99b5d4a_amd64",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:bf9d3f2419c27273a4c4f586d88aa0e64c2d11a583e5dc1f1679c8d8b92d892f_s390x",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:c351151b5c7b20b7b425629a1f6390e3da770383ee5558060a53b91721e97426_ppc64le",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:1715902537309e3f1dbbc12bfbb25b440e6db531efcbf33e5b51d991fc979bd4_s390x",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:6485c5b8697b6a7bf4e1d1a7894aa1d776f992e7233ac496f6ac1aa4eeb87892_ppc64le",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:b05d482bc642262bb1b5470fc9a60e74099f22d8b658edfea34a6490a32fd7dc_amd64",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:32a9325a9909b8387fe384e0a43e1be72c9a3989b260fdfc41229bd221134e53_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:abefbfd48f420988ebbdd30e8cba1f6e2d06b1ec4d38a6394d532ab16f966b9d_amd64",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:bccd955215d40f7bb4ab20554aee523476301130a96d612c729fad3cad1a75d7_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-RHOSDS-3:devspaces-tech-preview/idea-rhel9@sha256:7a43d596b13d43bd689f9cfbc29327fb988e0ea15d8790258379943f429998b9_amd64",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:1d8ea018fe82220a2def92de9f6417b5213ff4341e56ab603891e70e208643ad_ppc64le",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:99197f82cc9b3a1fb0cf9f6ec458aac5b3b7a3ebefe58cb4d7ee96ed16e88366_amd64",
"9Base-RHOSDS-3:devspaces-tech-preview/jetbrains-ide-rhel9@sha256:d615c925a4157a9cecc786a0456d4e630f06525d63935f504dad6627aeb85d34_s390x",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:5721cf5cede1d1f177048b897b880f35bf6208c79521d8867dfa1c0b5cd6e58d_ppc64le",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:71460099eab18a7308bf716446adad7f89db6801787c48506c90a6da553886be_s390x",
"9Base-RHOSDS-3:devspaces/code-rhel9@sha256:a58c6da36a5b402d9852a8671af976b94975d48dfe694fa600871f356814b64d_amd64",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:35097e997aa9afb7e4d5809db7ff9b3e4164d0d56265ab89e5005d78340c0471_s390x",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:38eb6a388833aefb0cfcd2a1ffbe597a6b9cbbae67d22aaec4f3cae0e09292ee_amd64",
"9Base-RHOSDS-3:devspaces/configbump-rhel9@sha256:ed952b1595da133948cc2f63c26f8294f1ad57dda4fc911b3e68c342f9d05ffc_ppc64le",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:0077e027ccac4e5d7bb75ffa9679f51405a9afa2cad62cbfad60db483c3c457c_s390x",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:178678bb38a68826b7fa57766150661860c91faee6af2e73921bb4483ae36896_amd64",
"9Base-RHOSDS-3:devspaces/dashboard-rhel9@sha256:b7db9f8c10fa9476c9b2daa0029695c1b5ef5d03c2203ad359fcac2e97892ac9_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:23ee857e916a11369454290e62a705293db4a000f2f206118d1d234ab3cf9236_s390x",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:a584ae6a7f9f5facfb84ca068b08c1dab9e68c8ccf0fca7d8f6e492e3eacb039_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-operator-bundle@sha256:dfa48e044bf23c7da2cc9d18317f1ec14f591a125ef39ddfaefebbe434dcce90_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:3878adbe4177af302b16d5e30626125d6c3a6ddd93cad20b4aee54ea54b69af0_amd64",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:c641190d036ca6d270a4a65f181b4e2c584a62fdc374937c71e64d2ff24ed3c0_ppc64le",
"9Base-RHOSDS-3:devspaces/devspaces-rhel9-operator@sha256:fb0eca71563b4aaeda85e7f7cb4fc87b4ddc772802b246e88f34a91fa57d2e1a_s390x",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:4dcd09c3ce61afc15858db3b6adb2f6931dfb8556a686d1a96c4eebf4bb5f6bb_ppc64le",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:664c3848a01aef9533a77f5cbdf388c78e9dedb8bb364b20346edadb0165de00_s390x",
"9Base-RHOSDS-3:devspaces/imagepuller-rhel9@sha256:7e7cf118995a7eaf37f909dafa40fb031f5a036de31344c51d4e944eb74bcbbc_amd64",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:196a6811343f082a0daa0dbf2a1fd73f80d1da546f8d72073eb37027609ec45a_amd64",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:961cb6073b19f2dc3769b8e5bae1fffbe5ee712b26744e1ff7e250cf16329106_s390x",
"9Base-RHOSDS-3:devspaces/machineexec-rhel9@sha256:d799111ba9af355c1ba070b591a0fb6f601b6e6e41cef5b5466146f4f8c75fc4_ppc64le",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:2f7a8b09c04abbbc29af8dfd5a8e4f5133fa467c42ed0b7d8b64724b27882b0d_s390x",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:58b11d05aff7b68d1a74c29a828f8cb382c5752a3fcf207b5d1d318057b7a170_amd64",
"9Base-RHOSDS-3:devspaces/pluginregistry-rhel9@sha256:768dec74e699d285d338095445229d7aaa3516ca1878dc95d4f57aee9ec3c982_ppc64le",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:587baf931fb97c939ee3c4b90510215c97d7ec790e7387e478a9c506b99b5d4a_amd64",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:bf9d3f2419c27273a4c4f586d88aa0e64c2d11a583e5dc1f1679c8d8b92d892f_s390x",
"9Base-RHOSDS-3:devspaces/server-rhel9@sha256:c351151b5c7b20b7b425629a1f6390e3da770383ee5558060a53b91721e97426_ppc64le",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:1715902537309e3f1dbbc12bfbb25b440e6db531efcbf33e5b51d991fc979bd4_s390x",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:6485c5b8697b6a7bf4e1d1a7894aa1d776f992e7233ac496f6ac1aa4eeb87892_ppc64le",
"9Base-RHOSDS-3:devspaces/traefik-rhel9@sha256:b05d482bc642262bb1b5470fc9a60e74099f22d8b658edfea34a6490a32fd7dc_amd64",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:32a9325a9909b8387fe384e0a43e1be72c9a3989b260fdfc41229bd221134e53_s390x",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:abefbfd48f420988ebbdd30e8cba1f6e2d06b1ec4d38a6394d532ab16f966b9d_amd64",
"9Base-RHOSDS-3:devspaces/udi-rhel9@sha256:bccd955215d40f7bb4ab20554aee523476301130a96d612c729fad3cad1a75d7_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "katex: \\htmlData does not validate attribute names in KaTeX"
}
]
}
BDU:2025-00769
Vulnerability from fstec - Published: 17.01.2025
VLAI Severity ?
Title
Уязвимость функции renderToString() JavaScript-библиотеки для рендеринга математических выражений KaTeX, позволяющая нарушителю выполнить произвольный код
Description
Уязвимость функции renderToString() JavaScript-библиотеки для рендеринга математических выражений KaTeX связана с неправильным кодированием или экранированием выходных данных при обработке параметра \htmlData. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, выполнить произвольный код
Severity ?
Vendor
Сообщество свободного программного обеспечения
Software Name
KaTeX
Software Version
от 0.12.0 до 0.16.20 включительно (KaTeX)
Possible Mitigations
Использования рекомендаций:
https://github.com/KaTeX/KaTeX/commit/ff289955e81aab89086eef09254cbf88573d415c
https://github.com/KaTeX/KaTeX/releases/tag/v0.16.21
Reference
https://github.com/KaTeX/KaTeX/security/advisories/GHSA-cg87-wmx4-v546
https://github.com/KaTeX/KaTeX/commit/ff289955e81aab89086eef09254cbf88573d415c
CWE
CWE-116
{
"CVSS 2.0": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"CVSS 3.0": "AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u043e\u0442 0.12.0 \u0434\u043e 0.16.20 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (KaTeX)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://github.com/KaTeX/KaTeX/commit/ff289955e81aab89086eef09254cbf88573d415c\nhttps://github.com/KaTeX/KaTeX/releases/tag/v0.16.21",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "17.01.2025",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "13.08.2025",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "28.01.2025",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2025-00769",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2025-23207",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "KaTeX",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": null,
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 renderToString() JavaScript-\u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 \u0434\u043b\u044f \u0440\u0435\u043d\u0434\u0435\u0440\u0438\u043d\u0433\u0430 \u043c\u0430\u0442\u0435\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0432\u044b\u0440\u0430\u0436\u0435\u043d\u0438\u0439 KaTeX, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e\u0435 \u043a\u043e\u0434\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0438\u043b\u0438 \u0441\u043e\u043a\u0440\u044b\u0442\u0438\u0435 \u0432\u044b\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 (CWE-116)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 renderToString() JavaScript-\u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 \u0434\u043b\u044f \u0440\u0435\u043d\u0434\u0435\u0440\u0438\u043d\u0433\u0430 \u043c\u0430\u0442\u0435\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0432\u044b\u0440\u0430\u0436\u0435\u043d\u0438\u0439 KaTeX \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u044b\u043c \u043a\u043e\u0434\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0438\u043b\u0438 \u044d\u043a\u0440\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0432\u044b\u0445\u043e\u0434\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u043f\u0440\u0438 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0435 \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u0430 \\htmlData. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u0445",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://github.com/KaTeX/KaTeX/security/advisories/GHSA-cg87-wmx4-v546\nhttps://github.com/KaTeX/KaTeX/commit/ff289955e81aab89086eef09254cbf88573d415c",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-116",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6,5)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6,3)"
}
WID-SEC-W-2025-0557
Vulnerability from csaf_certbund - Published: 2025-03-13 23:00 - Updated: 2025-03-13 23:00Summary
Red Hat OpenShift Dev Spaces: Schwachstelle ermöglicht Codeausführung
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Red Hat OpenShift ist eine "Platform as a Service" (PaaS) Lösung zur Bereitstellung von Applikationen in der Cloud.
Angriff: Ein entfernter, authentisierter Angreifer kann eine Schwachstelle in Red Hat OpenShift Dev Spaces ausnutzen, um beliebigen Programmcode auszuführen.
Betroffene Betriebssysteme: - Linux
- Sonstiges
- UNIX
References
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Red Hat OpenShift ist eine \"Platform as a Service\" (PaaS) L\u00f6sung zur Bereitstellung von Applikationen in der Cloud.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, authentisierter Angreifer kann eine Schwachstelle in Red Hat OpenShift Dev Spaces ausnutzen, um beliebigen Programmcode auszuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Sonstiges\n- UNIX",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-0557 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0557.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-0557 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0557"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:2753 vom 2025-03-13",
"url": "https://access.redhat.com/errata/RHSA-2025:2753"
},
{
"category": "external",
"summary": "Red Hat: CVE-2025-23207",
"url": "https://access.redhat.com/security/cve/cve-2025-23207#cve-cvss-v3"
}
],
"source_lang": "en-US",
"title": "Red Hat OpenShift Dev Spaces: Schwachstelle erm\u00f6glicht Codeausf\u00fchrung",
"tracking": {
"current_release_date": "2025-03-13T23:00:00.000+00:00",
"generator": {
"date": "2025-03-14T09:14:19.178+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.12"
}
},
"id": "WID-SEC-W-2025-0557",
"initial_release_date": "2025-03-13T23:00:00.000+00:00",
"revision_history": [
{
"date": "2025-03-13T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "Dev Spaces \u003c3.19",
"product": {
"name": "Red Hat OpenShift Dev Spaces \u003c3.19",
"product_id": "T041896"
}
},
{
"category": "product_version",
"name": "Dev Spaces 3.19",
"product": {
"name": "Red Hat OpenShift Dev Spaces 3.19",
"product_id": "T041896-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:dev_spaces__3.19"
}
}
}
],
"category": "product_name",
"name": "OpenShift"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-23207",
"product_status": {
"known_affected": [
"T041896"
]
},
"release_date": "2025-03-13T23:00:00.000+00:00",
"title": "CVE-2025-23207"
}
]
}
FKIE_CVE-2025-23207
Vulnerability from fkie_nvd - Published: 2025-01-17 22:15 - Updated: 2025-09-08 21:17
Severity ?
6.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
7.2 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
Summary
KaTeX is a fast, easy-to-use JavaScript library for TeX math rendering on the web. KaTeX users who render untrusted mathematical expressions with `renderToString` could encounter malicious input using `\htmlData` that runs arbitrary JavaScript, or generate invalid HTML. Users are advised to upgrade to KaTeX v0.16.21 to remove this vulnerability. Users unable to upgrade should avoid use of or turn off the `trust` option, or set it to forbid `\htmlData` commands, forbid inputs containing the substring `"\\htmlData"` and sanitize HTML output from KaTeX.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:katex:katex:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A3E88F5B-F0D8-4833-9C57-8198C9562AEC",
"versionEndExcluding": "0.16.21",
"versionStartIncluding": "0.12.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "KaTeX is a fast, easy-to-use JavaScript library for TeX math rendering on the web. KaTeX users who render untrusted mathematical expressions with `renderToString` could encounter malicious input using `\\htmlData` that runs arbitrary JavaScript, or generate invalid HTML. Users are advised to upgrade to KaTeX v0.16.21 to remove this vulnerability. Users unable to upgrade should avoid use of or turn off the `trust` option, or set it to forbid `\\htmlData` commands, forbid inputs containing the substring `\"\\\\htmlData\"` and sanitize HTML output from KaTeX."
},
{
"lang": "es",
"value": "KaTeX es una Librer\u00eda de JavaScript r\u00e1pida y f\u00e1cil de usar para la representaci\u00f3n matem\u00e1tica de TeX en la web. Los usuarios de KaTeX que representen expresiones matem\u00e1ticas no confiables con `renderToString` podr\u00edan encontrarse con entradas maliciosas utilizando `\\htmlData` que ejecutan JavaScript arbitrario o generan HTML no v\u00e1lido. Se recomienda a los usuarios que actualicen a KaTeX v0.16.21 para eliminar esta vulnerabilidad. Los usuarios que no puedan actualizar deben evitar el uso de la opci\u00f3n `trust` o desactivarla, o configurarla para prohibir los comandos `\\htmlData`, prohibir las entradas que contengan la subcadena `\"\\\\htmlData\"` y la salida HTML Desinfectar de KaTeX."
}
],
"id": "CVE-2025-23207",
"lastModified": "2025-09-08T21:17:11.243",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4,
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-01-17T22:15:29.523",
"references": [
{
"source": "security-advisories@github.com",
"tags": [
"Patch"
],
"url": "https://github.com/KaTeX/KaTeX/commit/ff289955e81aab89086eef09254cbf88573d415c"
},
{
"source": "security-advisories@github.com",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/KaTeX/KaTeX/security/advisories/GHSA-cg87-wmx4-v546"
}
],
"sourceIdentifier": "security-advisories@github.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-116"
}
],
"source": "security-advisories@github.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-CG87-WMX4-V546
Vulnerability from github – Published: 2025-01-17 21:22 – Updated: 2025-01-21 18:31
VLAI?
Summary
KaTeX \htmlData does not validate attribute names
Details
Impact
KaTeX users who render untrusted mathematical expressions with renderToString could encounter malicious input using \htmlData that runs arbitrary JavaScript, or generate invalid HTML.
Patches
Upgrade to KaTeX v0.16.21 to remove this vulnerability.
Workarounds
- Avoid use of or turn off the
trustoption, or set it to forbid\htmlDatacommands. - Forbid inputs containing the substring
"\\htmlData". - Sanitize HTML output from KaTeX.
Details
\htmlData did not validate its attribute name argument, allowing it to generate invalid or malicious HTML that runs scripts.
For more information
If you have any questions or comments about this advisory:
- Open an issue or security advisory in the KaTeX repository
- Email us at katex-security@mit.edu
Severity ?
6.3 (Medium)
{
"affected": [
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 0.16.20"
},
"package": {
"ecosystem": "npm",
"name": "katex"
},
"ranges": [
{
"events": [
{
"introduced": "0.12.0"
},
{
"fixed": "0.16.21"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2025-23207"
],
"database_specific": {
"cwe_ids": [
"CWE-116",
"CWE-79"
],
"github_reviewed": true,
"github_reviewed_at": "2025-01-17T21:22:56Z",
"nvd_published_at": "2025-01-17T22:15:29Z",
"severity": "MODERATE"
},
"details": "### Impact\nKaTeX users who render untrusted mathematical expressions with `renderToString` could encounter malicious input using `\\htmlData` that runs arbitrary JavaScript, or generate invalid HTML.\n\n### Patches\nUpgrade to KaTeX v0.16.21 to remove this vulnerability.\n\n### Workarounds\n- Avoid use of or turn off the `trust` option, or set it to forbid `\\htmlData` commands.\n- Forbid inputs containing the substring `\"\\\\htmlData\"`.\n- Sanitize HTML output from KaTeX.\n\n### Details\n`\\htmlData` did not validate its attribute name argument, allowing it to generate invalid or malicious HTML that runs scripts.\n\n### For more information\nIf you have any questions or comments about this advisory:\n\n- Open an issue or security advisory in the [KaTeX repository](https://github.com/KaTeX/KaTeX/)\n- Email us at [katex-security@mit.edu](mailto:katex-security@mit.edu)",
"id": "GHSA-cg87-wmx4-v546",
"modified": "2025-01-21T18:31:02Z",
"published": "2025-01-17T21:22:56Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/KaTeX/KaTeX/security/advisories/GHSA-cg87-wmx4-v546"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-23207"
},
{
"type": "WEB",
"url": "https://github.com/KaTeX/KaTeX/commit/ff289955e81aab89086eef09254cbf88573d415c"
},
{
"type": "PACKAGE",
"url": "https://github.com/KaTeX/KaTeX"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"type": "CVSS_V3"
}
],
"summary": "KaTeX \\htmlData does not validate attribute names"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…