Action not permitted
Modal body text goes here.
Modal Title
Modal Body
BDU:2024-02687
Vulnerability from fstec - Published: 03.03.2024
VLAI Severity ?
Title
Уязвимость пакетного менеджера для Kubernetes Helm, связанная с отсутствием защиты служебных данных, позволяющая нарушителю оказать влияние на конфиденциальность информации
Description
Уязвимость пакетного менеджера для Kubernetes Helm связана с отсутствием защиты служебных данных. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, оказать влияние на конфиденциальность информации
Severity ?
Vendor
Novell Inc., The Linux Foundation, Red Hat Inc.
Software Name
SUSE Linux Enterprise High Performance Computing, Suse Linux Enterprise Server, SUSE Linux Enterprise Server for SAP Applications, SUSE Manager Proxy, SUSE Manager Server, SUSE Manager Retail Branch Server, SUSE Enterprise Storage, SUSE Linux Enterprise Module for Package Hub, SUSE Linux Enterprise Module for Containers, Helm, Red Hat Advanced Cluster Security
Software Version
15 SP3 (SUSE Linux Enterprise High Performance Computing), 15 SP3 (Suse Linux Enterprise Server), 15 SP3 (SUSE Linux Enterprise Server for SAP Applications), 4.2 (SUSE Manager Proxy), 4.2 (SUSE Manager Server), 15 SP4 (Suse Linux Enterprise Server), 15 SP4 (SUSE Linux Enterprise Server for SAP Applications), 4.2 (SUSE Manager Retail Branch Server), 4.3 (SUSE Manager Retail Branch Server), 4.3 (SUSE Manager Proxy), 4.3 (SUSE Manager Server), 15 SP4 (SUSE Linux Enterprise High Performance Computing), 7.1 (SUSE Enterprise Storage), 15 SP3-LTSS (Suse Linux Enterprise Server), 15 SP3-ESPOS (SUSE Linux Enterprise High Performance Computing), 15 SP3-LTSS (SUSE Linux Enterprise High Performance Computing), 15 SP3-BCL (Suse Linux Enterprise Server), 15 SP4 (SUSE Linux Enterprise Module for Package Hub), 15 SP3 (SUSE Linux Enterprise Module for Package Hub), 15 SP5 (SUSE Linux Enterprise Server for SAP Applications), 15 SP5 (Suse Linux Enterprise Server), 15 SP4 (SUSE Linux Enterprise Module for Containers), 15 SP5 (SUSE Linux Enterprise High Performance Computing), 15 SP5 (SUSE Linux Enterprise Module for Package Hub), 15 SP4-ESPOS (SUSE Linux Enterprise High Performance Computing), 15 SP4-LTSS (SUSE Linux Enterprise High Performance Computing), 15 SP4-LTSS (Suse Linux Enterprise Server), до 3.13.3 (Helm), 15 SP5 (SUSE Linux Enterprise Module for Containers), 15 SP3 (SUSE Linux Enterprise Module for Containers), 4.3 (Red Hat Advanced Cluster Security), 4.4 (Red Hat Advanced Cluster Security)
Possible Mitigations
Компенсирующие меры:
- не использовать флаг --dry-run с helm installи helm upgrade.
Использование рекомендаций:
Для Helm:
https://github.com/helm/helm/issues/7275
Для программных продуктов Novell Inc.:
https://www.suse.com/security/cve/CVE-2019-25210.html
Для программных продуктов Red Hat Inc.:
https://access.redhat.com/security/cve/CVE-2019-25210
Reference
https://www.suse.com/pt-br/security/cve/CVE-2019-25210.html
https://access.redhat.com/security/cve/CVE-2019-25210
https://helm.sh/blog/response-cve-2019-25210/
https://github.com/helm/helm/issues/7275
CWE
CWE-200
{
"CVSS 2.0": "AV:N/AC:L/Au:S/C:C/I:N/A:N",
"CVSS 3.0": "AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Novell Inc., The Linux Foundation, Red Hat Inc.",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "15 SP3 (SUSE Linux Enterprise High Performance Computing), 15 SP3 (Suse Linux Enterprise Server), 15 SP3 (SUSE Linux Enterprise Server for SAP Applications), 4.2 (SUSE Manager Proxy), 4.2 (SUSE Manager Server), 15 SP4 (Suse Linux Enterprise Server), 15 SP4 (SUSE Linux Enterprise Server for SAP Applications), 4.2 (SUSE Manager Retail Branch Server), 4.3 (SUSE Manager Retail Branch Server), 4.3 (SUSE Manager Proxy), 4.3 (SUSE Manager Server), 15 SP4 (SUSE Linux Enterprise High Performance Computing), 7.1 (SUSE Enterprise Storage), 15 SP3-LTSS (Suse Linux Enterprise Server), 15 SP3-ESPOS (SUSE Linux Enterprise High Performance Computing), 15 SP3-LTSS (SUSE Linux Enterprise High Performance Computing), 15 SP3-BCL (Suse Linux Enterprise Server), 15 SP4 (SUSE Linux Enterprise Module for Package Hub), 15 SP3 (SUSE Linux Enterprise Module for Package Hub), 15 SP5 (SUSE Linux Enterprise Server for SAP Applications), 15 SP5 (Suse Linux Enterprise Server), 15 SP4 (SUSE Linux Enterprise Module for Containers), 15 SP5 (SUSE Linux Enterprise High Performance Computing), 15 SP5 (SUSE Linux Enterprise Module for Package Hub), 15 SP4-ESPOS (SUSE Linux Enterprise High Performance Computing), 15 SP4-LTSS (SUSE Linux Enterprise High Performance Computing), 15 SP4-LTSS (Suse Linux Enterprise Server), \u0434\u043e 3.13.3 (Helm), 15 SP5 (SUSE Linux Enterprise Module for Containers), 15 SP3 (SUSE Linux Enterprise Module for Containers), 4.3 (Red Hat Advanced Cluster Security), 4.4 (Red Hat Advanced Cluster Security)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u041a\u043e\u043c\u043f\u0435\u043d\u0441\u0438\u0440\u0443\u044e\u0449\u0438\u0435 \u043c\u0435\u0440\u044b:\n- \u043d\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0444\u043b\u0430\u0433 --dry-run \u0441 helm install\u0438 helm upgrade.\n\n\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\n\u0414\u043b\u044f Helm:\nhttps://github.com/helm/helm/issues/7275\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Novell Inc.:\nhttps://www.suse.com/security/cve/CVE-2019-25210.html\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Red Hat Inc.:\nhttps://access.redhat.com/security/cve/CVE-2019-25210",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "03.03.2024",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "06.04.2024",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "06.04.2024",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2024-02687",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2019-25210, RHSA-2024:1549",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "SUSE Linux Enterprise High Performance Computing, Suse Linux Enterprise Server, SUSE Linux Enterprise Server for SAP Applications, SUSE Manager Proxy, SUSE Manager Server, SUSE Manager Retail Branch Server, SUSE Enterprise Storage, SUSE Linux Enterprise Module for Package Hub, SUSE Linux Enterprise Module for Containers, Helm, Red Hat Advanced Cluster Security",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "Novell Inc. Suse Linux Enterprise Server 15 SP3 , Novell Inc. SUSE Linux Enterprise Server for SAP Applications 15 SP3 , Novell Inc. Suse Linux Enterprise Server 15 SP4 , Novell Inc. SUSE Linux Enterprise Server for SAP Applications 15 SP4 , Novell Inc. Suse Linux Enterprise Server 15 SP3-LTSS , Novell Inc. Suse Linux Enterprise Server 15 SP3-BCL , Novell Inc. SUSE Linux Enterprise Server for SAP Applications 15 SP5 , Novell Inc. Suse Linux Enterprise Server 15 SP5 , Novell Inc. Suse Linux Enterprise Server 15 SP4-LTSS ",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0430\u043a\u0435\u0442\u043d\u043e\u0433\u043e \u043c\u0435\u043d\u0435\u0434\u0436\u0435\u0440\u0430 \u0434\u043b\u044f Kubernetes Helm, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435\u043c \u0437\u0430\u0449\u0438\u0442\u044b \u0441\u043b\u0443\u0436\u0435\u0431\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043e\u043a\u0430\u0437\u0430\u0442\u044c \u0432\u043b\u0438\u044f\u043d\u0438\u0435 \u043d\u0430 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u044c \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0420\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 (CWE-200)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0430\u043a\u0435\u0442\u043d\u043e\u0433\u043e \u043c\u0435\u043d\u0435\u0434\u0436\u0435\u0440\u0430 \u0434\u043b\u044f Kubernetes Helm \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435\u043c \u0437\u0430\u0449\u0438\u0442\u044b \u0441\u043b\u0443\u0436\u0435\u0431\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e, \u043e\u043a\u0430\u0437\u0430\u0442\u044c \u0432\u043b\u0438\u044f\u043d\u0438\u0435 \u043d\u0430 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u044c \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0435 \u043c\u0435\u0440\u044b",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0441\u0431\u043e\u0440 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://www.suse.com/pt-br/security/cve/CVE-2019-25210.html\nhttps://access.redhat.com/security/cve/CVE-2019-25210\nhttps://helm.sh/blog/response-cve-2019-25210/\nhttps://github.com/helm/helm/issues/7275",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c, \u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u0421\u0435\u0442\u0435\u0432\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e, \u0421\u0435\u0442\u0435\u0432\u043e\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-200",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6,8)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6,5)"
}
RHSA-2024:1549
Vulnerability from csaf_redhat - Published: 2024-03-27 18:47 - Updated: 2026-04-01 19:03Summary
Red Hat Security Advisory: ACS 4.3 enhancement and security update
Severity
Critical
Notes
Topic: Updated images are now available for Red Hat Advanced Cluster Security. The
updated image includes bug and security fixes.
Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: This release of RHACS 4.3.6 provides the following bug fix:
* Fixed an issue where an incorrectly configured Jira notifier causes the Central component of RHACS to enter a crash loop
It provides the following security fixes:
* go-git: Maliciously crafted Git server replies can lead to path traversal and RCE on go-git clients (CVE-2023-49569)
* helm: Missing YAML content leads to panic (CVE-2024-26147)
* helm: Shows secrets with --dry-run option in clear text (CVE-2019-25210)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A vulnerability was found in Helm that may lead to sensitive information disclosure. When the --dry-run flag is used in Helm 3, it displays values of secrets. Helm 2 just displays the fact that a secret has been created.
6.5 (Medium)
Vendor Fix
If you are using an earlier version of RHACS 4.3, you are advised to upgrade to patch release 4.3.6.
https://access.redhat.com/errata/RHSA-2024:1549
A path traversal vulnerability was discovered in the go library go-git. This issue may allow an attacker to create and amend files across the filesystem when applications are using the default ChrootOS, potentially allowing remote code execution.
8.1 (High)
Vendor Fix
If you are using an earlier version of RHACS 4.3, you are advised to upgrade to patch release 4.3.6.
https://access.redhat.com/errata/RHSA-2024:1549
Workaround
In cases where a bump to the latest version of go-git is not possible, a recommendation to reduce the exposure of this threat is limiting its use to only trust-worthy Git servers.
A vulnerability was found in Helm. This flaw may lead to a panic when Helm parses index and plugin yaml files missing expected content, leading to a denial of service.
7.5 (High)
Vendor Fix
If you are using an earlier version of RHACS 4.3, you are advised to upgrade to patch release 4.3.6.
https://access.redhat.com/errata/RHSA-2024:1549
Workaround
If a malicious plugin has been added which is causing all Helm client commands to panic, the malicious plugin can be manually removed from the filesystem.
If using Helm SDK versions prior to 3.14.2, calls to affected functions can use recover to catch the panic.
References
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Critical"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated images are now available for Red Hat Advanced Cluster Security. The\nupdated image includes bug and security fixes.\n\nRed Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "This release of RHACS 4.3.6 provides the following bug fix:\n\n* Fixed an issue where an incorrectly configured Jira notifier causes the Central component of RHACS to enter a crash loop\n\nIt provides the following security fixes:\n\n* go-git: Maliciously crafted Git server replies can lead to path traversal and RCE on go-git clients (CVE-2023-49569)\n* helm: Missing YAML content leads to panic (CVE-2024-26147)\n* helm: Shows secrets with --dry-run option in clear text (CVE-2019-25210)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:1549",
"url": "https://access.redhat.com/errata/RHSA-2024:1549"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#critical",
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"category": "external",
"summary": "2258143",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258143"
},
{
"category": "external",
"summary": "2265440",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265440"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_1549.json"
}
],
"title": "Red Hat Security Advisory: ACS 4.3 enhancement and security update",
"tracking": {
"current_release_date": "2026-04-01T19:03:57+00:00",
"generator": {
"date": "2026-04-01T19:03:57+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.4"
}
},
"id": "RHSA-2024:1549",
"initial_release_date": "2024-03-27T18:47:27+00:00",
"revision_history": [
{
"date": "2024-03-27T18:47:27+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-03-27T18:47:27+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-01T19:03:57+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHACS 4.3 for RHEL 8",
"product": {
"name": "RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:advanced_cluster_security:4.3::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Advanced Cluster Security for Kubernetes"
},
{
"branches": [
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ef866fef476c2c3ba1288feb26efc396ccc59bf85825cffd9ce28e541115d4b_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ef866fef476c2c3ba1288feb26efc396ccc59bf85825cffd9ce28e541115d4b_ppc64le",
"product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ef866fef476c2c3ba1288feb26efc396ccc59bf85825cffd9ce28e541115d4b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256:9ef866fef476c2c3ba1288feb26efc396ccc59bf85825cffd9ce28e541115d4b?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=4.3.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:d83a8ed415a0af5f5e1b92bd7eba83c94418f068c87aee3a2a6c0aa2f70cdb1c_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:d83a8ed415a0af5f5e1b92bd7eba83c94418f068c87aee3a2a6c0aa2f70cdb1c_ppc64le",
"product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:d83a8ed415a0af5f5e1b92bd7eba83c94418f068c87aee3a2a6c0aa2f70cdb1c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256:d83a8ed415a0af5f5e1b92bd7eba83c94418f068c87aee3a2a6c0aa2f70cdb1c?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=4.3.6-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:6a9d0b641d5c5583a1d0a8bc2ab6cf70210d09506640e0f3910214b0abeed016_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:6a9d0b641d5c5583a1d0a8bc2ab6cf70210d09506640e0f3910214b0abeed016_ppc64le",
"product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:6a9d0b641d5c5583a1d0a8bc2ab6cf70210d09506640e0f3910214b0abeed016_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:6a9d0b641d5c5583a1d0a8bc2ab6cf70210d09506640e0f3910214b0abeed016?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=4.3.6-1"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:6cd8653ccb833a2175c5fb691ca1718a66b9885304cc15bbf14db789e17baffd_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:6cd8653ccb833a2175c5fb691ca1718a66b9885304cc15bbf14db789e17baffd_ppc64le",
"product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:6cd8653ccb833a2175c5fb691ca1718a66b9885304cc15bbf14db789e17baffd_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256:6cd8653ccb833a2175c5fb691ca1718a66b9885304cc15bbf14db789e17baffd?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=4.3.6-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:59317dcd8a520e3840ac191c634ec808339e7ac2779652530bbe35d5206a19d3_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:59317dcd8a520e3840ac191c634ec808339e7ac2779652530bbe35d5206a19d3_ppc64le",
"product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:59317dcd8a520e3840ac191c634ec808339e7ac2779652530bbe35d5206a19d3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256:59317dcd8a520e3840ac191c634ec808339e7ac2779652530bbe35d5206a19d3?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=4.3.6-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:cec628e76d2b083fe3bdd0633fbe9512f93879bac8415a737c5b724daf6aecdc_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:cec628e76d2b083fe3bdd0633fbe9512f93879bac8415a737c5b724daf6aecdc_ppc64le",
"product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:cec628e76d2b083fe3bdd0633fbe9512f93879bac8415a737c5b724daf6aecdc_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256:cec628e76d2b083fe3bdd0633fbe9512f93879bac8415a737c5b724daf6aecdc?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=4.3.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:06fd6c23e567a898abe781090c28d4fb21c659ecfbc3ab7be67239295979ab62_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:06fd6c23e567a898abe781090c28d4fb21c659ecfbc3ab7be67239295979ab62_ppc64le",
"product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:06fd6c23e567a898abe781090c28d4fb21c659ecfbc3ab7be67239295979ab62_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:06fd6c23e567a898abe781090c28d4fb21c659ecfbc3ab7be67239295979ab62?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=4.3.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:9e0be36291581bd67c9e0ed2f1c204cfff143b8f37bb2d83a7e2e64901f174bd_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:9e0be36291581bd67c9e0ed2f1c204cfff143b8f37bb2d83a7e2e64901f174bd_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:9e0be36291581bd67c9e0ed2f1c204cfff143b8f37bb2d83a7e2e64901f174bd_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256:9e0be36291581bd67c9e0ed2f1c204cfff143b8f37bb2d83a7e2e64901f174bd?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=4.3.6-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:6f9bcb1ef6528a8fb81d8d1dfa82afbcc736a7e3d92750bf3d26aaf3fa8d7305_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:6f9bcb1ef6528a8fb81d8d1dfa82afbcc736a7e3d92750bf3d26aaf3fa8d7305_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:6f9bcb1ef6528a8fb81d8d1dfa82afbcc736a7e3d92750bf3d26aaf3fa8d7305_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:6f9bcb1ef6528a8fb81d8d1dfa82afbcc736a7e3d92750bf3d26aaf3fa8d7305?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=4.3.6-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:01dbb08c96001b53359e40ca056250cf3a2a601885f85164a8471960284332e2_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:01dbb08c96001b53359e40ca056250cf3a2a601885f85164a8471960284332e2_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:01dbb08c96001b53359e40ca056250cf3a2a601885f85164a8471960284332e2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:01dbb08c96001b53359e40ca056250cf3a2a601885f85164a8471960284332e2?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=4.3.6-1"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:26e9cc34a94311d166886604f9ad021b70cfc10b1b6033b0146d4a8c41fc0053_ppc64le",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:26e9cc34a94311d166886604f9ad021b70cfc10b1b6033b0146d4a8c41fc0053_ppc64le",
"product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:26e9cc34a94311d166886604f9ad021b70cfc10b1b6033b0146d4a8c41fc0053_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:26e9cc34a94311d166886604f9ad021b70cfc10b1b6033b0146d4a8c41fc0053?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=4.3.6-3"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:91cdf66dc5d25146583cf884a3ccebe2103f1a3796033b821079b132ee1a4079_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:91cdf66dc5d25146583cf884a3ccebe2103f1a3796033b821079b132ee1a4079_amd64",
"product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:91cdf66dc5d25146583cf884a3ccebe2103f1a3796033b821079b132ee1a4079_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256:91cdf66dc5d25146583cf884a3ccebe2103f1a3796033b821079b132ee1a4079?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=4.3.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:a6748d3781ec5cef04928646aed6eeb6d13f9552cb0978bc513968de03d04693_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:a6748d3781ec5cef04928646aed6eeb6d13f9552cb0978bc513968de03d04693_amd64",
"product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:a6748d3781ec5cef04928646aed6eeb6d13f9552cb0978bc513968de03d04693_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256:a6748d3781ec5cef04928646aed6eeb6d13f9552cb0978bc513968de03d04693?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=4.3.6-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:4b2bbb4058d59241281a66bfb93f7828991c5947cc82b63812e67a2c17533824_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:4b2bbb4058d59241281a66bfb93f7828991c5947cc82b63812e67a2c17533824_amd64",
"product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:4b2bbb4058d59241281a66bfb93f7828991c5947cc82b63812e67a2c17533824_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:4b2bbb4058d59241281a66bfb93f7828991c5947cc82b63812e67a2c17533824?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=4.3.6-1"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:10eeb829065e404a5232a9a4d33f238556958e03b827d3c88dbb7a859d20a3d6_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:10eeb829065e404a5232a9a4d33f238556958e03b827d3c88dbb7a859d20a3d6_amd64",
"product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:10eeb829065e404a5232a9a4d33f238556958e03b827d3c88dbb7a859d20a3d6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256:10eeb829065e404a5232a9a4d33f238556958e03b827d3c88dbb7a859d20a3d6?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=4.3.6-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:355567de35493ef1122e8a60385828c98ba62272aaf60d4ab6336466418ec6c9_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:355567de35493ef1122e8a60385828c98ba62272aaf60d4ab6336466418ec6c9_amd64",
"product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:355567de35493ef1122e8a60385828c98ba62272aaf60d4ab6336466418ec6c9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256:355567de35493ef1122e8a60385828c98ba62272aaf60d4ab6336466418ec6c9?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=4.3.6-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:4068b92d696b38aaf9a5e02d7286caf3d0b850b445c83f604693e71bd8b99fc1_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:4068b92d696b38aaf9a5e02d7286caf3d0b850b445c83f604693e71bd8b99fc1_amd64",
"product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:4068b92d696b38aaf9a5e02d7286caf3d0b850b445c83f604693e71bd8b99fc1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256:4068b92d696b38aaf9a5e02d7286caf3d0b850b445c83f604693e71bd8b99fc1?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=4.3.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7e4a97c0ad170ecffcf78809580bff38158feca5967f53272848e758aed80577_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7e4a97c0ad170ecffcf78809580bff38158feca5967f53272848e758aed80577_amd64",
"product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7e4a97c0ad170ecffcf78809580bff38158feca5967f53272848e758aed80577_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:7e4a97c0ad170ecffcf78809580bff38158feca5967f53272848e758aed80577?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=4.3.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:5b6b617e4a2af756b1e41ba198f6d89b89b38bb00fc7836ab7ac7bda16628edf_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:5b6b617e4a2af756b1e41ba198f6d89b89b38bb00fc7836ab7ac7bda16628edf_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:5b6b617e4a2af756b1e41ba198f6d89b89b38bb00fc7836ab7ac7bda16628edf_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256:5b6b617e4a2af756b1e41ba198f6d89b89b38bb00fc7836ab7ac7bda16628edf?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=4.3.6-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3dba7e060bd7940b58e64ddf9d5fcfa8295161bbd9ae685f75b4a98a652f0060_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3dba7e060bd7940b58e64ddf9d5fcfa8295161bbd9ae685f75b4a98a652f0060_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3dba7e060bd7940b58e64ddf9d5fcfa8295161bbd9ae685f75b4a98a652f0060_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:3dba7e060bd7940b58e64ddf9d5fcfa8295161bbd9ae685f75b4a98a652f0060?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=4.3.6-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:08ff0cc9c396ab7764d79c1749cbaadd09cf9f2d947f8559d9a122a54c9e7cb8_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:08ff0cc9c396ab7764d79c1749cbaadd09cf9f2d947f8559d9a122a54c9e7cb8_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:08ff0cc9c396ab7764d79c1749cbaadd09cf9f2d947f8559d9a122a54c9e7cb8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:08ff0cc9c396ab7764d79c1749cbaadd09cf9f2d947f8559d9a122a54c9e7cb8?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=4.3.6-1"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8d99d2b7f487b201f8b22b4cd208bd8708bd4024a8b71cda0a857352d8fa9519_amd64",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8d99d2b7f487b201f8b22b4cd208bd8708bd4024a8b71cda0a857352d8fa9519_amd64",
"product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8d99d2b7f487b201f8b22b4cd208bd8708bd4024a8b71cda0a857352d8fa9519_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:8d99d2b7f487b201f8b22b4cd208bd8708bd4024a8b71cda0a857352d8fa9519?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=4.3.6-3"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:736e3e62434ec2a5839d49b343543eaa7ccb20711e6165e0bb158c82e74b2cbc_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:736e3e62434ec2a5839d49b343543eaa7ccb20711e6165e0bb158c82e74b2cbc_s390x",
"product_id": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:736e3e62434ec2a5839d49b343543eaa7ccb20711e6165e0bb158c82e74b2cbc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256:736e3e62434ec2a5839d49b343543eaa7ccb20711e6165e0bb158c82e74b2cbc?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8\u0026tag=4.3.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:686ad91f440de57326855aa496f83deb40cbaf2095eec1a20eb1c8024a1f3879_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:686ad91f440de57326855aa496f83deb40cbaf2095eec1a20eb1c8024a1f3879_s390x",
"product_id": "advanced-cluster-security/rhacs-collector-rhel8@sha256:686ad91f440de57326855aa496f83deb40cbaf2095eec1a20eb1c8024a1f3879_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256:686ad91f440de57326855aa496f83deb40cbaf2095eec1a20eb1c8024a1f3879?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8\u0026tag=4.3.6-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:12e2005d9402116dd740f2c0bece212fc17a319862d84780d9d491cdc563e83c_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:12e2005d9402116dd740f2c0bece212fc17a319862d84780d9d491cdc563e83c_s390x",
"product_id": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:12e2005d9402116dd740f2c0bece212fc17a319862d84780d9d491cdc563e83c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-slim-rhel8@sha256:12e2005d9402116dd740f2c0bece212fc17a319862d84780d9d491cdc563e83c?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-collector-slim-rhel8\u0026tag=4.3.6-1"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:90818fa0d83c71c7312964b559ba57637f6684d3956280e616608a3384a18df9_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:90818fa0d83c71c7312964b559ba57637f6684d3956280e616608a3384a18df9_s390x",
"product_id": "advanced-cluster-security/rhacs-main-rhel8@sha256:90818fa0d83c71c7312964b559ba57637f6684d3956280e616608a3384a18df9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256:90818fa0d83c71c7312964b559ba57637f6684d3956280e616608a3384a18df9?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8\u0026tag=4.3.6-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:3fcd7214658eefa2ee8df68fa84468b88c6f967c2685de7b1dcf51ead3bd3384_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:3fcd7214658eefa2ee8df68fa84468b88c6f967c2685de7b1dcf51ead3bd3384_s390x",
"product_id": "advanced-cluster-security/rhacs-operator-bundle@sha256:3fcd7214658eefa2ee8df68fa84468b88c6f967c2685de7b1dcf51ead3bd3384_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256:3fcd7214658eefa2ee8df68fa84468b88c6f967c2685de7b1dcf51ead3bd3384?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle\u0026tag=4.3.6-4"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:52055750c7ebac6cc8da8094476048485f2d588b13e52bc6ae2aeda27e775276_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:52055750c7ebac6cc8da8094476048485f2d588b13e52bc6ae2aeda27e775276_s390x",
"product_id": "advanced-cluster-security/rhacs-rhel8-operator@sha256:52055750c7ebac6cc8da8094476048485f2d588b13e52bc6ae2aeda27e775276_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256:52055750c7ebac6cc8da8094476048485f2d588b13e52bc6ae2aeda27e775276?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator\u0026tag=4.3.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b684f6d10a29563ba568a4a764498898d60cfe6cd3ffb0baac288bf9103b440d_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b684f6d10a29563ba568a4a764498898d60cfe6cd3ffb0baac288bf9103b440d_s390x",
"product_id": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b684f6d10a29563ba568a4a764498898d60cfe6cd3ffb0baac288bf9103b440d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256:b684f6d10a29563ba568a4a764498898d60cfe6cd3ffb0baac288bf9103b440d?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8\u0026tag=4.3.6-2"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:a00fa2c64f90bc4f7c6cbc7e2e6e1eaa72ca249bf25f7f9fb08edbbfad5fbd73_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:a00fa2c64f90bc4f7c6cbc7e2e6e1eaa72ca249bf25f7f9fb08edbbfad5fbd73_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:a00fa2c64f90bc4f7c6cbc7e2e6e1eaa72ca249bf25f7f9fb08edbbfad5fbd73_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256:a00fa2c64f90bc4f7c6cbc7e2e6e1eaa72ca249bf25f7f9fb08edbbfad5fbd73?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8\u0026tag=4.3.6-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:db4cbc0724e42f3e788a6de15af4e41ae85492bc230e01ea67b6954a08bad41c_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:db4cbc0724e42f3e788a6de15af4e41ae85492bc230e01ea67b6954a08bad41c_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:db4cbc0724e42f3e788a6de15af4e41ae85492bc230e01ea67b6954a08bad41c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256:db4cbc0724e42f3e788a6de15af4e41ae85492bc230e01ea67b6954a08bad41c?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8\u0026tag=4.3.6-3"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3253ba914c3e0b7a2d50d2881b475bbf4b2e78800ba590fef3a0d3c9f91ec55f_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3253ba914c3e0b7a2d50d2881b475bbf4b2e78800ba590fef3a0d3c9f91ec55f_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3253ba914c3e0b7a2d50d2881b475bbf4b2e78800ba590fef3a0d3c9f91ec55f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256:3253ba914c3e0b7a2d50d2881b475bbf4b2e78800ba590fef3a0d3c9f91ec55f?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8\u0026tag=4.3.6-1"
}
}
},
{
"category": "product_version",
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a65370286ed1706fbc57b93ed628c3deea455cf0b9d68e84af1f3fd6dc3d7a5d_s390x",
"product": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a65370286ed1706fbc57b93ed628c3deea455cf0b9d68e84af1f3fd6dc3d7a5d_s390x",
"product_id": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a65370286ed1706fbc57b93ed628c3deea455cf0b9d68e84af1f3fd6dc3d7a5d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256:a65370286ed1706fbc57b93ed628c3deea455cf0b9d68e84af1f3fd6dc3d7a5d?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8\u0026tag=4.3.6-3"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:736e3e62434ec2a5839d49b343543eaa7ccb20711e6165e0bb158c82e74b2cbc_s390x as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:736e3e62434ec2a5839d49b343543eaa7ccb20711e6165e0bb158c82e74b2cbc_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:736e3e62434ec2a5839d49b343543eaa7ccb20711e6165e0bb158c82e74b2cbc_s390x",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:91cdf66dc5d25146583cf884a3ccebe2103f1a3796033b821079b132ee1a4079_amd64 as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:91cdf66dc5d25146583cf884a3ccebe2103f1a3796033b821079b132ee1a4079_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:91cdf66dc5d25146583cf884a3ccebe2103f1a3796033b821079b132ee1a4079_amd64",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ef866fef476c2c3ba1288feb26efc396ccc59bf85825cffd9ce28e541115d4b_ppc64le as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ef866fef476c2c3ba1288feb26efc396ccc59bf85825cffd9ce28e541115d4b_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ef866fef476c2c3ba1288feb26efc396ccc59bf85825cffd9ce28e541115d4b_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:686ad91f440de57326855aa496f83deb40cbaf2095eec1a20eb1c8024a1f3879_s390x as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:686ad91f440de57326855aa496f83deb40cbaf2095eec1a20eb1c8024a1f3879_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:686ad91f440de57326855aa496f83deb40cbaf2095eec1a20eb1c8024a1f3879_s390x",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:a6748d3781ec5cef04928646aed6eeb6d13f9552cb0978bc513968de03d04693_amd64 as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:a6748d3781ec5cef04928646aed6eeb6d13f9552cb0978bc513968de03d04693_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:a6748d3781ec5cef04928646aed6eeb6d13f9552cb0978bc513968de03d04693_amd64",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-rhel8@sha256:d83a8ed415a0af5f5e1b92bd7eba83c94418f068c87aee3a2a6c0aa2f70cdb1c_ppc64le as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:d83a8ed415a0af5f5e1b92bd7eba83c94418f068c87aee3a2a6c0aa2f70cdb1c_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-collector-rhel8@sha256:d83a8ed415a0af5f5e1b92bd7eba83c94418f068c87aee3a2a6c0aa2f70cdb1c_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:12e2005d9402116dd740f2c0bece212fc17a319862d84780d9d491cdc563e83c_s390x as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:12e2005d9402116dd740f2c0bece212fc17a319862d84780d9d491cdc563e83c_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:12e2005d9402116dd740f2c0bece212fc17a319862d84780d9d491cdc563e83c_s390x",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:4b2bbb4058d59241281a66bfb93f7828991c5947cc82b63812e67a2c17533824_amd64 as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:4b2bbb4058d59241281a66bfb93f7828991c5947cc82b63812e67a2c17533824_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:4b2bbb4058d59241281a66bfb93f7828991c5947cc82b63812e67a2c17533824_amd64",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:6a9d0b641d5c5583a1d0a8bc2ab6cf70210d09506640e0f3910214b0abeed016_ppc64le as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:6a9d0b641d5c5583a1d0a8bc2ab6cf70210d09506640e0f3910214b0abeed016_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:6a9d0b641d5c5583a1d0a8bc2ab6cf70210d09506640e0f3910214b0abeed016_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:10eeb829065e404a5232a9a4d33f238556958e03b827d3c88dbb7a859d20a3d6_amd64 as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:10eeb829065e404a5232a9a4d33f238556958e03b827d3c88dbb7a859d20a3d6_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:10eeb829065e404a5232a9a4d33f238556958e03b827d3c88dbb7a859d20a3d6_amd64",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:6cd8653ccb833a2175c5fb691ca1718a66b9885304cc15bbf14db789e17baffd_ppc64le as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:6cd8653ccb833a2175c5fb691ca1718a66b9885304cc15bbf14db789e17baffd_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:6cd8653ccb833a2175c5fb691ca1718a66b9885304cc15bbf14db789e17baffd_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-main-rhel8@sha256:90818fa0d83c71c7312964b559ba57637f6684d3956280e616608a3384a18df9_s390x as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:90818fa0d83c71c7312964b559ba57637f6684d3956280e616608a3384a18df9_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-main-rhel8@sha256:90818fa0d83c71c7312964b559ba57637f6684d3956280e616608a3384a18df9_s390x",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:355567de35493ef1122e8a60385828c98ba62272aaf60d4ab6336466418ec6c9_amd64 as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:355567de35493ef1122e8a60385828c98ba62272aaf60d4ab6336466418ec6c9_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:355567de35493ef1122e8a60385828c98ba62272aaf60d4ab6336466418ec6c9_amd64",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:3fcd7214658eefa2ee8df68fa84468b88c6f967c2685de7b1dcf51ead3bd3384_s390x as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:3fcd7214658eefa2ee8df68fa84468b88c6f967c2685de7b1dcf51ead3bd3384_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:3fcd7214658eefa2ee8df68fa84468b88c6f967c2685de7b1dcf51ead3bd3384_s390x",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-operator-bundle@sha256:59317dcd8a520e3840ac191c634ec808339e7ac2779652530bbe35d5206a19d3_ppc64le as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:59317dcd8a520e3840ac191c634ec808339e7ac2779652530bbe35d5206a19d3_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-operator-bundle@sha256:59317dcd8a520e3840ac191c634ec808339e7ac2779652530bbe35d5206a19d3_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:4068b92d696b38aaf9a5e02d7286caf3d0b850b445c83f604693e71bd8b99fc1_amd64 as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:4068b92d696b38aaf9a5e02d7286caf3d0b850b445c83f604693e71bd8b99fc1_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:4068b92d696b38aaf9a5e02d7286caf3d0b850b445c83f604693e71bd8b99fc1_amd64",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:52055750c7ebac6cc8da8094476048485f2d588b13e52bc6ae2aeda27e775276_s390x as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:52055750c7ebac6cc8da8094476048485f2d588b13e52bc6ae2aeda27e775276_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:52055750c7ebac6cc8da8094476048485f2d588b13e52bc6ae2aeda27e775276_s390x",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-rhel8-operator@sha256:cec628e76d2b083fe3bdd0633fbe9512f93879bac8415a737c5b724daf6aecdc_ppc64le as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:cec628e76d2b083fe3bdd0633fbe9512f93879bac8415a737c5b724daf6aecdc_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-rhel8-operator@sha256:cec628e76d2b083fe3bdd0633fbe9512f93879bac8415a737c5b724daf6aecdc_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:06fd6c23e567a898abe781090c28d4fb21c659ecfbc3ab7be67239295979ab62_ppc64le as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:06fd6c23e567a898abe781090c28d4fb21c659ecfbc3ab7be67239295979ab62_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:06fd6c23e567a898abe781090c28d4fb21c659ecfbc3ab7be67239295979ab62_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7e4a97c0ad170ecffcf78809580bff38158feca5967f53272848e758aed80577_amd64 as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7e4a97c0ad170ecffcf78809580bff38158feca5967f53272848e758aed80577_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7e4a97c0ad170ecffcf78809580bff38158feca5967f53272848e758aed80577_amd64",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b684f6d10a29563ba568a4a764498898d60cfe6cd3ffb0baac288bf9103b440d_s390x as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b684f6d10a29563ba568a4a764498898d60cfe6cd3ffb0baac288bf9103b440d_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b684f6d10a29563ba568a4a764498898d60cfe6cd3ffb0baac288bf9103b440d_s390x",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3dba7e060bd7940b58e64ddf9d5fcfa8295161bbd9ae685f75b4a98a652f0060_amd64 as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3dba7e060bd7940b58e64ddf9d5fcfa8295161bbd9ae685f75b4a98a652f0060_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3dba7e060bd7940b58e64ddf9d5fcfa8295161bbd9ae685f75b4a98a652f0060_amd64",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:6f9bcb1ef6528a8fb81d8d1dfa82afbcc736a7e3d92750bf3d26aaf3fa8d7305_ppc64le as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:6f9bcb1ef6528a8fb81d8d1dfa82afbcc736a7e3d92750bf3d26aaf3fa8d7305_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:6f9bcb1ef6528a8fb81d8d1dfa82afbcc736a7e3d92750bf3d26aaf3fa8d7305_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:db4cbc0724e42f3e788a6de15af4e41ae85492bc230e01ea67b6954a08bad41c_s390x as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:db4cbc0724e42f3e788a6de15af4e41ae85492bc230e01ea67b6954a08bad41c_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:db4cbc0724e42f3e788a6de15af4e41ae85492bc230e01ea67b6954a08bad41c_s390x",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:01dbb08c96001b53359e40ca056250cf3a2a601885f85164a8471960284332e2_ppc64le as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:01dbb08c96001b53359e40ca056250cf3a2a601885f85164a8471960284332e2_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:01dbb08c96001b53359e40ca056250cf3a2a601885f85164a8471960284332e2_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:08ff0cc9c396ab7764d79c1749cbaadd09cf9f2d947f8559d9a122a54c9e7cb8_amd64 as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:08ff0cc9c396ab7764d79c1749cbaadd09cf9f2d947f8559d9a122a54c9e7cb8_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:08ff0cc9c396ab7764d79c1749cbaadd09cf9f2d947f8559d9a122a54c9e7cb8_amd64",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3253ba914c3e0b7a2d50d2881b475bbf4b2e78800ba590fef3a0d3c9f91ec55f_s390x as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3253ba914c3e0b7a2d50d2881b475bbf4b2e78800ba590fef3a0d3c9f91ec55f_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3253ba914c3e0b7a2d50d2881b475bbf4b2e78800ba590fef3a0d3c9f91ec55f_s390x",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:5b6b617e4a2af756b1e41ba198f6d89b89b38bb00fc7836ab7ac7bda16628edf_amd64 as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:5b6b617e4a2af756b1e41ba198f6d89b89b38bb00fc7836ab7ac7bda16628edf_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:5b6b617e4a2af756b1e41ba198f6d89b89b38bb00fc7836ab7ac7bda16628edf_amd64",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:9e0be36291581bd67c9e0ed2f1c204cfff143b8f37bb2d83a7e2e64901f174bd_ppc64le as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:9e0be36291581bd67c9e0ed2f1c204cfff143b8f37bb2d83a7e2e64901f174bd_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:9e0be36291581bd67c9e0ed2f1c204cfff143b8f37bb2d83a7e2e64901f174bd_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:a00fa2c64f90bc4f7c6cbc7e2e6e1eaa72ca249bf25f7f9fb08edbbfad5fbd73_s390x as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:a00fa2c64f90bc4f7c6cbc7e2e6e1eaa72ca249bf25f7f9fb08edbbfad5fbd73_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-rhel8@sha256:a00fa2c64f90bc4f7c6cbc7e2e6e1eaa72ca249bf25f7f9fb08edbbfad5fbd73_s390x",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:26e9cc34a94311d166886604f9ad021b70cfc10b1b6033b0146d4a8c41fc0053_ppc64le as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:26e9cc34a94311d166886604f9ad021b70cfc10b1b6033b0146d4a8c41fc0053_ppc64le"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:26e9cc34a94311d166886604f9ad021b70cfc10b1b6033b0146d4a8c41fc0053_ppc64le",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8d99d2b7f487b201f8b22b4cd208bd8708bd4024a8b71cda0a857352d8fa9519_amd64 as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8d99d2b7f487b201f8b22b4cd208bd8708bd4024a8b71cda0a857352d8fa9519_amd64"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8d99d2b7f487b201f8b22b4cd208bd8708bd4024a8b71cda0a857352d8fa9519_amd64",
"relates_to_product_reference": "8Base-RHACS-4.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a65370286ed1706fbc57b93ed628c3deea455cf0b9d68e84af1f3fd6dc3d7a5d_s390x as a component of RHACS 4.3 for RHEL 8",
"product_id": "8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a65370286ed1706fbc57b93ed628c3deea455cf0b9d68e84af1f3fd6dc3d7a5d_s390x"
},
"product_reference": "advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a65370286ed1706fbc57b93ed628c3deea455cf0b9d68e84af1f3fd6dc3d7a5d_s390x",
"relates_to_product_reference": "8Base-RHACS-4.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-25210",
"cwe": {
"id": "CWE-201",
"name": "Insertion of Sensitive Information Into Sent Data"
},
"discovery_date": "2024-03-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268201"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Helm that may lead to sensitive information disclosure. When the --dry-run flag is used in Helm 3, it displays values of secrets. Helm 2 just displays the fact that a secret has been created.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "helm: shows secrets with --dry-run option in clear text",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:736e3e62434ec2a5839d49b343543eaa7ccb20711e6165e0bb158c82e74b2cbc_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:91cdf66dc5d25146583cf884a3ccebe2103f1a3796033b821079b132ee1a4079_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ef866fef476c2c3ba1288feb26efc396ccc59bf85825cffd9ce28e541115d4b_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:686ad91f440de57326855aa496f83deb40cbaf2095eec1a20eb1c8024a1f3879_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:a6748d3781ec5cef04928646aed6eeb6d13f9552cb0978bc513968de03d04693_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:d83a8ed415a0af5f5e1b92bd7eba83c94418f068c87aee3a2a6c0aa2f70cdb1c_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:12e2005d9402116dd740f2c0bece212fc17a319862d84780d9d491cdc563e83c_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:4b2bbb4058d59241281a66bfb93f7828991c5947cc82b63812e67a2c17533824_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:6a9d0b641d5c5583a1d0a8bc2ab6cf70210d09506640e0f3910214b0abeed016_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:10eeb829065e404a5232a9a4d33f238556958e03b827d3c88dbb7a859d20a3d6_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:6cd8653ccb833a2175c5fb691ca1718a66b9885304cc15bbf14db789e17baffd_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:90818fa0d83c71c7312964b559ba57637f6684d3956280e616608a3384a18df9_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:355567de35493ef1122e8a60385828c98ba62272aaf60d4ab6336466418ec6c9_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:3fcd7214658eefa2ee8df68fa84468b88c6f967c2685de7b1dcf51ead3bd3384_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:59317dcd8a520e3840ac191c634ec808339e7ac2779652530bbe35d5206a19d3_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:4068b92d696b38aaf9a5e02d7286caf3d0b850b445c83f604693e71bd8b99fc1_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:52055750c7ebac6cc8da8094476048485f2d588b13e52bc6ae2aeda27e775276_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:cec628e76d2b083fe3bdd0633fbe9512f93879bac8415a737c5b724daf6aecdc_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:06fd6c23e567a898abe781090c28d4fb21c659ecfbc3ab7be67239295979ab62_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7e4a97c0ad170ecffcf78809580bff38158feca5967f53272848e758aed80577_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b684f6d10a29563ba568a4a764498898d60cfe6cd3ffb0baac288bf9103b440d_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3dba7e060bd7940b58e64ddf9d5fcfa8295161bbd9ae685f75b4a98a652f0060_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:6f9bcb1ef6528a8fb81d8d1dfa82afbcc736a7e3d92750bf3d26aaf3fa8d7305_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:db4cbc0724e42f3e788a6de15af4e41ae85492bc230e01ea67b6954a08bad41c_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:01dbb08c96001b53359e40ca056250cf3a2a601885f85164a8471960284332e2_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:08ff0cc9c396ab7764d79c1749cbaadd09cf9f2d947f8559d9a122a54c9e7cb8_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3253ba914c3e0b7a2d50d2881b475bbf4b2e78800ba590fef3a0d3c9f91ec55f_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:5b6b617e4a2af756b1e41ba198f6d89b89b38bb00fc7836ab7ac7bda16628edf_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:9e0be36291581bd67c9e0ed2f1c204cfff143b8f37bb2d83a7e2e64901f174bd_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:a00fa2c64f90bc4f7c6cbc7e2e6e1eaa72ca249bf25f7f9fb08edbbfad5fbd73_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:26e9cc34a94311d166886604f9ad021b70cfc10b1b6033b0146d4a8c41fc0053_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8d99d2b7f487b201f8b22b4cd208bd8708bd4024a8b71cda0a857352d8fa9519_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a65370286ed1706fbc57b93ed628c3deea455cf0b9d68e84af1f3fd6dc3d7a5d_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-25210"
},
{
"category": "external",
"summary": "RHBZ#2268201",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268201"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-25210",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-25210"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-25210",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-25210"
},
{
"category": "external",
"summary": "https://github.com/helm/helm/issues/7275",
"url": "https://github.com/helm/helm/issues/7275"
}
],
"release_date": "2024-03-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-27T18:47:27+00:00",
"details": "If you are using an earlier version of RHACS 4.3, you are advised to upgrade to patch release 4.3.6.",
"product_ids": [
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:736e3e62434ec2a5839d49b343543eaa7ccb20711e6165e0bb158c82e74b2cbc_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:91cdf66dc5d25146583cf884a3ccebe2103f1a3796033b821079b132ee1a4079_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ef866fef476c2c3ba1288feb26efc396ccc59bf85825cffd9ce28e541115d4b_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:686ad91f440de57326855aa496f83deb40cbaf2095eec1a20eb1c8024a1f3879_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:a6748d3781ec5cef04928646aed6eeb6d13f9552cb0978bc513968de03d04693_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:d83a8ed415a0af5f5e1b92bd7eba83c94418f068c87aee3a2a6c0aa2f70cdb1c_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:12e2005d9402116dd740f2c0bece212fc17a319862d84780d9d491cdc563e83c_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:4b2bbb4058d59241281a66bfb93f7828991c5947cc82b63812e67a2c17533824_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:6a9d0b641d5c5583a1d0a8bc2ab6cf70210d09506640e0f3910214b0abeed016_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:10eeb829065e404a5232a9a4d33f238556958e03b827d3c88dbb7a859d20a3d6_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:6cd8653ccb833a2175c5fb691ca1718a66b9885304cc15bbf14db789e17baffd_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:90818fa0d83c71c7312964b559ba57637f6684d3956280e616608a3384a18df9_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:355567de35493ef1122e8a60385828c98ba62272aaf60d4ab6336466418ec6c9_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:3fcd7214658eefa2ee8df68fa84468b88c6f967c2685de7b1dcf51ead3bd3384_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:59317dcd8a520e3840ac191c634ec808339e7ac2779652530bbe35d5206a19d3_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:4068b92d696b38aaf9a5e02d7286caf3d0b850b445c83f604693e71bd8b99fc1_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:52055750c7ebac6cc8da8094476048485f2d588b13e52bc6ae2aeda27e775276_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:cec628e76d2b083fe3bdd0633fbe9512f93879bac8415a737c5b724daf6aecdc_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:06fd6c23e567a898abe781090c28d4fb21c659ecfbc3ab7be67239295979ab62_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7e4a97c0ad170ecffcf78809580bff38158feca5967f53272848e758aed80577_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b684f6d10a29563ba568a4a764498898d60cfe6cd3ffb0baac288bf9103b440d_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3dba7e060bd7940b58e64ddf9d5fcfa8295161bbd9ae685f75b4a98a652f0060_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:6f9bcb1ef6528a8fb81d8d1dfa82afbcc736a7e3d92750bf3d26aaf3fa8d7305_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:db4cbc0724e42f3e788a6de15af4e41ae85492bc230e01ea67b6954a08bad41c_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:01dbb08c96001b53359e40ca056250cf3a2a601885f85164a8471960284332e2_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:08ff0cc9c396ab7764d79c1749cbaadd09cf9f2d947f8559d9a122a54c9e7cb8_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3253ba914c3e0b7a2d50d2881b475bbf4b2e78800ba590fef3a0d3c9f91ec55f_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:5b6b617e4a2af756b1e41ba198f6d89b89b38bb00fc7836ab7ac7bda16628edf_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:9e0be36291581bd67c9e0ed2f1c204cfff143b8f37bb2d83a7e2e64901f174bd_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:a00fa2c64f90bc4f7c6cbc7e2e6e1eaa72ca249bf25f7f9fb08edbbfad5fbd73_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:26e9cc34a94311d166886604f9ad021b70cfc10b1b6033b0146d4a8c41fc0053_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8d99d2b7f487b201f8b22b4cd208bd8708bd4024a8b71cda0a857352d8fa9519_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a65370286ed1706fbc57b93ed628c3deea455cf0b9d68e84af1f3fd6dc3d7a5d_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1549"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:736e3e62434ec2a5839d49b343543eaa7ccb20711e6165e0bb158c82e74b2cbc_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:91cdf66dc5d25146583cf884a3ccebe2103f1a3796033b821079b132ee1a4079_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ef866fef476c2c3ba1288feb26efc396ccc59bf85825cffd9ce28e541115d4b_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:686ad91f440de57326855aa496f83deb40cbaf2095eec1a20eb1c8024a1f3879_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:a6748d3781ec5cef04928646aed6eeb6d13f9552cb0978bc513968de03d04693_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:d83a8ed415a0af5f5e1b92bd7eba83c94418f068c87aee3a2a6c0aa2f70cdb1c_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:12e2005d9402116dd740f2c0bece212fc17a319862d84780d9d491cdc563e83c_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:4b2bbb4058d59241281a66bfb93f7828991c5947cc82b63812e67a2c17533824_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:6a9d0b641d5c5583a1d0a8bc2ab6cf70210d09506640e0f3910214b0abeed016_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:10eeb829065e404a5232a9a4d33f238556958e03b827d3c88dbb7a859d20a3d6_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:6cd8653ccb833a2175c5fb691ca1718a66b9885304cc15bbf14db789e17baffd_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:90818fa0d83c71c7312964b559ba57637f6684d3956280e616608a3384a18df9_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:355567de35493ef1122e8a60385828c98ba62272aaf60d4ab6336466418ec6c9_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:3fcd7214658eefa2ee8df68fa84468b88c6f967c2685de7b1dcf51ead3bd3384_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:59317dcd8a520e3840ac191c634ec808339e7ac2779652530bbe35d5206a19d3_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:4068b92d696b38aaf9a5e02d7286caf3d0b850b445c83f604693e71bd8b99fc1_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:52055750c7ebac6cc8da8094476048485f2d588b13e52bc6ae2aeda27e775276_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:cec628e76d2b083fe3bdd0633fbe9512f93879bac8415a737c5b724daf6aecdc_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:06fd6c23e567a898abe781090c28d4fb21c659ecfbc3ab7be67239295979ab62_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7e4a97c0ad170ecffcf78809580bff38158feca5967f53272848e758aed80577_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b684f6d10a29563ba568a4a764498898d60cfe6cd3ffb0baac288bf9103b440d_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3dba7e060bd7940b58e64ddf9d5fcfa8295161bbd9ae685f75b4a98a652f0060_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:6f9bcb1ef6528a8fb81d8d1dfa82afbcc736a7e3d92750bf3d26aaf3fa8d7305_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:db4cbc0724e42f3e788a6de15af4e41ae85492bc230e01ea67b6954a08bad41c_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:01dbb08c96001b53359e40ca056250cf3a2a601885f85164a8471960284332e2_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:08ff0cc9c396ab7764d79c1749cbaadd09cf9f2d947f8559d9a122a54c9e7cb8_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3253ba914c3e0b7a2d50d2881b475bbf4b2e78800ba590fef3a0d3c9f91ec55f_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:5b6b617e4a2af756b1e41ba198f6d89b89b38bb00fc7836ab7ac7bda16628edf_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:9e0be36291581bd67c9e0ed2f1c204cfff143b8f37bb2d83a7e2e64901f174bd_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:a00fa2c64f90bc4f7c6cbc7e2e6e1eaa72ca249bf25f7f9fb08edbbfad5fbd73_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:26e9cc34a94311d166886604f9ad021b70cfc10b1b6033b0146d4a8c41fc0053_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8d99d2b7f487b201f8b22b4cd208bd8708bd4024a8b71cda0a857352d8fa9519_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a65370286ed1706fbc57b93ed628c3deea455cf0b9d68e84af1f3fd6dc3d7a5d_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "helm: shows secrets with --dry-run option in clear text"
},
{
"cve": "CVE-2023-49569",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2024-01-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2258143"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal vulnerability was discovered in the go library go-git. This issue may allow an attacker to create and amend files across the filesystem when applications are using the default ChrootOS, potentially allowing remote code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "go-git: Maliciously crafted Git server replies can lead to path traversal and RCE on go-git clients",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This problem only affects the go implementation and not the original git cli code. Applications using BoundOS or in-memory filesystems are not affected by this issue. Clients should be limited to connect to only trusted git servers to reduce the risk of compromise.\n\nIn OpenShift Container Platform (OCP) the vulnerable github.com/go-git/go-git/v5 Go package is used as a dependency in many components where the vulnerable function is not used, hence the impact by this vulnerability is reduced to Low.\n\nIn Openshift-Clients, the affected github.com/go-git/go-git/v5 is a transitive dependency and Openshift-Clients do not use the affected codebase of the go-git package. Hence, it is marked as Not Affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:736e3e62434ec2a5839d49b343543eaa7ccb20711e6165e0bb158c82e74b2cbc_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:91cdf66dc5d25146583cf884a3ccebe2103f1a3796033b821079b132ee1a4079_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ef866fef476c2c3ba1288feb26efc396ccc59bf85825cffd9ce28e541115d4b_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:686ad91f440de57326855aa496f83deb40cbaf2095eec1a20eb1c8024a1f3879_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:a6748d3781ec5cef04928646aed6eeb6d13f9552cb0978bc513968de03d04693_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:d83a8ed415a0af5f5e1b92bd7eba83c94418f068c87aee3a2a6c0aa2f70cdb1c_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:12e2005d9402116dd740f2c0bece212fc17a319862d84780d9d491cdc563e83c_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:4b2bbb4058d59241281a66bfb93f7828991c5947cc82b63812e67a2c17533824_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:6a9d0b641d5c5583a1d0a8bc2ab6cf70210d09506640e0f3910214b0abeed016_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:10eeb829065e404a5232a9a4d33f238556958e03b827d3c88dbb7a859d20a3d6_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:6cd8653ccb833a2175c5fb691ca1718a66b9885304cc15bbf14db789e17baffd_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:90818fa0d83c71c7312964b559ba57637f6684d3956280e616608a3384a18df9_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:355567de35493ef1122e8a60385828c98ba62272aaf60d4ab6336466418ec6c9_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:3fcd7214658eefa2ee8df68fa84468b88c6f967c2685de7b1dcf51ead3bd3384_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:59317dcd8a520e3840ac191c634ec808339e7ac2779652530bbe35d5206a19d3_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:4068b92d696b38aaf9a5e02d7286caf3d0b850b445c83f604693e71bd8b99fc1_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:52055750c7ebac6cc8da8094476048485f2d588b13e52bc6ae2aeda27e775276_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:cec628e76d2b083fe3bdd0633fbe9512f93879bac8415a737c5b724daf6aecdc_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:06fd6c23e567a898abe781090c28d4fb21c659ecfbc3ab7be67239295979ab62_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7e4a97c0ad170ecffcf78809580bff38158feca5967f53272848e758aed80577_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b684f6d10a29563ba568a4a764498898d60cfe6cd3ffb0baac288bf9103b440d_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3dba7e060bd7940b58e64ddf9d5fcfa8295161bbd9ae685f75b4a98a652f0060_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:6f9bcb1ef6528a8fb81d8d1dfa82afbcc736a7e3d92750bf3d26aaf3fa8d7305_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:db4cbc0724e42f3e788a6de15af4e41ae85492bc230e01ea67b6954a08bad41c_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:01dbb08c96001b53359e40ca056250cf3a2a601885f85164a8471960284332e2_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:08ff0cc9c396ab7764d79c1749cbaadd09cf9f2d947f8559d9a122a54c9e7cb8_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3253ba914c3e0b7a2d50d2881b475bbf4b2e78800ba590fef3a0d3c9f91ec55f_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:5b6b617e4a2af756b1e41ba198f6d89b89b38bb00fc7836ab7ac7bda16628edf_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:9e0be36291581bd67c9e0ed2f1c204cfff143b8f37bb2d83a7e2e64901f174bd_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:a00fa2c64f90bc4f7c6cbc7e2e6e1eaa72ca249bf25f7f9fb08edbbfad5fbd73_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:26e9cc34a94311d166886604f9ad021b70cfc10b1b6033b0146d4a8c41fc0053_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8d99d2b7f487b201f8b22b4cd208bd8708bd4024a8b71cda0a857352d8fa9519_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a65370286ed1706fbc57b93ed628c3deea455cf0b9d68e84af1f3fd6dc3d7a5d_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-49569"
},
{
"category": "external",
"summary": "RHBZ#2258143",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258143"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-49569",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49569"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-49569",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-49569"
},
{
"category": "external",
"summary": "https://github.com/go-git/go-git/security/advisories/GHSA-449p-3h89-pw88",
"url": "https://github.com/go-git/go-git/security/advisories/GHSA-449p-3h89-pw88"
}
],
"release_date": "2024-01-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-27T18:47:27+00:00",
"details": "If you are using an earlier version of RHACS 4.3, you are advised to upgrade to patch release 4.3.6.",
"product_ids": [
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:736e3e62434ec2a5839d49b343543eaa7ccb20711e6165e0bb158c82e74b2cbc_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:91cdf66dc5d25146583cf884a3ccebe2103f1a3796033b821079b132ee1a4079_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ef866fef476c2c3ba1288feb26efc396ccc59bf85825cffd9ce28e541115d4b_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:686ad91f440de57326855aa496f83deb40cbaf2095eec1a20eb1c8024a1f3879_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:a6748d3781ec5cef04928646aed6eeb6d13f9552cb0978bc513968de03d04693_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:d83a8ed415a0af5f5e1b92bd7eba83c94418f068c87aee3a2a6c0aa2f70cdb1c_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:12e2005d9402116dd740f2c0bece212fc17a319862d84780d9d491cdc563e83c_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:4b2bbb4058d59241281a66bfb93f7828991c5947cc82b63812e67a2c17533824_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:6a9d0b641d5c5583a1d0a8bc2ab6cf70210d09506640e0f3910214b0abeed016_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:10eeb829065e404a5232a9a4d33f238556958e03b827d3c88dbb7a859d20a3d6_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:6cd8653ccb833a2175c5fb691ca1718a66b9885304cc15bbf14db789e17baffd_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:90818fa0d83c71c7312964b559ba57637f6684d3956280e616608a3384a18df9_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:355567de35493ef1122e8a60385828c98ba62272aaf60d4ab6336466418ec6c9_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:3fcd7214658eefa2ee8df68fa84468b88c6f967c2685de7b1dcf51ead3bd3384_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:59317dcd8a520e3840ac191c634ec808339e7ac2779652530bbe35d5206a19d3_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:4068b92d696b38aaf9a5e02d7286caf3d0b850b445c83f604693e71bd8b99fc1_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:52055750c7ebac6cc8da8094476048485f2d588b13e52bc6ae2aeda27e775276_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:cec628e76d2b083fe3bdd0633fbe9512f93879bac8415a737c5b724daf6aecdc_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:06fd6c23e567a898abe781090c28d4fb21c659ecfbc3ab7be67239295979ab62_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7e4a97c0ad170ecffcf78809580bff38158feca5967f53272848e758aed80577_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b684f6d10a29563ba568a4a764498898d60cfe6cd3ffb0baac288bf9103b440d_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3dba7e060bd7940b58e64ddf9d5fcfa8295161bbd9ae685f75b4a98a652f0060_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:6f9bcb1ef6528a8fb81d8d1dfa82afbcc736a7e3d92750bf3d26aaf3fa8d7305_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:db4cbc0724e42f3e788a6de15af4e41ae85492bc230e01ea67b6954a08bad41c_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:01dbb08c96001b53359e40ca056250cf3a2a601885f85164a8471960284332e2_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:08ff0cc9c396ab7764d79c1749cbaadd09cf9f2d947f8559d9a122a54c9e7cb8_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3253ba914c3e0b7a2d50d2881b475bbf4b2e78800ba590fef3a0d3c9f91ec55f_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:5b6b617e4a2af756b1e41ba198f6d89b89b38bb00fc7836ab7ac7bda16628edf_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:9e0be36291581bd67c9e0ed2f1c204cfff143b8f37bb2d83a7e2e64901f174bd_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:a00fa2c64f90bc4f7c6cbc7e2e6e1eaa72ca249bf25f7f9fb08edbbfad5fbd73_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:26e9cc34a94311d166886604f9ad021b70cfc10b1b6033b0146d4a8c41fc0053_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8d99d2b7f487b201f8b22b4cd208bd8708bd4024a8b71cda0a857352d8fa9519_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a65370286ed1706fbc57b93ed628c3deea455cf0b9d68e84af1f3fd6dc3d7a5d_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1549"
},
{
"category": "workaround",
"details": "In cases where a bump to the latest version of go-git is not possible, a recommendation to reduce the exposure of this threat is limiting its use to only trust-worthy Git servers.",
"product_ids": [
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:736e3e62434ec2a5839d49b343543eaa7ccb20711e6165e0bb158c82e74b2cbc_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:91cdf66dc5d25146583cf884a3ccebe2103f1a3796033b821079b132ee1a4079_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ef866fef476c2c3ba1288feb26efc396ccc59bf85825cffd9ce28e541115d4b_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:686ad91f440de57326855aa496f83deb40cbaf2095eec1a20eb1c8024a1f3879_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:a6748d3781ec5cef04928646aed6eeb6d13f9552cb0978bc513968de03d04693_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:d83a8ed415a0af5f5e1b92bd7eba83c94418f068c87aee3a2a6c0aa2f70cdb1c_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:12e2005d9402116dd740f2c0bece212fc17a319862d84780d9d491cdc563e83c_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:4b2bbb4058d59241281a66bfb93f7828991c5947cc82b63812e67a2c17533824_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:6a9d0b641d5c5583a1d0a8bc2ab6cf70210d09506640e0f3910214b0abeed016_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:10eeb829065e404a5232a9a4d33f238556958e03b827d3c88dbb7a859d20a3d6_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:6cd8653ccb833a2175c5fb691ca1718a66b9885304cc15bbf14db789e17baffd_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:90818fa0d83c71c7312964b559ba57637f6684d3956280e616608a3384a18df9_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:355567de35493ef1122e8a60385828c98ba62272aaf60d4ab6336466418ec6c9_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:3fcd7214658eefa2ee8df68fa84468b88c6f967c2685de7b1dcf51ead3bd3384_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:59317dcd8a520e3840ac191c634ec808339e7ac2779652530bbe35d5206a19d3_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:4068b92d696b38aaf9a5e02d7286caf3d0b850b445c83f604693e71bd8b99fc1_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:52055750c7ebac6cc8da8094476048485f2d588b13e52bc6ae2aeda27e775276_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:cec628e76d2b083fe3bdd0633fbe9512f93879bac8415a737c5b724daf6aecdc_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:06fd6c23e567a898abe781090c28d4fb21c659ecfbc3ab7be67239295979ab62_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7e4a97c0ad170ecffcf78809580bff38158feca5967f53272848e758aed80577_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b684f6d10a29563ba568a4a764498898d60cfe6cd3ffb0baac288bf9103b440d_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3dba7e060bd7940b58e64ddf9d5fcfa8295161bbd9ae685f75b4a98a652f0060_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:6f9bcb1ef6528a8fb81d8d1dfa82afbcc736a7e3d92750bf3d26aaf3fa8d7305_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:db4cbc0724e42f3e788a6de15af4e41ae85492bc230e01ea67b6954a08bad41c_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:01dbb08c96001b53359e40ca056250cf3a2a601885f85164a8471960284332e2_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:08ff0cc9c396ab7764d79c1749cbaadd09cf9f2d947f8559d9a122a54c9e7cb8_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3253ba914c3e0b7a2d50d2881b475bbf4b2e78800ba590fef3a0d3c9f91ec55f_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:5b6b617e4a2af756b1e41ba198f6d89b89b38bb00fc7836ab7ac7bda16628edf_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:9e0be36291581bd67c9e0ed2f1c204cfff143b8f37bb2d83a7e2e64901f174bd_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:a00fa2c64f90bc4f7c6cbc7e2e6e1eaa72ca249bf25f7f9fb08edbbfad5fbd73_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:26e9cc34a94311d166886604f9ad021b70cfc10b1b6033b0146d4a8c41fc0053_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8d99d2b7f487b201f8b22b4cd208bd8708bd4024a8b71cda0a857352d8fa9519_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a65370286ed1706fbc57b93ed628c3deea455cf0b9d68e84af1f3fd6dc3d7a5d_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:736e3e62434ec2a5839d49b343543eaa7ccb20711e6165e0bb158c82e74b2cbc_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:91cdf66dc5d25146583cf884a3ccebe2103f1a3796033b821079b132ee1a4079_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ef866fef476c2c3ba1288feb26efc396ccc59bf85825cffd9ce28e541115d4b_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:686ad91f440de57326855aa496f83deb40cbaf2095eec1a20eb1c8024a1f3879_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:a6748d3781ec5cef04928646aed6eeb6d13f9552cb0978bc513968de03d04693_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:d83a8ed415a0af5f5e1b92bd7eba83c94418f068c87aee3a2a6c0aa2f70cdb1c_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:12e2005d9402116dd740f2c0bece212fc17a319862d84780d9d491cdc563e83c_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:4b2bbb4058d59241281a66bfb93f7828991c5947cc82b63812e67a2c17533824_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:6a9d0b641d5c5583a1d0a8bc2ab6cf70210d09506640e0f3910214b0abeed016_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:10eeb829065e404a5232a9a4d33f238556958e03b827d3c88dbb7a859d20a3d6_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:6cd8653ccb833a2175c5fb691ca1718a66b9885304cc15bbf14db789e17baffd_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:90818fa0d83c71c7312964b559ba57637f6684d3956280e616608a3384a18df9_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:355567de35493ef1122e8a60385828c98ba62272aaf60d4ab6336466418ec6c9_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:3fcd7214658eefa2ee8df68fa84468b88c6f967c2685de7b1dcf51ead3bd3384_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:59317dcd8a520e3840ac191c634ec808339e7ac2779652530bbe35d5206a19d3_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:4068b92d696b38aaf9a5e02d7286caf3d0b850b445c83f604693e71bd8b99fc1_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:52055750c7ebac6cc8da8094476048485f2d588b13e52bc6ae2aeda27e775276_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:cec628e76d2b083fe3bdd0633fbe9512f93879bac8415a737c5b724daf6aecdc_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:06fd6c23e567a898abe781090c28d4fb21c659ecfbc3ab7be67239295979ab62_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7e4a97c0ad170ecffcf78809580bff38158feca5967f53272848e758aed80577_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b684f6d10a29563ba568a4a764498898d60cfe6cd3ffb0baac288bf9103b440d_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3dba7e060bd7940b58e64ddf9d5fcfa8295161bbd9ae685f75b4a98a652f0060_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:6f9bcb1ef6528a8fb81d8d1dfa82afbcc736a7e3d92750bf3d26aaf3fa8d7305_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:db4cbc0724e42f3e788a6de15af4e41ae85492bc230e01ea67b6954a08bad41c_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:01dbb08c96001b53359e40ca056250cf3a2a601885f85164a8471960284332e2_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:08ff0cc9c396ab7764d79c1749cbaadd09cf9f2d947f8559d9a122a54c9e7cb8_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3253ba914c3e0b7a2d50d2881b475bbf4b2e78800ba590fef3a0d3c9f91ec55f_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:5b6b617e4a2af756b1e41ba198f6d89b89b38bb00fc7836ab7ac7bda16628edf_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:9e0be36291581bd67c9e0ed2f1c204cfff143b8f37bb2d83a7e2e64901f174bd_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:a00fa2c64f90bc4f7c6cbc7e2e6e1eaa72ca249bf25f7f9fb08edbbfad5fbd73_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:26e9cc34a94311d166886604f9ad021b70cfc10b1b6033b0146d4a8c41fc0053_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8d99d2b7f487b201f8b22b4cd208bd8708bd4024a8b71cda0a857352d8fa9519_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a65370286ed1706fbc57b93ed628c3deea455cf0b9d68e84af1f3fd6dc3d7a5d_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "go-git: Maliciously crafted Git server replies can lead to path traversal and RCE on go-git clients"
},
{
"cve": "CVE-2024-26147",
"cwe": {
"id": "CWE-457",
"name": "Use of Uninitialized Variable"
},
"discovery_date": "2024-02-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2265440"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Helm. This flaw may lead to a panic when Helm parses index and plugin yaml files missing expected content, leading to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "helm: Missing YAML Content Leads To Panic",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat rates this as Moderate since this would impact the Helm client and requires a malicious plugin to be in place, which can be removed.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:736e3e62434ec2a5839d49b343543eaa7ccb20711e6165e0bb158c82e74b2cbc_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:91cdf66dc5d25146583cf884a3ccebe2103f1a3796033b821079b132ee1a4079_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ef866fef476c2c3ba1288feb26efc396ccc59bf85825cffd9ce28e541115d4b_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:686ad91f440de57326855aa496f83deb40cbaf2095eec1a20eb1c8024a1f3879_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:a6748d3781ec5cef04928646aed6eeb6d13f9552cb0978bc513968de03d04693_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:d83a8ed415a0af5f5e1b92bd7eba83c94418f068c87aee3a2a6c0aa2f70cdb1c_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:12e2005d9402116dd740f2c0bece212fc17a319862d84780d9d491cdc563e83c_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:4b2bbb4058d59241281a66bfb93f7828991c5947cc82b63812e67a2c17533824_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:6a9d0b641d5c5583a1d0a8bc2ab6cf70210d09506640e0f3910214b0abeed016_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:10eeb829065e404a5232a9a4d33f238556958e03b827d3c88dbb7a859d20a3d6_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:6cd8653ccb833a2175c5fb691ca1718a66b9885304cc15bbf14db789e17baffd_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:90818fa0d83c71c7312964b559ba57637f6684d3956280e616608a3384a18df9_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:355567de35493ef1122e8a60385828c98ba62272aaf60d4ab6336466418ec6c9_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:3fcd7214658eefa2ee8df68fa84468b88c6f967c2685de7b1dcf51ead3bd3384_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:59317dcd8a520e3840ac191c634ec808339e7ac2779652530bbe35d5206a19d3_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:4068b92d696b38aaf9a5e02d7286caf3d0b850b445c83f604693e71bd8b99fc1_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:52055750c7ebac6cc8da8094476048485f2d588b13e52bc6ae2aeda27e775276_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:cec628e76d2b083fe3bdd0633fbe9512f93879bac8415a737c5b724daf6aecdc_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:06fd6c23e567a898abe781090c28d4fb21c659ecfbc3ab7be67239295979ab62_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7e4a97c0ad170ecffcf78809580bff38158feca5967f53272848e758aed80577_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b684f6d10a29563ba568a4a764498898d60cfe6cd3ffb0baac288bf9103b440d_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3dba7e060bd7940b58e64ddf9d5fcfa8295161bbd9ae685f75b4a98a652f0060_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:6f9bcb1ef6528a8fb81d8d1dfa82afbcc736a7e3d92750bf3d26aaf3fa8d7305_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:db4cbc0724e42f3e788a6de15af4e41ae85492bc230e01ea67b6954a08bad41c_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:01dbb08c96001b53359e40ca056250cf3a2a601885f85164a8471960284332e2_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:08ff0cc9c396ab7764d79c1749cbaadd09cf9f2d947f8559d9a122a54c9e7cb8_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3253ba914c3e0b7a2d50d2881b475bbf4b2e78800ba590fef3a0d3c9f91ec55f_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:5b6b617e4a2af756b1e41ba198f6d89b89b38bb00fc7836ab7ac7bda16628edf_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:9e0be36291581bd67c9e0ed2f1c204cfff143b8f37bb2d83a7e2e64901f174bd_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:a00fa2c64f90bc4f7c6cbc7e2e6e1eaa72ca249bf25f7f9fb08edbbfad5fbd73_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:26e9cc34a94311d166886604f9ad021b70cfc10b1b6033b0146d4a8c41fc0053_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8d99d2b7f487b201f8b22b4cd208bd8708bd4024a8b71cda0a857352d8fa9519_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a65370286ed1706fbc57b93ed628c3deea455cf0b9d68e84af1f3fd6dc3d7a5d_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-26147"
},
{
"category": "external",
"summary": "RHBZ#2265440",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2265440"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-26147",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26147"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-26147",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-26147"
},
{
"category": "external",
"summary": "https://github.com/helm/helm/security/advisories/GHSA-r53h-jv2g-vpx6",
"url": "https://github.com/helm/helm/security/advisories/GHSA-r53h-jv2g-vpx6"
}
],
"release_date": "2024-02-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-03-27T18:47:27+00:00",
"details": "If you are using an earlier version of RHACS 4.3, you are advised to upgrade to patch release 4.3.6.",
"product_ids": [
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:736e3e62434ec2a5839d49b343543eaa7ccb20711e6165e0bb158c82e74b2cbc_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:91cdf66dc5d25146583cf884a3ccebe2103f1a3796033b821079b132ee1a4079_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ef866fef476c2c3ba1288feb26efc396ccc59bf85825cffd9ce28e541115d4b_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:686ad91f440de57326855aa496f83deb40cbaf2095eec1a20eb1c8024a1f3879_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:a6748d3781ec5cef04928646aed6eeb6d13f9552cb0978bc513968de03d04693_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:d83a8ed415a0af5f5e1b92bd7eba83c94418f068c87aee3a2a6c0aa2f70cdb1c_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:12e2005d9402116dd740f2c0bece212fc17a319862d84780d9d491cdc563e83c_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:4b2bbb4058d59241281a66bfb93f7828991c5947cc82b63812e67a2c17533824_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:6a9d0b641d5c5583a1d0a8bc2ab6cf70210d09506640e0f3910214b0abeed016_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:10eeb829065e404a5232a9a4d33f238556958e03b827d3c88dbb7a859d20a3d6_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:6cd8653ccb833a2175c5fb691ca1718a66b9885304cc15bbf14db789e17baffd_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:90818fa0d83c71c7312964b559ba57637f6684d3956280e616608a3384a18df9_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:355567de35493ef1122e8a60385828c98ba62272aaf60d4ab6336466418ec6c9_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:3fcd7214658eefa2ee8df68fa84468b88c6f967c2685de7b1dcf51ead3bd3384_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:59317dcd8a520e3840ac191c634ec808339e7ac2779652530bbe35d5206a19d3_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:4068b92d696b38aaf9a5e02d7286caf3d0b850b445c83f604693e71bd8b99fc1_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:52055750c7ebac6cc8da8094476048485f2d588b13e52bc6ae2aeda27e775276_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:cec628e76d2b083fe3bdd0633fbe9512f93879bac8415a737c5b724daf6aecdc_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:06fd6c23e567a898abe781090c28d4fb21c659ecfbc3ab7be67239295979ab62_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7e4a97c0ad170ecffcf78809580bff38158feca5967f53272848e758aed80577_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b684f6d10a29563ba568a4a764498898d60cfe6cd3ffb0baac288bf9103b440d_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3dba7e060bd7940b58e64ddf9d5fcfa8295161bbd9ae685f75b4a98a652f0060_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:6f9bcb1ef6528a8fb81d8d1dfa82afbcc736a7e3d92750bf3d26aaf3fa8d7305_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:db4cbc0724e42f3e788a6de15af4e41ae85492bc230e01ea67b6954a08bad41c_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:01dbb08c96001b53359e40ca056250cf3a2a601885f85164a8471960284332e2_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:08ff0cc9c396ab7764d79c1749cbaadd09cf9f2d947f8559d9a122a54c9e7cb8_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3253ba914c3e0b7a2d50d2881b475bbf4b2e78800ba590fef3a0d3c9f91ec55f_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:5b6b617e4a2af756b1e41ba198f6d89b89b38bb00fc7836ab7ac7bda16628edf_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:9e0be36291581bd67c9e0ed2f1c204cfff143b8f37bb2d83a7e2e64901f174bd_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:a00fa2c64f90bc4f7c6cbc7e2e6e1eaa72ca249bf25f7f9fb08edbbfad5fbd73_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:26e9cc34a94311d166886604f9ad021b70cfc10b1b6033b0146d4a8c41fc0053_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8d99d2b7f487b201f8b22b4cd208bd8708bd4024a8b71cda0a857352d8fa9519_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a65370286ed1706fbc57b93ed628c3deea455cf0b9d68e84af1f3fd6dc3d7a5d_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:1549"
},
{
"category": "workaround",
"details": "If a malicious plugin has been added which is causing all Helm client commands to panic, the malicious plugin can be manually removed from the filesystem.\n\nIf using Helm SDK versions prior to 3.14.2, calls to affected functions can use recover to catch the panic.",
"product_ids": [
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:736e3e62434ec2a5839d49b343543eaa7ccb20711e6165e0bb158c82e74b2cbc_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:91cdf66dc5d25146583cf884a3ccebe2103f1a3796033b821079b132ee1a4079_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ef866fef476c2c3ba1288feb26efc396ccc59bf85825cffd9ce28e541115d4b_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:686ad91f440de57326855aa496f83deb40cbaf2095eec1a20eb1c8024a1f3879_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:a6748d3781ec5cef04928646aed6eeb6d13f9552cb0978bc513968de03d04693_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:d83a8ed415a0af5f5e1b92bd7eba83c94418f068c87aee3a2a6c0aa2f70cdb1c_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:12e2005d9402116dd740f2c0bece212fc17a319862d84780d9d491cdc563e83c_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:4b2bbb4058d59241281a66bfb93f7828991c5947cc82b63812e67a2c17533824_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:6a9d0b641d5c5583a1d0a8bc2ab6cf70210d09506640e0f3910214b0abeed016_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:10eeb829065e404a5232a9a4d33f238556958e03b827d3c88dbb7a859d20a3d6_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:6cd8653ccb833a2175c5fb691ca1718a66b9885304cc15bbf14db789e17baffd_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:90818fa0d83c71c7312964b559ba57637f6684d3956280e616608a3384a18df9_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:355567de35493ef1122e8a60385828c98ba62272aaf60d4ab6336466418ec6c9_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:3fcd7214658eefa2ee8df68fa84468b88c6f967c2685de7b1dcf51ead3bd3384_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:59317dcd8a520e3840ac191c634ec808339e7ac2779652530bbe35d5206a19d3_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:4068b92d696b38aaf9a5e02d7286caf3d0b850b445c83f604693e71bd8b99fc1_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:52055750c7ebac6cc8da8094476048485f2d588b13e52bc6ae2aeda27e775276_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:cec628e76d2b083fe3bdd0633fbe9512f93879bac8415a737c5b724daf6aecdc_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:06fd6c23e567a898abe781090c28d4fb21c659ecfbc3ab7be67239295979ab62_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7e4a97c0ad170ecffcf78809580bff38158feca5967f53272848e758aed80577_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b684f6d10a29563ba568a4a764498898d60cfe6cd3ffb0baac288bf9103b440d_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3dba7e060bd7940b58e64ddf9d5fcfa8295161bbd9ae685f75b4a98a652f0060_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:6f9bcb1ef6528a8fb81d8d1dfa82afbcc736a7e3d92750bf3d26aaf3fa8d7305_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:db4cbc0724e42f3e788a6de15af4e41ae85492bc230e01ea67b6954a08bad41c_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:01dbb08c96001b53359e40ca056250cf3a2a601885f85164a8471960284332e2_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:08ff0cc9c396ab7764d79c1749cbaadd09cf9f2d947f8559d9a122a54c9e7cb8_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3253ba914c3e0b7a2d50d2881b475bbf4b2e78800ba590fef3a0d3c9f91ec55f_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:5b6b617e4a2af756b1e41ba198f6d89b89b38bb00fc7836ab7ac7bda16628edf_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:9e0be36291581bd67c9e0ed2f1c204cfff143b8f37bb2d83a7e2e64901f174bd_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:a00fa2c64f90bc4f7c6cbc7e2e6e1eaa72ca249bf25f7f9fb08edbbfad5fbd73_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:26e9cc34a94311d166886604f9ad021b70cfc10b1b6033b0146d4a8c41fc0053_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8d99d2b7f487b201f8b22b4cd208bd8708bd4024a8b71cda0a857352d8fa9519_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a65370286ed1706fbc57b93ed628c3deea455cf0b9d68e84af1f3fd6dc3d7a5d_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:736e3e62434ec2a5839d49b343543eaa7ccb20711e6165e0bb158c82e74b2cbc_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:91cdf66dc5d25146583cf884a3ccebe2103f1a3796033b821079b132ee1a4079_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-central-db-rhel8@sha256:9ef866fef476c2c3ba1288feb26efc396ccc59bf85825cffd9ce28e541115d4b_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:686ad91f440de57326855aa496f83deb40cbaf2095eec1a20eb1c8024a1f3879_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:a6748d3781ec5cef04928646aed6eeb6d13f9552cb0978bc513968de03d04693_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-rhel8@sha256:d83a8ed415a0af5f5e1b92bd7eba83c94418f068c87aee3a2a6c0aa2f70cdb1c_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:12e2005d9402116dd740f2c0bece212fc17a319862d84780d9d491cdc563e83c_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:4b2bbb4058d59241281a66bfb93f7828991c5947cc82b63812e67a2c17533824_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-collector-slim-rhel8@sha256:6a9d0b641d5c5583a1d0a8bc2ab6cf70210d09506640e0f3910214b0abeed016_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:10eeb829065e404a5232a9a4d33f238556958e03b827d3c88dbb7a859d20a3d6_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:6cd8653ccb833a2175c5fb691ca1718a66b9885304cc15bbf14db789e17baffd_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-main-rhel8@sha256:90818fa0d83c71c7312964b559ba57637f6684d3956280e616608a3384a18df9_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:355567de35493ef1122e8a60385828c98ba62272aaf60d4ab6336466418ec6c9_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:3fcd7214658eefa2ee8df68fa84468b88c6f967c2685de7b1dcf51ead3bd3384_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-operator-bundle@sha256:59317dcd8a520e3840ac191c634ec808339e7ac2779652530bbe35d5206a19d3_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:4068b92d696b38aaf9a5e02d7286caf3d0b850b445c83f604693e71bd8b99fc1_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:52055750c7ebac6cc8da8094476048485f2d588b13e52bc6ae2aeda27e775276_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-rhel8-operator@sha256:cec628e76d2b083fe3bdd0633fbe9512f93879bac8415a737c5b724daf6aecdc_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:06fd6c23e567a898abe781090c28d4fb21c659ecfbc3ab7be67239295979ab62_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:7e4a97c0ad170ecffcf78809580bff38158feca5967f53272848e758aed80577_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-roxctl-rhel8@sha256:b684f6d10a29563ba568a4a764498898d60cfe6cd3ffb0baac288bf9103b440d_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:3dba7e060bd7940b58e64ddf9d5fcfa8295161bbd9ae685f75b4a98a652f0060_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:6f9bcb1ef6528a8fb81d8d1dfa82afbcc736a7e3d92750bf3d26aaf3fa8d7305_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:db4cbc0724e42f3e788a6de15af4e41ae85492bc230e01ea67b6954a08bad41c_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:01dbb08c96001b53359e40ca056250cf3a2a601885f85164a8471960284332e2_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:08ff0cc9c396ab7764d79c1749cbaadd09cf9f2d947f8559d9a122a54c9e7cb8_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:3253ba914c3e0b7a2d50d2881b475bbf4b2e78800ba590fef3a0d3c9f91ec55f_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:5b6b617e4a2af756b1e41ba198f6d89b89b38bb00fc7836ab7ac7bda16628edf_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:9e0be36291581bd67c9e0ed2f1c204cfff143b8f37bb2d83a7e2e64901f174bd_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-rhel8@sha256:a00fa2c64f90bc4f7c6cbc7e2e6e1eaa72ca249bf25f7f9fb08edbbfad5fbd73_s390x",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:26e9cc34a94311d166886604f9ad021b70cfc10b1b6033b0146d4a8c41fc0053_ppc64le",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8d99d2b7f487b201f8b22b4cd208bd8708bd4024a8b71cda0a857352d8fa9519_amd64",
"8Base-RHACS-4.3:advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:a65370286ed1706fbc57b93ed628c3deea455cf0b9d68e84af1f3fd6dc3d7a5d_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "helm: Missing YAML Content Leads To Panic"
}
]
}
Loading…
Show additional events:
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…