Action not permitted
Modal body text goes here.
cve-2018-12608
Vulnerability from cvelistv5
Published
2018-09-10 17:00
Modified
2024-08-05 08:38
Severity ?
EPSS score ?
Summary
An issue was discovered in Docker Moby before 17.06.0. The Docker engine validated a client TLS certificate using both the configured client CA root certificate and all system roots on non-Windows systems. This allowed a client with any domain validated certificate signed by a system-trusted root CA (as opposed to one signed by the configured CA root certificate) to authenticate.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/moby/moby/pull/33182 | Patch, Third Party Advisory |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T08:38:06.338Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/moby/moby/pull/33182"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-09-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in Docker Moby before 17.06.0. The Docker engine validated a client TLS certificate using both the configured client CA root certificate and all system roots on non-Windows systems. This allowed a client with any domain validated certificate signed by a system-trusted root CA (as opposed to one signed by the configured CA root certificate) to authenticate."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-09-10T17:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/moby/moby/pull/33182"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-12608",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Docker Moby before 17.06.0. The Docker engine validated a client TLS certificate using both the configured client CA root certificate and all system roots on non-Windows systems. This allowed a client with any domain validated certificate signed by a system-trusted root CA (as opposed to one signed by the configured CA root certificate) to authenticate."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/moby/moby/pull/33182",
"refsource": "MISC",
"url": "https://github.com/moby/moby/pull/33182"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-12608",
"datePublished": "2018-09-10T17:00:00",
"dateReserved": "2018-06-21T00:00:00",
"dateUpdated": "2024-08-05T08:38:06.338Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2018-12608\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2018-09-10T17:29:00.287\",\"lastModified\":\"2018-11-19T16:29:35.430\",\"vulnStatus\":\"Analyzed\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"An issue was discovered in Docker Moby before 17.06.0. The Docker engine validated a client TLS certificate using both the configured client CA root certificate and all system roots on non-Windows systems. This allowed a client with any domain validated certificate signed by a system-trusted root CA (as opposed to one signed by the configured CA root certificate) to authenticate.\"},{\"lang\":\"es\",\"value\":\"Se ha descubierto un problema en Docker Moby, en versiones anteriores a la 17.06.0. EL motor Docker valid\u00f3 el certificado TLS del cliente mediante el certificado root del CA del cliente configurado y todos los roots del sistema en sistemas que no son Windows. Esto permiti\u00f3 que un cliente con cualquier certificado de dominio validado por una CA root en la que conf\u00eda el sistema (al contrario que otro firmado por la CA root configurada) para autenticarse\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:P/A:N\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\",\"baseScore\":5.0},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-295\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mobyproject:moby:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"17.06.0\",\"matchCriteriaId\":\"779519D6-D1A3-464C-9ECD-601E87099FFD\"}]}]}],\"references\":[{\"url\":\"https://github.com/moby/moby/pull/33182\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]}]}}"
}
}
rhsa-2024_5094
Vulnerability from csaf_redhat
Published
2024-08-07 15:39
Modified
2024-11-13 21:13
Summary
Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.6.0 security update
Notes
Topic
Red Hat OpenShift Service Mesh Containers for 2.6.0
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.
Security Fix(es):
* quic-go: memory exhaustion attack against QUIC's connection ID mechanism(CVE-2024-22189)
* moby: cert signing bypass(CVE-2018-12608)
* golang: archive/zip: Incorrect handling of certain ZIP files(CVE-2024-24789)
* jose: resource exhaustion(CVE-2024-28176)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Service Mesh Containers for 2.6.0 \n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Service Mesh is Red Hat\u0027s distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.\n\nSecurity Fix(es):\n\n* quic-go: memory exhaustion attack against QUIC\u0027s connection ID mechanism(CVE-2024-22189)\n* moby: cert signing bypass(CVE-2018-12608)\n* golang: archive/zip: Incorrect handling of certain ZIP files(CVE-2024-24789)\n* jose: resource exhaustion(CVE-2024-28176)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:5094",
"url": "https://access.redhat.com/errata/RHSA-2024:5094"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2268820",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268820"
},
{
"category": "external",
"summary": "2273513",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273513"
},
{
"category": "external",
"summary": "2275812",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275812"
},
{
"category": "external",
"summary": "2292668",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292668"
},
{
"category": "external",
"summary": "OSSM-2101",
"url": "https://issues.redhat.com/browse/OSSM-2101"
},
{
"category": "external",
"summary": "OSSM-5687",
"url": "https://issues.redhat.com/browse/OSSM-5687"
},
{
"category": "external",
"summary": "OSSM-5854",
"url": "https://issues.redhat.com/browse/OSSM-5854"
},
{
"category": "external",
"summary": "OSSM-6009",
"url": "https://issues.redhat.com/browse/OSSM-6009"
},
{
"category": "external",
"summary": "OSSM-6296",
"url": "https://issues.redhat.com/browse/OSSM-6296"
},
{
"category": "external",
"summary": "OSSM-6336",
"url": "https://issues.redhat.com/browse/OSSM-6336"
},
{
"category": "external",
"summary": "OSSM-6391",
"url": "https://issues.redhat.com/browse/OSSM-6391"
},
{
"category": "external",
"summary": "OSSM-6682",
"url": "https://issues.redhat.com/browse/OSSM-6682"
},
{
"category": "external",
"summary": "OSSM-6693",
"url": "https://issues.redhat.com/browse/OSSM-6693"
},
{
"category": "external",
"summary": "OSSM-6699",
"url": "https://issues.redhat.com/browse/OSSM-6699"
},
{
"category": "external",
"summary": "OSSM-6700",
"url": "https://issues.redhat.com/browse/OSSM-6700"
},
{
"category": "external",
"summary": "OSSM-6703",
"url": "https://issues.redhat.com/browse/OSSM-6703"
},
{
"category": "external",
"summary": "OSSM-6762",
"url": "https://issues.redhat.com/browse/OSSM-6762"
},
{
"category": "external",
"summary": "OSSM-6769",
"url": "https://issues.redhat.com/browse/OSSM-6769"
},
{
"category": "external",
"summary": "OSSM-6774",
"url": "https://issues.redhat.com/browse/OSSM-6774"
},
{
"category": "external",
"summary": "OSSM-6777",
"url": "https://issues.redhat.com/browse/OSSM-6777"
},
{
"category": "external",
"summary": "OSSM-6781",
"url": "https://issues.redhat.com/browse/OSSM-6781"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_5094.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.6.0 security update",
"tracking": {
"current_release_date": "2024-11-13T21:13:41+00:00",
"generator": {
"date": "2024-11-13T21:13:41+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.0"
}
},
"id": "RHSA-2024:5094",
"initial_release_date": "2024-08-07T15:39:25+00:00",
"revision_history": [
{
"date": "2024-08-07T15:39:25+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-08-07T15:39:25+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-13T21:13:41+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "RHOSSM 2.6 for RHEL 8",
"product": {
"name": "RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_mesh:2.6::el8"
}
}
},
{
"category": "product_name",
"name": "RHOSSM 2.6 for RHEL 9",
"product": {
"name": "RHOSSM 2.6 for RHEL 9",
"product_id": "9Base-RHOSSM-2.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:service_mesh:2.6::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Service Mesh"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:084b7af79fce2ccd8e9291054e727cd536b2e8d0392d6fae41070acc640dda7d_s390x",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:084b7af79fce2ccd8e9291054e727cd536b2e8d0392d6fae41070acc640dda7d_s390x",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:084b7af79fce2ccd8e9291054e727cd536b2e8d0392d6fae41070acc640dda7d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:084b7af79fce2ccd8e9291054e727cd536b2e8d0392d6fae41070acc640dda7d?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.73.10-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:407b37dd42635c1d11de7cca69e620c140416a401c1a608d5e8f06a18ff51374_s390x",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:407b37dd42635c1d11de7cca69e620c140416a401c1a608d5e8f06a18ff51374_s390x",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:407b37dd42635c1d11de7cca69e620c140416a401c1a608d5e8f06a18ff51374_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:407b37dd42635c1d11de7cca69e620c140416a401c1a608d5e8f06a18ff51374?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.6.0-21"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:4f73fc9525b461cb31c7f76a776b3ba6d586de87e763f3dace8edea1031d2dd8_s390x",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:4f73fc9525b461cb31c7f76a776b3ba6d586de87e763f3dace8edea1031d2dd8_s390x",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:4f73fc9525b461cb31c7f76a776b3ba6d586de87e763f3dace8edea1031d2dd8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:4f73fc9525b461cb31c7f76a776b3ba6d586de87e763f3dace8edea1031d2dd8?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.6.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:4d0c6c49b2c660d5ed04273cfcd5e01444c7c479432c374ecbcb4b99334b2ac9_s390x",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:4d0c6c49b2c660d5ed04273cfcd5e01444c7c479432c374ecbcb4b99334b2ac9_s390x",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:4d0c6c49b2c660d5ed04273cfcd5e01444c7c479432c374ecbcb4b99334b2ac9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:4d0c6c49b2c660d5ed04273cfcd5e01444c7c479432c374ecbcb4b99334b2ac9?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.73.9-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:cdf3a7e2f5e76c59d9b3228daeabce86478693f7311ff44db0b0bbe41d9cc310_s390x",
"product": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:cdf3a7e2f5e76c59d9b3228daeabce86478693f7311ff44db0b0bbe41d9cc310_s390x",
"product_id": "openshift-service-mesh/kiali-rhel8-operator@sha256:cdf3a7e2f5e76c59d9b3228daeabce86478693f7311ff44db0b0bbe41d9cc310_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8-operator@sha256:cdf3a7e2f5e76c59d9b3228daeabce86478693f7311ff44db0b0bbe41d9cc310?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8-operator\u0026tag=1.73.10-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:dbbcfdcdd4b7dca0363140675ccbf5a7e17cf6671e9c7d0858309eaa9e3e35bb_s390x",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:dbbcfdcdd4b7dca0363140675ccbf5a7e17cf6671e9c7d0858309eaa9e3e35bb_s390x",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:dbbcfdcdd4b7dca0363140675ccbf5a7e17cf6671e9c7d0858309eaa9e3e35bb_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:dbbcfdcdd4b7dca0363140675ccbf5a7e17cf6671e9c7d0858309eaa9e3e35bb?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.6.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:abf18be2515f0e0bdf54c29e96c517043e23a248b84b72a7c77fb6627535435a_s390x",
"product": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:abf18be2515f0e0bdf54c29e96c517043e23a248b84b72a7c77fb6627535435a_s390x",
"product_id": "openshift-service-mesh/istio-rhel8-operator@sha256:abf18be2515f0e0bdf54c29e96c517043e23a248b84b72a7c77fb6627535435a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel8-operator@sha256:abf18be2515f0e0bdf54c29e96c517043e23a248b84b72a7c77fb6627535435a?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel8-operator\u0026tag=2.6.0-27"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:099a9a6e6ecc221ce47fe8da358fb90caf1de22cc90353adbd2f4073e3a8c962_s390x",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:099a9a6e6ecc221ce47fe8da358fb90caf1de22cc90353adbd2f4073e3a8c962_s390x",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:099a9a6e6ecc221ce47fe8da358fb90caf1de22cc90353adbd2f4073e3a8c962_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:099a9a6e6ecc221ce47fe8da358fb90caf1de22cc90353adbd2f4073e3a8c962?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.6.0-19"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:7672a4b3475e71674897eb4c2d47c84bd7151ff71716d19dd29d8e140bc7b2ec_s390x",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:7672a4b3475e71674897eb4c2d47c84bd7151ff71716d19dd29d8e140bc7b2ec_s390x",
"product_id": "openshift-service-mesh/proxyv2-rhel9@sha256:7672a4b3475e71674897eb4c2d47c84bd7151ff71716d19dd29d8e140bc7b2ec_s390x",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel9@sha256:7672a4b3475e71674897eb4c2d47c84bd7151ff71716d19dd29d8e140bc7b2ec?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel9\u0026tag=2.6.0-18"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:f4d5e0ab476f92e9985e86c0a6200f82e60972df12976c2ca64ff596c8e84bd0_s390x",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:f4d5e0ab476f92e9985e86c0a6200f82e60972df12976c2ca64ff596c8e84bd0_s390x",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:f4d5e0ab476f92e9985e86c0a6200f82e60972df12976c2ca64ff596c8e84bd0_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:f4d5e0ab476f92e9985e86c0a6200f82e60972df12976c2ca64ff596c8e84bd0?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.6.0-8"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:392e140789a39e10526de2cae19316759ff36c954c7b0e8d88fac91556be3bf0_arm64",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:392e140789a39e10526de2cae19316759ff36c954c7b0e8d88fac91556be3bf0_arm64",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:392e140789a39e10526de2cae19316759ff36c954c7b0e8d88fac91556be3bf0_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:392e140789a39e10526de2cae19316759ff36c954c7b0e8d88fac91556be3bf0?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.73.10-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:49542fec00ff65d1d4d27849c67468fb5d0b1314f7a9010d67c0dbbf55c1306b_arm64",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:49542fec00ff65d1d4d27849c67468fb5d0b1314f7a9010d67c0dbbf55c1306b_arm64",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:49542fec00ff65d1d4d27849c67468fb5d0b1314f7a9010d67c0dbbf55c1306b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:49542fec00ff65d1d4d27849c67468fb5d0b1314f7a9010d67c0dbbf55c1306b?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.6.0-21"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:a312eee18c620e4b7c19258d2619b732a4fdf48320a04d8e216a018b99e046d7_arm64",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:a312eee18c620e4b7c19258d2619b732a4fdf48320a04d8e216a018b99e046d7_arm64",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:a312eee18c620e4b7c19258d2619b732a4fdf48320a04d8e216a018b99e046d7_arm64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:a312eee18c620e4b7c19258d2619b732a4fdf48320a04d8e216a018b99e046d7?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.6.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:c0bb751d102763412fc936fb3b69a45e477bc2c0aa71b5f6fa5c0f69a94d8767_arm64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:c0bb751d102763412fc936fb3b69a45e477bc2c0aa71b5f6fa5c0f69a94d8767_arm64",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:c0bb751d102763412fc936fb3b69a45e477bc2c0aa71b5f6fa5c0f69a94d8767_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:c0bb751d102763412fc936fb3b69a45e477bc2c0aa71b5f6fa5c0f69a94d8767?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.73.9-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:5f070c96656b4e01a691caa916dcf81fb34c153d192d26acec7c08cc7f9d6fda_arm64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:5f070c96656b4e01a691caa916dcf81fb34c153d192d26acec7c08cc7f9d6fda_arm64",
"product_id": "openshift-service-mesh/kiali-rhel8-operator@sha256:5f070c96656b4e01a691caa916dcf81fb34c153d192d26acec7c08cc7f9d6fda_arm64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8-operator@sha256:5f070c96656b4e01a691caa916dcf81fb34c153d192d26acec7c08cc7f9d6fda?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8-operator\u0026tag=1.73.10-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:6327e0c83d4f21f33053bdc92a8091cfd7a53f272f57f3fa8e045611229f98ba_arm64",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:6327e0c83d4f21f33053bdc92a8091cfd7a53f272f57f3fa8e045611229f98ba_arm64",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:6327e0c83d4f21f33053bdc92a8091cfd7a53f272f57f3fa8e045611229f98ba_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:6327e0c83d4f21f33053bdc92a8091cfd7a53f272f57f3fa8e045611229f98ba?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.6.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:c0341aec6013018cc7f97d4a9ac1ea4537a7fee8dbe473958ceab0f67e8bc502_arm64",
"product": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:c0341aec6013018cc7f97d4a9ac1ea4537a7fee8dbe473958ceab0f67e8bc502_arm64",
"product_id": "openshift-service-mesh/istio-rhel8-operator@sha256:c0341aec6013018cc7f97d4a9ac1ea4537a7fee8dbe473958ceab0f67e8bc502_arm64",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel8-operator@sha256:c0341aec6013018cc7f97d4a9ac1ea4537a7fee8dbe473958ceab0f67e8bc502?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel8-operator\u0026tag=2.6.0-27"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:df0b0c0364bbe30220bd92c24ba41c54d4b871503e6b4ccdc8b7991031830637_arm64",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:df0b0c0364bbe30220bd92c24ba41c54d4b871503e6b4ccdc8b7991031830637_arm64",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:df0b0c0364bbe30220bd92c24ba41c54d4b871503e6b4ccdc8b7991031830637_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:df0b0c0364bbe30220bd92c24ba41c54d4b871503e6b4ccdc8b7991031830637?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.6.0-19"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:823118b612b0bfc3c10d1ad07d65236a8e21d703e64a09c5bdc9377fc0e7cf47_arm64",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:823118b612b0bfc3c10d1ad07d65236a8e21d703e64a09c5bdc9377fc0e7cf47_arm64",
"product_id": "openshift-service-mesh/proxyv2-rhel9@sha256:823118b612b0bfc3c10d1ad07d65236a8e21d703e64a09c5bdc9377fc0e7cf47_arm64",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel9@sha256:823118b612b0bfc3c10d1ad07d65236a8e21d703e64a09c5bdc9377fc0e7cf47?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel9\u0026tag=2.6.0-18"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:911f2c0b5159f6c13c6f4dc958ac66e987cab2b091f55e75b998d95cc1ae3e72_arm64",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:911f2c0b5159f6c13c6f4dc958ac66e987cab2b091f55e75b998d95cc1ae3e72_arm64",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:911f2c0b5159f6c13c6f4dc958ac66e987cab2b091f55e75b998d95cc1ae3e72_arm64",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:911f2c0b5159f6c13c6f4dc958ac66e987cab2b091f55e75b998d95cc1ae3e72?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.6.0-8"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:86b5406c483065ae2085721e6069f36767d6dc512d8f885ac02660955fb5fbed_ppc64le",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:86b5406c483065ae2085721e6069f36767d6dc512d8f885ac02660955fb5fbed_ppc64le",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:86b5406c483065ae2085721e6069f36767d6dc512d8f885ac02660955fb5fbed_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:86b5406c483065ae2085721e6069f36767d6dc512d8f885ac02660955fb5fbed?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.73.10-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:7d8a4815dee1f4e109876d47184b669e81dc22421b602f2beef48588f414743e_ppc64le",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:7d8a4815dee1f4e109876d47184b669e81dc22421b602f2beef48588f414743e_ppc64le",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:7d8a4815dee1f4e109876d47184b669e81dc22421b602f2beef48588f414743e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:7d8a4815dee1f4e109876d47184b669e81dc22421b602f2beef48588f414743e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.6.0-21"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:677746a7132573b2b40658fad4801cbe3d0381079f2d6cd7ee508318d75e6ad0_ppc64le",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:677746a7132573b2b40658fad4801cbe3d0381079f2d6cd7ee508318d75e6ad0_ppc64le",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:677746a7132573b2b40658fad4801cbe3d0381079f2d6cd7ee508318d75e6ad0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:677746a7132573b2b40658fad4801cbe3d0381079f2d6cd7ee508318d75e6ad0?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.6.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:4f581fd9388ba9256a34b85296a8f3728826804bd9f59fe0f8832d91c3ecc8ae_ppc64le",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:4f581fd9388ba9256a34b85296a8f3728826804bd9f59fe0f8832d91c3ecc8ae_ppc64le",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:4f581fd9388ba9256a34b85296a8f3728826804bd9f59fe0f8832d91c3ecc8ae_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:4f581fd9388ba9256a34b85296a8f3728826804bd9f59fe0f8832d91c3ecc8ae?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.73.9-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:09d04d86a4e646d6e45e57893d383432fa966ac536e460ff6fdd375c939d96ca_ppc64le",
"product": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:09d04d86a4e646d6e45e57893d383432fa966ac536e460ff6fdd375c939d96ca_ppc64le",
"product_id": "openshift-service-mesh/kiali-rhel8-operator@sha256:09d04d86a4e646d6e45e57893d383432fa966ac536e460ff6fdd375c939d96ca_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8-operator@sha256:09d04d86a4e646d6e45e57893d383432fa966ac536e460ff6fdd375c939d96ca?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8-operator\u0026tag=1.73.10-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:0172d2aefc611c66c1ceac5acbe771b0109944024ccaa1534a992c154cc70186_ppc64le",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:0172d2aefc611c66c1ceac5acbe771b0109944024ccaa1534a992c154cc70186_ppc64le",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:0172d2aefc611c66c1ceac5acbe771b0109944024ccaa1534a992c154cc70186_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:0172d2aefc611c66c1ceac5acbe771b0109944024ccaa1534a992c154cc70186?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.6.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:28a794322e00582e5d74c3a7e0934735652d09ae83ac59f925434a8e2f32ca81_ppc64le",
"product": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:28a794322e00582e5d74c3a7e0934735652d09ae83ac59f925434a8e2f32ca81_ppc64le",
"product_id": "openshift-service-mesh/istio-rhel8-operator@sha256:28a794322e00582e5d74c3a7e0934735652d09ae83ac59f925434a8e2f32ca81_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel8-operator@sha256:28a794322e00582e5d74c3a7e0934735652d09ae83ac59f925434a8e2f32ca81?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel8-operator\u0026tag=2.6.0-27"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:6c6842b5ba5d85e3d9990ae73754499863ed648c9b7efa9c75ab7936093d6c06_ppc64le",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:6c6842b5ba5d85e3d9990ae73754499863ed648c9b7efa9c75ab7936093d6c06_ppc64le",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:6c6842b5ba5d85e3d9990ae73754499863ed648c9b7efa9c75ab7936093d6c06_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:6c6842b5ba5d85e3d9990ae73754499863ed648c9b7efa9c75ab7936093d6c06?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.6.0-19"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:8355c8f725d3713be992545bc8396582be6d792bec620b95bc5cd5475436a903_ppc64le",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:8355c8f725d3713be992545bc8396582be6d792bec620b95bc5cd5475436a903_ppc64le",
"product_id": "openshift-service-mesh/proxyv2-rhel9@sha256:8355c8f725d3713be992545bc8396582be6d792bec620b95bc5cd5475436a903_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel9@sha256:8355c8f725d3713be992545bc8396582be6d792bec620b95bc5cd5475436a903?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel9\u0026tag=2.6.0-18"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:0ab18d9cc3d927e162c25e895bb5d55a970b5906f83c95f0759b659a2a2d45c2_ppc64le",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:0ab18d9cc3d927e162c25e895bb5d55a970b5906f83c95f0759b659a2a2d45c2_ppc64le",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:0ab18d9cc3d927e162c25e895bb5d55a970b5906f83c95f0759b659a2a2d45c2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:0ab18d9cc3d927e162c25e895bb5d55a970b5906f83c95f0759b659a2a2d45c2?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.6.0-8"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:b55b09211c8e5857060baca392be5534a3707d0a876ceb76939908b271163cc0_amd64",
"product": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:b55b09211c8e5857060baca392be5534a3707d0a876ceb76939908b271163cc0_amd64",
"product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:b55b09211c8e5857060baca392be5534a3707d0a876ceb76939908b271163cc0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-ossmc-rhel8@sha256:b55b09211c8e5857060baca392be5534a3707d0a876ceb76939908b271163cc0?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.73.10-3"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:81b661df0703a3d7cddfce3be55b12aa297164177990b263f4b584bf9de948c7_amd64",
"product": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:81b661df0703a3d7cddfce3be55b12aa297164177990b263f4b584bf9de948c7_amd64",
"product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:81b661df0703a3d7cddfce3be55b12aa297164177990b263f4b584bf9de948c7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-cni-rhel8@sha256:81b661df0703a3d7cddfce3be55b12aa297164177990b263f4b584bf9de948c7?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.6.0-21"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/grafana-rhel8@sha256:fcbba8962e1f5fa864c073f86467468d732a6edc9fc78cbeb6050a35beced88e_amd64",
"product": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:fcbba8962e1f5fa864c073f86467468d732a6edc9fc78cbeb6050a35beced88e_amd64",
"product_id": "openshift-service-mesh/grafana-rhel8@sha256:fcbba8962e1f5fa864c073f86467468d732a6edc9fc78cbeb6050a35beced88e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel8@sha256:fcbba8962e1f5fa864c073f86467468d732a6edc9fc78cbeb6050a35beced88e?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.6.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8@sha256:4e512e8195d93a887d411bf23da9602cdbfb46a0aa9b15292f500cf2eda284e6_amd64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:4e512e8195d93a887d411bf23da9602cdbfb46a0aa9b15292f500cf2eda284e6_amd64",
"product_id": "openshift-service-mesh/kiali-rhel8@sha256:4e512e8195d93a887d411bf23da9602cdbfb46a0aa9b15292f500cf2eda284e6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8@sha256:4e512e8195d93a887d411bf23da9602cdbfb46a0aa9b15292f500cf2eda284e6?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.73.9-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:7dd97c5e5b1c3502c52352decbe48b0f0998e59604da618dbb2689f8a9a86cf1_amd64",
"product": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:7dd97c5e5b1c3502c52352decbe48b0f0998e59604da618dbb2689f8a9a86cf1_amd64",
"product_id": "openshift-service-mesh/kiali-rhel8-operator@sha256:7dd97c5e5b1c3502c52352decbe48b0f0998e59604da618dbb2689f8a9a86cf1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kiali-rhel8-operator@sha256:7dd97c5e5b1c3502c52352decbe48b0f0998e59604da618dbb2689f8a9a86cf1?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8-operator\u0026tag=1.73.10-2"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:293ef0eb34e035a972f5a45b87970cecc7942c6bee6da68c4d1f3ba2bd1e92d4_amd64",
"product": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:293ef0eb34e035a972f5a45b87970cecc7942c6bee6da68c4d1f3ba2bd1e92d4_amd64",
"product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:293ef0eb34e035a972f5a45b87970cecc7942c6bee6da68c4d1f3ba2bd1e92d4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-must-gather-rhel8@sha256:293ef0eb34e035a972f5a45b87970cecc7942c6bee6da68c4d1f3ba2bd1e92d4?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.6.0-7"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:7bbef82965d81bd768d915a1bcc220c7fb21c321e2ffb861eb628c81eeb8e000_amd64",
"product": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:7bbef82965d81bd768d915a1bcc220c7fb21c321e2ffb861eb628c81eeb8e000_amd64",
"product_id": "openshift-service-mesh/istio-rhel8-operator@sha256:7bbef82965d81bd768d915a1bcc220c7fb21c321e2ffb861eb628c81eeb8e000_amd64",
"product_identification_helper": {
"purl": "pkg:oci/istio-rhel8-operator@sha256:7bbef82965d81bd768d915a1bcc220c7fb21c321e2ffb861eb628c81eeb8e000?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel8-operator\u0026tag=2.6.0-27"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/pilot-rhel8@sha256:221bf107c93e183a093dc13a41d2e2d907e97c1a74242bf7bfefae2c1436f02c_amd64",
"product": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:221bf107c93e183a093dc13a41d2e2d907e97c1a74242bf7bfefae2c1436f02c_amd64",
"product_id": "openshift-service-mesh/pilot-rhel8@sha256:221bf107c93e183a093dc13a41d2e2d907e97c1a74242bf7bfefae2c1436f02c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pilot-rhel8@sha256:221bf107c93e183a093dc13a41d2e2d907e97c1a74242bf7bfefae2c1436f02c?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.6.0-19"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:f280ea9888acab2a2aee6fece6a99257b6b0a2093a042b958382684d1f590334_amd64",
"product": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:f280ea9888acab2a2aee6fece6a99257b6b0a2093a042b958382684d1f590334_amd64",
"product_id": "openshift-service-mesh/proxyv2-rhel9@sha256:f280ea9888acab2a2aee6fece6a99257b6b0a2093a042b958382684d1f590334_amd64",
"product_identification_helper": {
"purl": "pkg:oci/proxyv2-rhel9@sha256:f280ea9888acab2a2aee6fece6a99257b6b0a2093a042b958382684d1f590334?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel9\u0026tag=2.6.0-18"
}
}
},
{
"category": "product_version",
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:563b8f4b130657936b077139d86d648e6c65d68cf51bbcf09f3f2790db23cfd8_amd64",
"product": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:563b8f4b130657936b077139d86d648e6c65d68cf51bbcf09f3f2790db23cfd8_amd64",
"product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:563b8f4b130657936b077139d86d648e6c65d68cf51bbcf09f3f2790db23cfd8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ratelimit-rhel8@sha256:563b8f4b130657936b077139d86d648e6c65d68cf51bbcf09f3f2790db23cfd8?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.6.0-8"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:4f73fc9525b461cb31c7f76a776b3ba6d586de87e763f3dace8edea1031d2dd8_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:4f73fc9525b461cb31c7f76a776b3ba6d586de87e763f3dace8edea1031d2dd8_s390x"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:4f73fc9525b461cb31c7f76a776b3ba6d586de87e763f3dace8edea1031d2dd8_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:677746a7132573b2b40658fad4801cbe3d0381079f2d6cd7ee508318d75e6ad0_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:677746a7132573b2b40658fad4801cbe3d0381079f2d6cd7ee508318d75e6ad0_ppc64le"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:677746a7132573b2b40658fad4801cbe3d0381079f2d6cd7ee508318d75e6ad0_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:a312eee18c620e4b7c19258d2619b732a4fdf48320a04d8e216a018b99e046d7_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a312eee18c620e4b7c19258d2619b732a4fdf48320a04d8e216a018b99e046d7_arm64"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:a312eee18c620e4b7c19258d2619b732a4fdf48320a04d8e216a018b99e046d7_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/grafana-rhel8@sha256:fcbba8962e1f5fa864c073f86467468d732a6edc9fc78cbeb6050a35beced88e_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:fcbba8962e1f5fa864c073f86467468d732a6edc9fc78cbeb6050a35beced88e_amd64"
},
"product_reference": "openshift-service-mesh/grafana-rhel8@sha256:fcbba8962e1f5fa864c073f86467468d732a6edc9fc78cbeb6050a35beced88e_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:407b37dd42635c1d11de7cca69e620c140416a401c1a608d5e8f06a18ff51374_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:407b37dd42635c1d11de7cca69e620c140416a401c1a608d5e8f06a18ff51374_s390x"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:407b37dd42635c1d11de7cca69e620c140416a401c1a608d5e8f06a18ff51374_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:49542fec00ff65d1d4d27849c67468fb5d0b1314f7a9010d67c0dbbf55c1306b_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:49542fec00ff65d1d4d27849c67468fb5d0b1314f7a9010d67c0dbbf55c1306b_arm64"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:49542fec00ff65d1d4d27849c67468fb5d0b1314f7a9010d67c0dbbf55c1306b_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:7d8a4815dee1f4e109876d47184b669e81dc22421b602f2beef48588f414743e_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:7d8a4815dee1f4e109876d47184b669e81dc22421b602f2beef48588f414743e_ppc64le"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:7d8a4815dee1f4e109876d47184b669e81dc22421b602f2beef48588f414743e_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-cni-rhel8@sha256:81b661df0703a3d7cddfce3be55b12aa297164177990b263f4b584bf9de948c7_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:81b661df0703a3d7cddfce3be55b12aa297164177990b263f4b584bf9de948c7_amd64"
},
"product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:81b661df0703a3d7cddfce3be55b12aa297164177990b263f4b584bf9de948c7_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:0172d2aefc611c66c1ceac5acbe771b0109944024ccaa1534a992c154cc70186_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:0172d2aefc611c66c1ceac5acbe771b0109944024ccaa1534a992c154cc70186_ppc64le"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:0172d2aefc611c66c1ceac5acbe771b0109944024ccaa1534a992c154cc70186_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:293ef0eb34e035a972f5a45b87970cecc7942c6bee6da68c4d1f3ba2bd1e92d4_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:293ef0eb34e035a972f5a45b87970cecc7942c6bee6da68c4d1f3ba2bd1e92d4_amd64"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:293ef0eb34e035a972f5a45b87970cecc7942c6bee6da68c4d1f3ba2bd1e92d4_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:6327e0c83d4f21f33053bdc92a8091cfd7a53f272f57f3fa8e045611229f98ba_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:6327e0c83d4f21f33053bdc92a8091cfd7a53f272f57f3fa8e045611229f98ba_arm64"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:6327e0c83d4f21f33053bdc92a8091cfd7a53f272f57f3fa8e045611229f98ba_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:dbbcfdcdd4b7dca0363140675ccbf5a7e17cf6671e9c7d0858309eaa9e3e35bb_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:dbbcfdcdd4b7dca0363140675ccbf5a7e17cf6671e9c7d0858309eaa9e3e35bb_s390x"
},
"product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:dbbcfdcdd4b7dca0363140675ccbf5a7e17cf6671e9c7d0858309eaa9e3e35bb_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:28a794322e00582e5d74c3a7e0934735652d09ae83ac59f925434a8e2f32ca81_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:28a794322e00582e5d74c3a7e0934735652d09ae83ac59f925434a8e2f32ca81_ppc64le"
},
"product_reference": "openshift-service-mesh/istio-rhel8-operator@sha256:28a794322e00582e5d74c3a7e0934735652d09ae83ac59f925434a8e2f32ca81_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:7bbef82965d81bd768d915a1bcc220c7fb21c321e2ffb861eb628c81eeb8e000_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:7bbef82965d81bd768d915a1bcc220c7fb21c321e2ffb861eb628c81eeb8e000_amd64"
},
"product_reference": "openshift-service-mesh/istio-rhel8-operator@sha256:7bbef82965d81bd768d915a1bcc220c7fb21c321e2ffb861eb628c81eeb8e000_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:abf18be2515f0e0bdf54c29e96c517043e23a248b84b72a7c77fb6627535435a_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:abf18be2515f0e0bdf54c29e96c517043e23a248b84b72a7c77fb6627535435a_s390x"
},
"product_reference": "openshift-service-mesh/istio-rhel8-operator@sha256:abf18be2515f0e0bdf54c29e96c517043e23a248b84b72a7c77fb6627535435a_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/istio-rhel8-operator@sha256:c0341aec6013018cc7f97d4a9ac1ea4537a7fee8dbe473958ceab0f67e8bc502_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:c0341aec6013018cc7f97d4a9ac1ea4537a7fee8dbe473958ceab0f67e8bc502_arm64"
},
"product_reference": "openshift-service-mesh/istio-rhel8-operator@sha256:c0341aec6013018cc7f97d4a9ac1ea4537a7fee8dbe473958ceab0f67e8bc502_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:084b7af79fce2ccd8e9291054e727cd536b2e8d0392d6fae41070acc640dda7d_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:084b7af79fce2ccd8e9291054e727cd536b2e8d0392d6fae41070acc640dda7d_s390x"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:084b7af79fce2ccd8e9291054e727cd536b2e8d0392d6fae41070acc640dda7d_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:392e140789a39e10526de2cae19316759ff36c954c7b0e8d88fac91556be3bf0_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:392e140789a39e10526de2cae19316759ff36c954c7b0e8d88fac91556be3bf0_arm64"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:392e140789a39e10526de2cae19316759ff36c954c7b0e8d88fac91556be3bf0_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:86b5406c483065ae2085721e6069f36767d6dc512d8f885ac02660955fb5fbed_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:86b5406c483065ae2085721e6069f36767d6dc512d8f885ac02660955fb5fbed_ppc64le"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:86b5406c483065ae2085721e6069f36767d6dc512d8f885ac02660955fb5fbed_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:b55b09211c8e5857060baca392be5534a3707d0a876ceb76939908b271163cc0_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b55b09211c8e5857060baca392be5534a3707d0a876ceb76939908b271163cc0_amd64"
},
"product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:b55b09211c8e5857060baca392be5534a3707d0a876ceb76939908b271163cc0_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:09d04d86a4e646d6e45e57893d383432fa966ac536e460ff6fdd375c939d96ca_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:09d04d86a4e646d6e45e57893d383432fa966ac536e460ff6fdd375c939d96ca_ppc64le"
},
"product_reference": "openshift-service-mesh/kiali-rhel8-operator@sha256:09d04d86a4e646d6e45e57893d383432fa966ac536e460ff6fdd375c939d96ca_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:5f070c96656b4e01a691caa916dcf81fb34c153d192d26acec7c08cc7f9d6fda_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5f070c96656b4e01a691caa916dcf81fb34c153d192d26acec7c08cc7f9d6fda_arm64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8-operator@sha256:5f070c96656b4e01a691caa916dcf81fb34c153d192d26acec7c08cc7f9d6fda_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:7dd97c5e5b1c3502c52352decbe48b0f0998e59604da618dbb2689f8a9a86cf1_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7dd97c5e5b1c3502c52352decbe48b0f0998e59604da618dbb2689f8a9a86cf1_amd64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8-operator@sha256:7dd97c5e5b1c3502c52352decbe48b0f0998e59604da618dbb2689f8a9a86cf1_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8-operator@sha256:cdf3a7e2f5e76c59d9b3228daeabce86478693f7311ff44db0b0bbe41d9cc310_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:cdf3a7e2f5e76c59d9b3228daeabce86478693f7311ff44db0b0bbe41d9cc310_s390x"
},
"product_reference": "openshift-service-mesh/kiali-rhel8-operator@sha256:cdf3a7e2f5e76c59d9b3228daeabce86478693f7311ff44db0b0bbe41d9cc310_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:4d0c6c49b2c660d5ed04273cfcd5e01444c7c479432c374ecbcb4b99334b2ac9_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4d0c6c49b2c660d5ed04273cfcd5e01444c7c479432c374ecbcb4b99334b2ac9_s390x"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:4d0c6c49b2c660d5ed04273cfcd5e01444c7c479432c374ecbcb4b99334b2ac9_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:4e512e8195d93a887d411bf23da9602cdbfb46a0aa9b15292f500cf2eda284e6_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4e512e8195d93a887d411bf23da9602cdbfb46a0aa9b15292f500cf2eda284e6_amd64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:4e512e8195d93a887d411bf23da9602cdbfb46a0aa9b15292f500cf2eda284e6_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:4f581fd9388ba9256a34b85296a8f3728826804bd9f59fe0f8832d91c3ecc8ae_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4f581fd9388ba9256a34b85296a8f3728826804bd9f59fe0f8832d91c3ecc8ae_ppc64le"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:4f581fd9388ba9256a34b85296a8f3728826804bd9f59fe0f8832d91c3ecc8ae_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/kiali-rhel8@sha256:c0bb751d102763412fc936fb3b69a45e477bc2c0aa71b5f6fa5c0f69a94d8767_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:c0bb751d102763412fc936fb3b69a45e477bc2c0aa71b5f6fa5c0f69a94d8767_arm64"
},
"product_reference": "openshift-service-mesh/kiali-rhel8@sha256:c0bb751d102763412fc936fb3b69a45e477bc2c0aa71b5f6fa5c0f69a94d8767_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:099a9a6e6ecc221ce47fe8da358fb90caf1de22cc90353adbd2f4073e3a8c962_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:099a9a6e6ecc221ce47fe8da358fb90caf1de22cc90353adbd2f4073e3a8c962_s390x"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:099a9a6e6ecc221ce47fe8da358fb90caf1de22cc90353adbd2f4073e3a8c962_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:221bf107c93e183a093dc13a41d2e2d907e97c1a74242bf7bfefae2c1436f02c_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:221bf107c93e183a093dc13a41d2e2d907e97c1a74242bf7bfefae2c1436f02c_amd64"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:221bf107c93e183a093dc13a41d2e2d907e97c1a74242bf7bfefae2c1436f02c_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:6c6842b5ba5d85e3d9990ae73754499863ed648c9b7efa9c75ab7936093d6c06_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:6c6842b5ba5d85e3d9990ae73754499863ed648c9b7efa9c75ab7936093d6c06_ppc64le"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:6c6842b5ba5d85e3d9990ae73754499863ed648c9b7efa9c75ab7936093d6c06_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/pilot-rhel8@sha256:df0b0c0364bbe30220bd92c24ba41c54d4b871503e6b4ccdc8b7991031830637_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:df0b0c0364bbe30220bd92c24ba41c54d4b871503e6b4ccdc8b7991031830637_arm64"
},
"product_reference": "openshift-service-mesh/pilot-rhel8@sha256:df0b0c0364bbe30220bd92c24ba41c54d4b871503e6b4ccdc8b7991031830637_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:0ab18d9cc3d927e162c25e895bb5d55a970b5906f83c95f0759b659a2a2d45c2_ppc64le as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0ab18d9cc3d927e162c25e895bb5d55a970b5906f83c95f0759b659a2a2d45c2_ppc64le"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:0ab18d9cc3d927e162c25e895bb5d55a970b5906f83c95f0759b659a2a2d45c2_ppc64le",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:563b8f4b130657936b077139d86d648e6c65d68cf51bbcf09f3f2790db23cfd8_amd64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:563b8f4b130657936b077139d86d648e6c65d68cf51bbcf09f3f2790db23cfd8_amd64"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:563b8f4b130657936b077139d86d648e6c65d68cf51bbcf09f3f2790db23cfd8_amd64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:911f2c0b5159f6c13c6f4dc958ac66e987cab2b091f55e75b998d95cc1ae3e72_arm64 as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:911f2c0b5159f6c13c6f4dc958ac66e987cab2b091f55e75b998d95cc1ae3e72_arm64"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:911f2c0b5159f6c13c6f4dc958ac66e987cab2b091f55e75b998d95cc1ae3e72_arm64",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/ratelimit-rhel8@sha256:f4d5e0ab476f92e9985e86c0a6200f82e60972df12976c2ca64ff596c8e84bd0_s390x as a component of RHOSSM 2.6 for RHEL 8",
"product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:f4d5e0ab476f92e9985e86c0a6200f82e60972df12976c2ca64ff596c8e84bd0_s390x"
},
"product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:f4d5e0ab476f92e9985e86c0a6200f82e60972df12976c2ca64ff596c8e84bd0_s390x",
"relates_to_product_reference": "8Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:7672a4b3475e71674897eb4c2d47c84bd7151ff71716d19dd29d8e140bc7b2ec_s390x as a component of RHOSSM 2.6 for RHEL 9",
"product_id": "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:7672a4b3475e71674897eb4c2d47c84bd7151ff71716d19dd29d8e140bc7b2ec_s390x"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel9@sha256:7672a4b3475e71674897eb4c2d47c84bd7151ff71716d19dd29d8e140bc7b2ec_s390x",
"relates_to_product_reference": "9Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:823118b612b0bfc3c10d1ad07d65236a8e21d703e64a09c5bdc9377fc0e7cf47_arm64 as a component of RHOSSM 2.6 for RHEL 9",
"product_id": "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:823118b612b0bfc3c10d1ad07d65236a8e21d703e64a09c5bdc9377fc0e7cf47_arm64"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel9@sha256:823118b612b0bfc3c10d1ad07d65236a8e21d703e64a09c5bdc9377fc0e7cf47_arm64",
"relates_to_product_reference": "9Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:8355c8f725d3713be992545bc8396582be6d792bec620b95bc5cd5475436a903_ppc64le as a component of RHOSSM 2.6 for RHEL 9",
"product_id": "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:8355c8f725d3713be992545bc8396582be6d792bec620b95bc5cd5475436a903_ppc64le"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel9@sha256:8355c8f725d3713be992545bc8396582be6d792bec620b95bc5cd5475436a903_ppc64le",
"relates_to_product_reference": "9Base-RHOSSM-2.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-service-mesh/proxyv2-rhel9@sha256:f280ea9888acab2a2aee6fece6a99257b6b0a2093a042b958382684d1f590334_amd64 as a component of RHOSSM 2.6 for RHEL 9",
"product_id": "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f280ea9888acab2a2aee6fece6a99257b6b0a2093a042b958382684d1f590334_amd64"
},
"product_reference": "openshift-service-mesh/proxyv2-rhel9@sha256:f280ea9888acab2a2aee6fece6a99257b6b0a2093a042b958382684d1f590334_amd64",
"relates_to_product_reference": "9Base-RHOSSM-2.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-12608",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2024-04-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2275812"
}
],
"notes": [
{
"category": "description",
"text": "A certificate signing vulnerability was found in Moby. This issue could allow an unauthenticated remote attacker to validate a TLS certificate using Certificate Authorities (CA) from the system instead of only by a specified client CA root, which could allow bypassing of some certificate authorization rules, reducing system integrity.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "moby: cert signing bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:4f73fc9525b461cb31c7f76a776b3ba6d586de87e763f3dace8edea1031d2dd8_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:677746a7132573b2b40658fad4801cbe3d0381079f2d6cd7ee508318d75e6ad0_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a312eee18c620e4b7c19258d2619b732a4fdf48320a04d8e216a018b99e046d7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:fcbba8962e1f5fa864c073f86467468d732a6edc9fc78cbeb6050a35beced88e_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:407b37dd42635c1d11de7cca69e620c140416a401c1a608d5e8f06a18ff51374_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:49542fec00ff65d1d4d27849c67468fb5d0b1314f7a9010d67c0dbbf55c1306b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:7d8a4815dee1f4e109876d47184b669e81dc22421b602f2beef48588f414743e_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:81b661df0703a3d7cddfce3be55b12aa297164177990b263f4b584bf9de948c7_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:0172d2aefc611c66c1ceac5acbe771b0109944024ccaa1534a992c154cc70186_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:293ef0eb34e035a972f5a45b87970cecc7942c6bee6da68c4d1f3ba2bd1e92d4_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:6327e0c83d4f21f33053bdc92a8091cfd7a53f272f57f3fa8e045611229f98ba_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:dbbcfdcdd4b7dca0363140675ccbf5a7e17cf6671e9c7d0858309eaa9e3e35bb_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:28a794322e00582e5d74c3a7e0934735652d09ae83ac59f925434a8e2f32ca81_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:7bbef82965d81bd768d915a1bcc220c7fb21c321e2ffb861eb628c81eeb8e000_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:abf18be2515f0e0bdf54c29e96c517043e23a248b84b72a7c77fb6627535435a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:c0341aec6013018cc7f97d4a9ac1ea4537a7fee8dbe473958ceab0f67e8bc502_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:084b7af79fce2ccd8e9291054e727cd536b2e8d0392d6fae41070acc640dda7d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:392e140789a39e10526de2cae19316759ff36c954c7b0e8d88fac91556be3bf0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:86b5406c483065ae2085721e6069f36767d6dc512d8f885ac02660955fb5fbed_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b55b09211c8e5857060baca392be5534a3707d0a876ceb76939908b271163cc0_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:09d04d86a4e646d6e45e57893d383432fa966ac536e460ff6fdd375c939d96ca_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5f070c96656b4e01a691caa916dcf81fb34c153d192d26acec7c08cc7f9d6fda_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7dd97c5e5b1c3502c52352decbe48b0f0998e59604da618dbb2689f8a9a86cf1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:cdf3a7e2f5e76c59d9b3228daeabce86478693f7311ff44db0b0bbe41d9cc310_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4d0c6c49b2c660d5ed04273cfcd5e01444c7c479432c374ecbcb4b99334b2ac9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4e512e8195d93a887d411bf23da9602cdbfb46a0aa9b15292f500cf2eda284e6_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4f581fd9388ba9256a34b85296a8f3728826804bd9f59fe0f8832d91c3ecc8ae_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:c0bb751d102763412fc936fb3b69a45e477bc2c0aa71b5f6fa5c0f69a94d8767_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:099a9a6e6ecc221ce47fe8da358fb90caf1de22cc90353adbd2f4073e3a8c962_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:221bf107c93e183a093dc13a41d2e2d907e97c1a74242bf7bfefae2c1436f02c_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:6c6842b5ba5d85e3d9990ae73754499863ed648c9b7efa9c75ab7936093d6c06_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:df0b0c0364bbe30220bd92c24ba41c54d4b871503e6b4ccdc8b7991031830637_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0ab18d9cc3d927e162c25e895bb5d55a970b5906f83c95f0759b659a2a2d45c2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:563b8f4b130657936b077139d86d648e6c65d68cf51bbcf09f3f2790db23cfd8_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:911f2c0b5159f6c13c6f4dc958ac66e987cab2b091f55e75b998d95cc1ae3e72_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:f4d5e0ab476f92e9985e86c0a6200f82e60972df12976c2ca64ff596c8e84bd0_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:7672a4b3475e71674897eb4c2d47c84bd7151ff71716d19dd29d8e140bc7b2ec_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:823118b612b0bfc3c10d1ad07d65236a8e21d703e64a09c5bdc9377fc0e7cf47_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:8355c8f725d3713be992545bc8396582be6d792bec620b95bc5cd5475436a903_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f280ea9888acab2a2aee6fece6a99257b6b0a2093a042b958382684d1f590334_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-12608"
},
{
"category": "external",
"summary": "RHBZ#2275812",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275812"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-12608",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12608"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-12608",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12608"
},
{
"category": "external",
"summary": "https://github.com/golang/vulndb/issues/2209",
"url": "https://github.com/golang/vulndb/issues/2209"
}
],
"release_date": "2018-10-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-08-07T15:39:25+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:4f73fc9525b461cb31c7f76a776b3ba6d586de87e763f3dace8edea1031d2dd8_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:677746a7132573b2b40658fad4801cbe3d0381079f2d6cd7ee508318d75e6ad0_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a312eee18c620e4b7c19258d2619b732a4fdf48320a04d8e216a018b99e046d7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:fcbba8962e1f5fa864c073f86467468d732a6edc9fc78cbeb6050a35beced88e_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:407b37dd42635c1d11de7cca69e620c140416a401c1a608d5e8f06a18ff51374_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:49542fec00ff65d1d4d27849c67468fb5d0b1314f7a9010d67c0dbbf55c1306b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:7d8a4815dee1f4e109876d47184b669e81dc22421b602f2beef48588f414743e_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:81b661df0703a3d7cddfce3be55b12aa297164177990b263f4b584bf9de948c7_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:0172d2aefc611c66c1ceac5acbe771b0109944024ccaa1534a992c154cc70186_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:293ef0eb34e035a972f5a45b87970cecc7942c6bee6da68c4d1f3ba2bd1e92d4_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:6327e0c83d4f21f33053bdc92a8091cfd7a53f272f57f3fa8e045611229f98ba_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:dbbcfdcdd4b7dca0363140675ccbf5a7e17cf6671e9c7d0858309eaa9e3e35bb_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:28a794322e00582e5d74c3a7e0934735652d09ae83ac59f925434a8e2f32ca81_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:7bbef82965d81bd768d915a1bcc220c7fb21c321e2ffb861eb628c81eeb8e000_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:abf18be2515f0e0bdf54c29e96c517043e23a248b84b72a7c77fb6627535435a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:c0341aec6013018cc7f97d4a9ac1ea4537a7fee8dbe473958ceab0f67e8bc502_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:084b7af79fce2ccd8e9291054e727cd536b2e8d0392d6fae41070acc640dda7d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:392e140789a39e10526de2cae19316759ff36c954c7b0e8d88fac91556be3bf0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:86b5406c483065ae2085721e6069f36767d6dc512d8f885ac02660955fb5fbed_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b55b09211c8e5857060baca392be5534a3707d0a876ceb76939908b271163cc0_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:09d04d86a4e646d6e45e57893d383432fa966ac536e460ff6fdd375c939d96ca_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5f070c96656b4e01a691caa916dcf81fb34c153d192d26acec7c08cc7f9d6fda_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7dd97c5e5b1c3502c52352decbe48b0f0998e59604da618dbb2689f8a9a86cf1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:cdf3a7e2f5e76c59d9b3228daeabce86478693f7311ff44db0b0bbe41d9cc310_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4d0c6c49b2c660d5ed04273cfcd5e01444c7c479432c374ecbcb4b99334b2ac9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4e512e8195d93a887d411bf23da9602cdbfb46a0aa9b15292f500cf2eda284e6_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4f581fd9388ba9256a34b85296a8f3728826804bd9f59fe0f8832d91c3ecc8ae_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:c0bb751d102763412fc936fb3b69a45e477bc2c0aa71b5f6fa5c0f69a94d8767_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:099a9a6e6ecc221ce47fe8da358fb90caf1de22cc90353adbd2f4073e3a8c962_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:221bf107c93e183a093dc13a41d2e2d907e97c1a74242bf7bfefae2c1436f02c_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:6c6842b5ba5d85e3d9990ae73754499863ed648c9b7efa9c75ab7936093d6c06_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:df0b0c0364bbe30220bd92c24ba41c54d4b871503e6b4ccdc8b7991031830637_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0ab18d9cc3d927e162c25e895bb5d55a970b5906f83c95f0759b659a2a2d45c2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:563b8f4b130657936b077139d86d648e6c65d68cf51bbcf09f3f2790db23cfd8_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:911f2c0b5159f6c13c6f4dc958ac66e987cab2b091f55e75b998d95cc1ae3e72_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:f4d5e0ab476f92e9985e86c0a6200f82e60972df12976c2ca64ff596c8e84bd0_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:7672a4b3475e71674897eb4c2d47c84bd7151ff71716d19dd29d8e140bc7b2ec_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:823118b612b0bfc3c10d1ad07d65236a8e21d703e64a09c5bdc9377fc0e7cf47_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:8355c8f725d3713be992545bc8396582be6d792bec620b95bc5cd5475436a903_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f280ea9888acab2a2aee6fece6a99257b6b0a2093a042b958382684d1f590334_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:5094"
},
{
"category": "workaround",
"details": "Some environments may be able to mitigate this issue by removing extra CAs from the host.",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:4f73fc9525b461cb31c7f76a776b3ba6d586de87e763f3dace8edea1031d2dd8_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:677746a7132573b2b40658fad4801cbe3d0381079f2d6cd7ee508318d75e6ad0_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a312eee18c620e4b7c19258d2619b732a4fdf48320a04d8e216a018b99e046d7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:fcbba8962e1f5fa864c073f86467468d732a6edc9fc78cbeb6050a35beced88e_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:407b37dd42635c1d11de7cca69e620c140416a401c1a608d5e8f06a18ff51374_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:49542fec00ff65d1d4d27849c67468fb5d0b1314f7a9010d67c0dbbf55c1306b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:7d8a4815dee1f4e109876d47184b669e81dc22421b602f2beef48588f414743e_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:81b661df0703a3d7cddfce3be55b12aa297164177990b263f4b584bf9de948c7_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:0172d2aefc611c66c1ceac5acbe771b0109944024ccaa1534a992c154cc70186_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:293ef0eb34e035a972f5a45b87970cecc7942c6bee6da68c4d1f3ba2bd1e92d4_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:6327e0c83d4f21f33053bdc92a8091cfd7a53f272f57f3fa8e045611229f98ba_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:dbbcfdcdd4b7dca0363140675ccbf5a7e17cf6671e9c7d0858309eaa9e3e35bb_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:28a794322e00582e5d74c3a7e0934735652d09ae83ac59f925434a8e2f32ca81_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:7bbef82965d81bd768d915a1bcc220c7fb21c321e2ffb861eb628c81eeb8e000_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:abf18be2515f0e0bdf54c29e96c517043e23a248b84b72a7c77fb6627535435a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:c0341aec6013018cc7f97d4a9ac1ea4537a7fee8dbe473958ceab0f67e8bc502_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:084b7af79fce2ccd8e9291054e727cd536b2e8d0392d6fae41070acc640dda7d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:392e140789a39e10526de2cae19316759ff36c954c7b0e8d88fac91556be3bf0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:86b5406c483065ae2085721e6069f36767d6dc512d8f885ac02660955fb5fbed_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b55b09211c8e5857060baca392be5534a3707d0a876ceb76939908b271163cc0_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:09d04d86a4e646d6e45e57893d383432fa966ac536e460ff6fdd375c939d96ca_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5f070c96656b4e01a691caa916dcf81fb34c153d192d26acec7c08cc7f9d6fda_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7dd97c5e5b1c3502c52352decbe48b0f0998e59604da618dbb2689f8a9a86cf1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:cdf3a7e2f5e76c59d9b3228daeabce86478693f7311ff44db0b0bbe41d9cc310_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4d0c6c49b2c660d5ed04273cfcd5e01444c7c479432c374ecbcb4b99334b2ac9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4e512e8195d93a887d411bf23da9602cdbfb46a0aa9b15292f500cf2eda284e6_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4f581fd9388ba9256a34b85296a8f3728826804bd9f59fe0f8832d91c3ecc8ae_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:c0bb751d102763412fc936fb3b69a45e477bc2c0aa71b5f6fa5c0f69a94d8767_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:099a9a6e6ecc221ce47fe8da358fb90caf1de22cc90353adbd2f4073e3a8c962_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:221bf107c93e183a093dc13a41d2e2d907e97c1a74242bf7bfefae2c1436f02c_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:6c6842b5ba5d85e3d9990ae73754499863ed648c9b7efa9c75ab7936093d6c06_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:df0b0c0364bbe30220bd92c24ba41c54d4b871503e6b4ccdc8b7991031830637_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0ab18d9cc3d927e162c25e895bb5d55a970b5906f83c95f0759b659a2a2d45c2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:563b8f4b130657936b077139d86d648e6c65d68cf51bbcf09f3f2790db23cfd8_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:911f2c0b5159f6c13c6f4dc958ac66e987cab2b091f55e75b998d95cc1ae3e72_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:f4d5e0ab476f92e9985e86c0a6200f82e60972df12976c2ca64ff596c8e84bd0_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:7672a4b3475e71674897eb4c2d47c84bd7151ff71716d19dd29d8e140bc7b2ec_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:823118b612b0bfc3c10d1ad07d65236a8e21d703e64a09c5bdc9377fc0e7cf47_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:8355c8f725d3713be992545bc8396582be6d792bec620b95bc5cd5475436a903_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f280ea9888acab2a2aee6fece6a99257b6b0a2093a042b958382684d1f590334_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:4f73fc9525b461cb31c7f76a776b3ba6d586de87e763f3dace8edea1031d2dd8_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:677746a7132573b2b40658fad4801cbe3d0381079f2d6cd7ee508318d75e6ad0_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a312eee18c620e4b7c19258d2619b732a4fdf48320a04d8e216a018b99e046d7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:fcbba8962e1f5fa864c073f86467468d732a6edc9fc78cbeb6050a35beced88e_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:407b37dd42635c1d11de7cca69e620c140416a401c1a608d5e8f06a18ff51374_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:49542fec00ff65d1d4d27849c67468fb5d0b1314f7a9010d67c0dbbf55c1306b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:7d8a4815dee1f4e109876d47184b669e81dc22421b602f2beef48588f414743e_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:81b661df0703a3d7cddfce3be55b12aa297164177990b263f4b584bf9de948c7_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:0172d2aefc611c66c1ceac5acbe771b0109944024ccaa1534a992c154cc70186_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:293ef0eb34e035a972f5a45b87970cecc7942c6bee6da68c4d1f3ba2bd1e92d4_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:6327e0c83d4f21f33053bdc92a8091cfd7a53f272f57f3fa8e045611229f98ba_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:dbbcfdcdd4b7dca0363140675ccbf5a7e17cf6671e9c7d0858309eaa9e3e35bb_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:28a794322e00582e5d74c3a7e0934735652d09ae83ac59f925434a8e2f32ca81_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:7bbef82965d81bd768d915a1bcc220c7fb21c321e2ffb861eb628c81eeb8e000_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:abf18be2515f0e0bdf54c29e96c517043e23a248b84b72a7c77fb6627535435a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:c0341aec6013018cc7f97d4a9ac1ea4537a7fee8dbe473958ceab0f67e8bc502_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:084b7af79fce2ccd8e9291054e727cd536b2e8d0392d6fae41070acc640dda7d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:392e140789a39e10526de2cae19316759ff36c954c7b0e8d88fac91556be3bf0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:86b5406c483065ae2085721e6069f36767d6dc512d8f885ac02660955fb5fbed_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b55b09211c8e5857060baca392be5534a3707d0a876ceb76939908b271163cc0_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:09d04d86a4e646d6e45e57893d383432fa966ac536e460ff6fdd375c939d96ca_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5f070c96656b4e01a691caa916dcf81fb34c153d192d26acec7c08cc7f9d6fda_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7dd97c5e5b1c3502c52352decbe48b0f0998e59604da618dbb2689f8a9a86cf1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:cdf3a7e2f5e76c59d9b3228daeabce86478693f7311ff44db0b0bbe41d9cc310_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4d0c6c49b2c660d5ed04273cfcd5e01444c7c479432c374ecbcb4b99334b2ac9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4e512e8195d93a887d411bf23da9602cdbfb46a0aa9b15292f500cf2eda284e6_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4f581fd9388ba9256a34b85296a8f3728826804bd9f59fe0f8832d91c3ecc8ae_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:c0bb751d102763412fc936fb3b69a45e477bc2c0aa71b5f6fa5c0f69a94d8767_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:099a9a6e6ecc221ce47fe8da358fb90caf1de22cc90353adbd2f4073e3a8c962_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:221bf107c93e183a093dc13a41d2e2d907e97c1a74242bf7bfefae2c1436f02c_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:6c6842b5ba5d85e3d9990ae73754499863ed648c9b7efa9c75ab7936093d6c06_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:df0b0c0364bbe30220bd92c24ba41c54d4b871503e6b4ccdc8b7991031830637_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0ab18d9cc3d927e162c25e895bb5d55a970b5906f83c95f0759b659a2a2d45c2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:563b8f4b130657936b077139d86d648e6c65d68cf51bbcf09f3f2790db23cfd8_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:911f2c0b5159f6c13c6f4dc958ac66e987cab2b091f55e75b998d95cc1ae3e72_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:f4d5e0ab476f92e9985e86c0a6200f82e60972df12976c2ca64ff596c8e84bd0_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:7672a4b3475e71674897eb4c2d47c84bd7151ff71716d19dd29d8e140bc7b2ec_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:823118b612b0bfc3c10d1ad07d65236a8e21d703e64a09c5bdc9377fc0e7cf47_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:8355c8f725d3713be992545bc8396582be6d792bec620b95bc5cd5475436a903_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f280ea9888acab2a2aee6fece6a99257b6b0a2093a042b958382684d1f590334_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "moby: cert signing bypass"
},
{
"cve": "CVE-2024-22189",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-04-04T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2273513"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in quic-go. This issue may allow an attacker to trigger a denial of service by sending a large number of NEW_CONNECTION_ID frames that retire old connection IDs. The receiver is supposed to respond to each retirement frame with a RETIRE_CONNECTION_ID frame, but the attacker can prevent the receiver from sending out the vast majority of these RETIRE_CONNECTION_ID frames by selectively acknowledging received packets and collapsing the peers congestion window and by manipulating the peer\u0027s RTT estimate.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "quic-go: memory exhaustion attack against QUIC\u0027s connection ID mechanism",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:4f73fc9525b461cb31c7f76a776b3ba6d586de87e763f3dace8edea1031d2dd8_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:677746a7132573b2b40658fad4801cbe3d0381079f2d6cd7ee508318d75e6ad0_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a312eee18c620e4b7c19258d2619b732a4fdf48320a04d8e216a018b99e046d7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:fcbba8962e1f5fa864c073f86467468d732a6edc9fc78cbeb6050a35beced88e_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:407b37dd42635c1d11de7cca69e620c140416a401c1a608d5e8f06a18ff51374_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:49542fec00ff65d1d4d27849c67468fb5d0b1314f7a9010d67c0dbbf55c1306b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:7d8a4815dee1f4e109876d47184b669e81dc22421b602f2beef48588f414743e_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:81b661df0703a3d7cddfce3be55b12aa297164177990b263f4b584bf9de948c7_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:0172d2aefc611c66c1ceac5acbe771b0109944024ccaa1534a992c154cc70186_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:293ef0eb34e035a972f5a45b87970cecc7942c6bee6da68c4d1f3ba2bd1e92d4_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:6327e0c83d4f21f33053bdc92a8091cfd7a53f272f57f3fa8e045611229f98ba_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:dbbcfdcdd4b7dca0363140675ccbf5a7e17cf6671e9c7d0858309eaa9e3e35bb_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:28a794322e00582e5d74c3a7e0934735652d09ae83ac59f925434a8e2f32ca81_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:7bbef82965d81bd768d915a1bcc220c7fb21c321e2ffb861eb628c81eeb8e000_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:abf18be2515f0e0bdf54c29e96c517043e23a248b84b72a7c77fb6627535435a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:c0341aec6013018cc7f97d4a9ac1ea4537a7fee8dbe473958ceab0f67e8bc502_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:084b7af79fce2ccd8e9291054e727cd536b2e8d0392d6fae41070acc640dda7d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:392e140789a39e10526de2cae19316759ff36c954c7b0e8d88fac91556be3bf0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:86b5406c483065ae2085721e6069f36767d6dc512d8f885ac02660955fb5fbed_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b55b09211c8e5857060baca392be5534a3707d0a876ceb76939908b271163cc0_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:09d04d86a4e646d6e45e57893d383432fa966ac536e460ff6fdd375c939d96ca_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5f070c96656b4e01a691caa916dcf81fb34c153d192d26acec7c08cc7f9d6fda_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7dd97c5e5b1c3502c52352decbe48b0f0998e59604da618dbb2689f8a9a86cf1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:cdf3a7e2f5e76c59d9b3228daeabce86478693f7311ff44db0b0bbe41d9cc310_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4d0c6c49b2c660d5ed04273cfcd5e01444c7c479432c374ecbcb4b99334b2ac9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4e512e8195d93a887d411bf23da9602cdbfb46a0aa9b15292f500cf2eda284e6_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4f581fd9388ba9256a34b85296a8f3728826804bd9f59fe0f8832d91c3ecc8ae_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:c0bb751d102763412fc936fb3b69a45e477bc2c0aa71b5f6fa5c0f69a94d8767_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:099a9a6e6ecc221ce47fe8da358fb90caf1de22cc90353adbd2f4073e3a8c962_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:221bf107c93e183a093dc13a41d2e2d907e97c1a74242bf7bfefae2c1436f02c_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:6c6842b5ba5d85e3d9990ae73754499863ed648c9b7efa9c75ab7936093d6c06_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:df0b0c0364bbe30220bd92c24ba41c54d4b871503e6b4ccdc8b7991031830637_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0ab18d9cc3d927e162c25e895bb5d55a970b5906f83c95f0759b659a2a2d45c2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:563b8f4b130657936b077139d86d648e6c65d68cf51bbcf09f3f2790db23cfd8_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:911f2c0b5159f6c13c6f4dc958ac66e987cab2b091f55e75b998d95cc1ae3e72_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:f4d5e0ab476f92e9985e86c0a6200f82e60972df12976c2ca64ff596c8e84bd0_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:7672a4b3475e71674897eb4c2d47c84bd7151ff71716d19dd29d8e140bc7b2ec_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:823118b612b0bfc3c10d1ad07d65236a8e21d703e64a09c5bdc9377fc0e7cf47_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:8355c8f725d3713be992545bc8396582be6d792bec620b95bc5cd5475436a903_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f280ea9888acab2a2aee6fece6a99257b6b0a2093a042b958382684d1f590334_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-22189"
},
{
"category": "external",
"summary": "RHBZ#2273513",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273513"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-22189",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22189"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-22189",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22189"
},
{
"category": "external",
"summary": "https://github.com/quic-go/quic-go/commit/4a99b816ae3ab03ae5449d15aac45147c85ed47a",
"url": "https://github.com/quic-go/quic-go/commit/4a99b816ae3ab03ae5449d15aac45147c85ed47a"
},
{
"category": "external",
"summary": "https://github.com/quic-go/quic-go/security/advisories/GHSA-c33x-xqrf-c478",
"url": "https://github.com/quic-go/quic-go/security/advisories/GHSA-c33x-xqrf-c478"
},
{
"category": "external",
"summary": "https://seemann.io/posts/2024-03-19-exploiting-quics-connection-id-management",
"url": "https://seemann.io/posts/2024-03-19-exploiting-quics-connection-id-management"
}
],
"release_date": "2024-04-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-08-07T15:39:25+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:4f73fc9525b461cb31c7f76a776b3ba6d586de87e763f3dace8edea1031d2dd8_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:677746a7132573b2b40658fad4801cbe3d0381079f2d6cd7ee508318d75e6ad0_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a312eee18c620e4b7c19258d2619b732a4fdf48320a04d8e216a018b99e046d7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:fcbba8962e1f5fa864c073f86467468d732a6edc9fc78cbeb6050a35beced88e_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:407b37dd42635c1d11de7cca69e620c140416a401c1a608d5e8f06a18ff51374_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:49542fec00ff65d1d4d27849c67468fb5d0b1314f7a9010d67c0dbbf55c1306b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:7d8a4815dee1f4e109876d47184b669e81dc22421b602f2beef48588f414743e_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:81b661df0703a3d7cddfce3be55b12aa297164177990b263f4b584bf9de948c7_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:0172d2aefc611c66c1ceac5acbe771b0109944024ccaa1534a992c154cc70186_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:293ef0eb34e035a972f5a45b87970cecc7942c6bee6da68c4d1f3ba2bd1e92d4_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:6327e0c83d4f21f33053bdc92a8091cfd7a53f272f57f3fa8e045611229f98ba_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:dbbcfdcdd4b7dca0363140675ccbf5a7e17cf6671e9c7d0858309eaa9e3e35bb_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:28a794322e00582e5d74c3a7e0934735652d09ae83ac59f925434a8e2f32ca81_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:7bbef82965d81bd768d915a1bcc220c7fb21c321e2ffb861eb628c81eeb8e000_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:abf18be2515f0e0bdf54c29e96c517043e23a248b84b72a7c77fb6627535435a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:c0341aec6013018cc7f97d4a9ac1ea4537a7fee8dbe473958ceab0f67e8bc502_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:084b7af79fce2ccd8e9291054e727cd536b2e8d0392d6fae41070acc640dda7d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:392e140789a39e10526de2cae19316759ff36c954c7b0e8d88fac91556be3bf0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:86b5406c483065ae2085721e6069f36767d6dc512d8f885ac02660955fb5fbed_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b55b09211c8e5857060baca392be5534a3707d0a876ceb76939908b271163cc0_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:09d04d86a4e646d6e45e57893d383432fa966ac536e460ff6fdd375c939d96ca_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5f070c96656b4e01a691caa916dcf81fb34c153d192d26acec7c08cc7f9d6fda_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7dd97c5e5b1c3502c52352decbe48b0f0998e59604da618dbb2689f8a9a86cf1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:cdf3a7e2f5e76c59d9b3228daeabce86478693f7311ff44db0b0bbe41d9cc310_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4d0c6c49b2c660d5ed04273cfcd5e01444c7c479432c374ecbcb4b99334b2ac9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4e512e8195d93a887d411bf23da9602cdbfb46a0aa9b15292f500cf2eda284e6_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4f581fd9388ba9256a34b85296a8f3728826804bd9f59fe0f8832d91c3ecc8ae_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:c0bb751d102763412fc936fb3b69a45e477bc2c0aa71b5f6fa5c0f69a94d8767_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:099a9a6e6ecc221ce47fe8da358fb90caf1de22cc90353adbd2f4073e3a8c962_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:221bf107c93e183a093dc13a41d2e2d907e97c1a74242bf7bfefae2c1436f02c_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:6c6842b5ba5d85e3d9990ae73754499863ed648c9b7efa9c75ab7936093d6c06_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:df0b0c0364bbe30220bd92c24ba41c54d4b871503e6b4ccdc8b7991031830637_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0ab18d9cc3d927e162c25e895bb5d55a970b5906f83c95f0759b659a2a2d45c2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:563b8f4b130657936b077139d86d648e6c65d68cf51bbcf09f3f2790db23cfd8_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:911f2c0b5159f6c13c6f4dc958ac66e987cab2b091f55e75b998d95cc1ae3e72_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:f4d5e0ab476f92e9985e86c0a6200f82e60972df12976c2ca64ff596c8e84bd0_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:7672a4b3475e71674897eb4c2d47c84bd7151ff71716d19dd29d8e140bc7b2ec_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:823118b612b0bfc3c10d1ad07d65236a8e21d703e64a09c5bdc9377fc0e7cf47_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:8355c8f725d3713be992545bc8396582be6d792bec620b95bc5cd5475436a903_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f280ea9888acab2a2aee6fece6a99257b6b0a2093a042b958382684d1f590334_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:5094"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:4f73fc9525b461cb31c7f76a776b3ba6d586de87e763f3dace8edea1031d2dd8_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:677746a7132573b2b40658fad4801cbe3d0381079f2d6cd7ee508318d75e6ad0_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a312eee18c620e4b7c19258d2619b732a4fdf48320a04d8e216a018b99e046d7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:fcbba8962e1f5fa864c073f86467468d732a6edc9fc78cbeb6050a35beced88e_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:407b37dd42635c1d11de7cca69e620c140416a401c1a608d5e8f06a18ff51374_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:49542fec00ff65d1d4d27849c67468fb5d0b1314f7a9010d67c0dbbf55c1306b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:7d8a4815dee1f4e109876d47184b669e81dc22421b602f2beef48588f414743e_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:81b661df0703a3d7cddfce3be55b12aa297164177990b263f4b584bf9de948c7_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:0172d2aefc611c66c1ceac5acbe771b0109944024ccaa1534a992c154cc70186_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:293ef0eb34e035a972f5a45b87970cecc7942c6bee6da68c4d1f3ba2bd1e92d4_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:6327e0c83d4f21f33053bdc92a8091cfd7a53f272f57f3fa8e045611229f98ba_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:dbbcfdcdd4b7dca0363140675ccbf5a7e17cf6671e9c7d0858309eaa9e3e35bb_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:28a794322e00582e5d74c3a7e0934735652d09ae83ac59f925434a8e2f32ca81_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:7bbef82965d81bd768d915a1bcc220c7fb21c321e2ffb861eb628c81eeb8e000_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:abf18be2515f0e0bdf54c29e96c517043e23a248b84b72a7c77fb6627535435a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:c0341aec6013018cc7f97d4a9ac1ea4537a7fee8dbe473958ceab0f67e8bc502_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:084b7af79fce2ccd8e9291054e727cd536b2e8d0392d6fae41070acc640dda7d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:392e140789a39e10526de2cae19316759ff36c954c7b0e8d88fac91556be3bf0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:86b5406c483065ae2085721e6069f36767d6dc512d8f885ac02660955fb5fbed_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b55b09211c8e5857060baca392be5534a3707d0a876ceb76939908b271163cc0_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:09d04d86a4e646d6e45e57893d383432fa966ac536e460ff6fdd375c939d96ca_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5f070c96656b4e01a691caa916dcf81fb34c153d192d26acec7c08cc7f9d6fda_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7dd97c5e5b1c3502c52352decbe48b0f0998e59604da618dbb2689f8a9a86cf1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:cdf3a7e2f5e76c59d9b3228daeabce86478693f7311ff44db0b0bbe41d9cc310_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4d0c6c49b2c660d5ed04273cfcd5e01444c7c479432c374ecbcb4b99334b2ac9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4e512e8195d93a887d411bf23da9602cdbfb46a0aa9b15292f500cf2eda284e6_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4f581fd9388ba9256a34b85296a8f3728826804bd9f59fe0f8832d91c3ecc8ae_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:c0bb751d102763412fc936fb3b69a45e477bc2c0aa71b5f6fa5c0f69a94d8767_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:099a9a6e6ecc221ce47fe8da358fb90caf1de22cc90353adbd2f4073e3a8c962_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:221bf107c93e183a093dc13a41d2e2d907e97c1a74242bf7bfefae2c1436f02c_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:6c6842b5ba5d85e3d9990ae73754499863ed648c9b7efa9c75ab7936093d6c06_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:df0b0c0364bbe30220bd92c24ba41c54d4b871503e6b4ccdc8b7991031830637_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0ab18d9cc3d927e162c25e895bb5d55a970b5906f83c95f0759b659a2a2d45c2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:563b8f4b130657936b077139d86d648e6c65d68cf51bbcf09f3f2790db23cfd8_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:911f2c0b5159f6c13c6f4dc958ac66e987cab2b091f55e75b998d95cc1ae3e72_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:f4d5e0ab476f92e9985e86c0a6200f82e60972df12976c2ca64ff596c8e84bd0_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:7672a4b3475e71674897eb4c2d47c84bd7151ff71716d19dd29d8e140bc7b2ec_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:823118b612b0bfc3c10d1ad07d65236a8e21d703e64a09c5bdc9377fc0e7cf47_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:8355c8f725d3713be992545bc8396582be6d792bec620b95bc5cd5475436a903_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f280ea9888acab2a2aee6fece6a99257b6b0a2093a042b958382684d1f590334_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "quic-go: memory exhaustion attack against QUIC\u0027s connection ID mechanism"
},
{
"cve": "CVE-2024-24789",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2024-06-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2292668"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang. The ZIP implementation of the Go language archive/zip library behaves differently than the rest of the ZIP file format implementations. When handling ZIP files with a corrupted central directory record, the library skips over the invalid record and processes the next valid one. This flaw allows a malicious user to access hidden information or files inside maliciously crafted ZIP files.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: archive/zip: Incorrect handling of certain ZIP files",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:4f73fc9525b461cb31c7f76a776b3ba6d586de87e763f3dace8edea1031d2dd8_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:677746a7132573b2b40658fad4801cbe3d0381079f2d6cd7ee508318d75e6ad0_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a312eee18c620e4b7c19258d2619b732a4fdf48320a04d8e216a018b99e046d7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:fcbba8962e1f5fa864c073f86467468d732a6edc9fc78cbeb6050a35beced88e_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:407b37dd42635c1d11de7cca69e620c140416a401c1a608d5e8f06a18ff51374_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:49542fec00ff65d1d4d27849c67468fb5d0b1314f7a9010d67c0dbbf55c1306b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:7d8a4815dee1f4e109876d47184b669e81dc22421b602f2beef48588f414743e_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:81b661df0703a3d7cddfce3be55b12aa297164177990b263f4b584bf9de948c7_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:0172d2aefc611c66c1ceac5acbe771b0109944024ccaa1534a992c154cc70186_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:293ef0eb34e035a972f5a45b87970cecc7942c6bee6da68c4d1f3ba2bd1e92d4_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:6327e0c83d4f21f33053bdc92a8091cfd7a53f272f57f3fa8e045611229f98ba_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:dbbcfdcdd4b7dca0363140675ccbf5a7e17cf6671e9c7d0858309eaa9e3e35bb_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:28a794322e00582e5d74c3a7e0934735652d09ae83ac59f925434a8e2f32ca81_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:7bbef82965d81bd768d915a1bcc220c7fb21c321e2ffb861eb628c81eeb8e000_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:abf18be2515f0e0bdf54c29e96c517043e23a248b84b72a7c77fb6627535435a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:c0341aec6013018cc7f97d4a9ac1ea4537a7fee8dbe473958ceab0f67e8bc502_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:084b7af79fce2ccd8e9291054e727cd536b2e8d0392d6fae41070acc640dda7d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:392e140789a39e10526de2cae19316759ff36c954c7b0e8d88fac91556be3bf0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:86b5406c483065ae2085721e6069f36767d6dc512d8f885ac02660955fb5fbed_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b55b09211c8e5857060baca392be5534a3707d0a876ceb76939908b271163cc0_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:09d04d86a4e646d6e45e57893d383432fa966ac536e460ff6fdd375c939d96ca_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5f070c96656b4e01a691caa916dcf81fb34c153d192d26acec7c08cc7f9d6fda_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7dd97c5e5b1c3502c52352decbe48b0f0998e59604da618dbb2689f8a9a86cf1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:cdf3a7e2f5e76c59d9b3228daeabce86478693f7311ff44db0b0bbe41d9cc310_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4d0c6c49b2c660d5ed04273cfcd5e01444c7c479432c374ecbcb4b99334b2ac9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4e512e8195d93a887d411bf23da9602cdbfb46a0aa9b15292f500cf2eda284e6_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4f581fd9388ba9256a34b85296a8f3728826804bd9f59fe0f8832d91c3ecc8ae_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:c0bb751d102763412fc936fb3b69a45e477bc2c0aa71b5f6fa5c0f69a94d8767_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:099a9a6e6ecc221ce47fe8da358fb90caf1de22cc90353adbd2f4073e3a8c962_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:221bf107c93e183a093dc13a41d2e2d907e97c1a74242bf7bfefae2c1436f02c_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:6c6842b5ba5d85e3d9990ae73754499863ed648c9b7efa9c75ab7936093d6c06_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:df0b0c0364bbe30220bd92c24ba41c54d4b871503e6b4ccdc8b7991031830637_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0ab18d9cc3d927e162c25e895bb5d55a970b5906f83c95f0759b659a2a2d45c2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:563b8f4b130657936b077139d86d648e6c65d68cf51bbcf09f3f2790db23cfd8_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:911f2c0b5159f6c13c6f4dc958ac66e987cab2b091f55e75b998d95cc1ae3e72_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:f4d5e0ab476f92e9985e86c0a6200f82e60972df12976c2ca64ff596c8e84bd0_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:7672a4b3475e71674897eb4c2d47c84bd7151ff71716d19dd29d8e140bc7b2ec_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:823118b612b0bfc3c10d1ad07d65236a8e21d703e64a09c5bdc9377fc0e7cf47_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:8355c8f725d3713be992545bc8396582be6d792bec620b95bc5cd5475436a903_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f280ea9888acab2a2aee6fece6a99257b6b0a2093a042b958382684d1f590334_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-24789"
},
{
"category": "external",
"summary": "RHBZ#2292668",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292668"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-24789",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24789"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24789",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24789"
}
],
"release_date": "2024-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-08-07T15:39:25+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:4f73fc9525b461cb31c7f76a776b3ba6d586de87e763f3dace8edea1031d2dd8_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:677746a7132573b2b40658fad4801cbe3d0381079f2d6cd7ee508318d75e6ad0_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a312eee18c620e4b7c19258d2619b732a4fdf48320a04d8e216a018b99e046d7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:fcbba8962e1f5fa864c073f86467468d732a6edc9fc78cbeb6050a35beced88e_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:407b37dd42635c1d11de7cca69e620c140416a401c1a608d5e8f06a18ff51374_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:49542fec00ff65d1d4d27849c67468fb5d0b1314f7a9010d67c0dbbf55c1306b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:7d8a4815dee1f4e109876d47184b669e81dc22421b602f2beef48588f414743e_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:81b661df0703a3d7cddfce3be55b12aa297164177990b263f4b584bf9de948c7_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:0172d2aefc611c66c1ceac5acbe771b0109944024ccaa1534a992c154cc70186_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:293ef0eb34e035a972f5a45b87970cecc7942c6bee6da68c4d1f3ba2bd1e92d4_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:6327e0c83d4f21f33053bdc92a8091cfd7a53f272f57f3fa8e045611229f98ba_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:dbbcfdcdd4b7dca0363140675ccbf5a7e17cf6671e9c7d0858309eaa9e3e35bb_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:28a794322e00582e5d74c3a7e0934735652d09ae83ac59f925434a8e2f32ca81_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:7bbef82965d81bd768d915a1bcc220c7fb21c321e2ffb861eb628c81eeb8e000_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:abf18be2515f0e0bdf54c29e96c517043e23a248b84b72a7c77fb6627535435a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:c0341aec6013018cc7f97d4a9ac1ea4537a7fee8dbe473958ceab0f67e8bc502_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:084b7af79fce2ccd8e9291054e727cd536b2e8d0392d6fae41070acc640dda7d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:392e140789a39e10526de2cae19316759ff36c954c7b0e8d88fac91556be3bf0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:86b5406c483065ae2085721e6069f36767d6dc512d8f885ac02660955fb5fbed_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b55b09211c8e5857060baca392be5534a3707d0a876ceb76939908b271163cc0_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:09d04d86a4e646d6e45e57893d383432fa966ac536e460ff6fdd375c939d96ca_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5f070c96656b4e01a691caa916dcf81fb34c153d192d26acec7c08cc7f9d6fda_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7dd97c5e5b1c3502c52352decbe48b0f0998e59604da618dbb2689f8a9a86cf1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:cdf3a7e2f5e76c59d9b3228daeabce86478693f7311ff44db0b0bbe41d9cc310_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4d0c6c49b2c660d5ed04273cfcd5e01444c7c479432c374ecbcb4b99334b2ac9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4e512e8195d93a887d411bf23da9602cdbfb46a0aa9b15292f500cf2eda284e6_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4f581fd9388ba9256a34b85296a8f3728826804bd9f59fe0f8832d91c3ecc8ae_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:c0bb751d102763412fc936fb3b69a45e477bc2c0aa71b5f6fa5c0f69a94d8767_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:099a9a6e6ecc221ce47fe8da358fb90caf1de22cc90353adbd2f4073e3a8c962_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:221bf107c93e183a093dc13a41d2e2d907e97c1a74242bf7bfefae2c1436f02c_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:6c6842b5ba5d85e3d9990ae73754499863ed648c9b7efa9c75ab7936093d6c06_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:df0b0c0364bbe30220bd92c24ba41c54d4b871503e6b4ccdc8b7991031830637_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0ab18d9cc3d927e162c25e895bb5d55a970b5906f83c95f0759b659a2a2d45c2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:563b8f4b130657936b077139d86d648e6c65d68cf51bbcf09f3f2790db23cfd8_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:911f2c0b5159f6c13c6f4dc958ac66e987cab2b091f55e75b998d95cc1ae3e72_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:f4d5e0ab476f92e9985e86c0a6200f82e60972df12976c2ca64ff596c8e84bd0_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:7672a4b3475e71674897eb4c2d47c84bd7151ff71716d19dd29d8e140bc7b2ec_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:823118b612b0bfc3c10d1ad07d65236a8e21d703e64a09c5bdc9377fc0e7cf47_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:8355c8f725d3713be992545bc8396582be6d792bec620b95bc5cd5475436a903_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f280ea9888acab2a2aee6fece6a99257b6b0a2093a042b958382684d1f590334_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:5094"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:4f73fc9525b461cb31c7f76a776b3ba6d586de87e763f3dace8edea1031d2dd8_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:677746a7132573b2b40658fad4801cbe3d0381079f2d6cd7ee508318d75e6ad0_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a312eee18c620e4b7c19258d2619b732a4fdf48320a04d8e216a018b99e046d7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:fcbba8962e1f5fa864c073f86467468d732a6edc9fc78cbeb6050a35beced88e_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:407b37dd42635c1d11de7cca69e620c140416a401c1a608d5e8f06a18ff51374_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:49542fec00ff65d1d4d27849c67468fb5d0b1314f7a9010d67c0dbbf55c1306b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:7d8a4815dee1f4e109876d47184b669e81dc22421b602f2beef48588f414743e_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:81b661df0703a3d7cddfce3be55b12aa297164177990b263f4b584bf9de948c7_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:0172d2aefc611c66c1ceac5acbe771b0109944024ccaa1534a992c154cc70186_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:293ef0eb34e035a972f5a45b87970cecc7942c6bee6da68c4d1f3ba2bd1e92d4_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:6327e0c83d4f21f33053bdc92a8091cfd7a53f272f57f3fa8e045611229f98ba_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:dbbcfdcdd4b7dca0363140675ccbf5a7e17cf6671e9c7d0858309eaa9e3e35bb_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:28a794322e00582e5d74c3a7e0934735652d09ae83ac59f925434a8e2f32ca81_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:7bbef82965d81bd768d915a1bcc220c7fb21c321e2ffb861eb628c81eeb8e000_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:abf18be2515f0e0bdf54c29e96c517043e23a248b84b72a7c77fb6627535435a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:c0341aec6013018cc7f97d4a9ac1ea4537a7fee8dbe473958ceab0f67e8bc502_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:084b7af79fce2ccd8e9291054e727cd536b2e8d0392d6fae41070acc640dda7d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:392e140789a39e10526de2cae19316759ff36c954c7b0e8d88fac91556be3bf0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:86b5406c483065ae2085721e6069f36767d6dc512d8f885ac02660955fb5fbed_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b55b09211c8e5857060baca392be5534a3707d0a876ceb76939908b271163cc0_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:09d04d86a4e646d6e45e57893d383432fa966ac536e460ff6fdd375c939d96ca_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5f070c96656b4e01a691caa916dcf81fb34c153d192d26acec7c08cc7f9d6fda_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7dd97c5e5b1c3502c52352decbe48b0f0998e59604da618dbb2689f8a9a86cf1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:cdf3a7e2f5e76c59d9b3228daeabce86478693f7311ff44db0b0bbe41d9cc310_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4d0c6c49b2c660d5ed04273cfcd5e01444c7c479432c374ecbcb4b99334b2ac9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4e512e8195d93a887d411bf23da9602cdbfb46a0aa9b15292f500cf2eda284e6_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4f581fd9388ba9256a34b85296a8f3728826804bd9f59fe0f8832d91c3ecc8ae_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:c0bb751d102763412fc936fb3b69a45e477bc2c0aa71b5f6fa5c0f69a94d8767_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:099a9a6e6ecc221ce47fe8da358fb90caf1de22cc90353adbd2f4073e3a8c962_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:221bf107c93e183a093dc13a41d2e2d907e97c1a74242bf7bfefae2c1436f02c_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:6c6842b5ba5d85e3d9990ae73754499863ed648c9b7efa9c75ab7936093d6c06_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:df0b0c0364bbe30220bd92c24ba41c54d4b871503e6b4ccdc8b7991031830637_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0ab18d9cc3d927e162c25e895bb5d55a970b5906f83c95f0759b659a2a2d45c2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:563b8f4b130657936b077139d86d648e6c65d68cf51bbcf09f3f2790db23cfd8_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:911f2c0b5159f6c13c6f4dc958ac66e987cab2b091f55e75b998d95cc1ae3e72_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:f4d5e0ab476f92e9985e86c0a6200f82e60972df12976c2ca64ff596c8e84bd0_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:7672a4b3475e71674897eb4c2d47c84bd7151ff71716d19dd29d8e140bc7b2ec_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:823118b612b0bfc3c10d1ad07d65236a8e21d703e64a09c5bdc9377fc0e7cf47_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:8355c8f725d3713be992545bc8396582be6d792bec620b95bc5cd5475436a903_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f280ea9888acab2a2aee6fece6a99257b6b0a2093a042b958382684d1f590334_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: archive/zip: Incorrect handling of certain ZIP files"
},
{
"cve": "CVE-2024-28176",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2024-03-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2268820"
}
],
"notes": [
{
"category": "description",
"text": "Jose was found to have an uncontrolled resource consumption vulnerability. Under certain conditions, the user\u0027s environment can consume an unreasonable amount of CPU time or memory during JWE decryption operations, leading to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jose: resource exhaustion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:4f73fc9525b461cb31c7f76a776b3ba6d586de87e763f3dace8edea1031d2dd8_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:677746a7132573b2b40658fad4801cbe3d0381079f2d6cd7ee508318d75e6ad0_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a312eee18c620e4b7c19258d2619b732a4fdf48320a04d8e216a018b99e046d7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:fcbba8962e1f5fa864c073f86467468d732a6edc9fc78cbeb6050a35beced88e_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:407b37dd42635c1d11de7cca69e620c140416a401c1a608d5e8f06a18ff51374_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:49542fec00ff65d1d4d27849c67468fb5d0b1314f7a9010d67c0dbbf55c1306b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:7d8a4815dee1f4e109876d47184b669e81dc22421b602f2beef48588f414743e_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:81b661df0703a3d7cddfce3be55b12aa297164177990b263f4b584bf9de948c7_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:0172d2aefc611c66c1ceac5acbe771b0109944024ccaa1534a992c154cc70186_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:293ef0eb34e035a972f5a45b87970cecc7942c6bee6da68c4d1f3ba2bd1e92d4_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:6327e0c83d4f21f33053bdc92a8091cfd7a53f272f57f3fa8e045611229f98ba_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:dbbcfdcdd4b7dca0363140675ccbf5a7e17cf6671e9c7d0858309eaa9e3e35bb_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:28a794322e00582e5d74c3a7e0934735652d09ae83ac59f925434a8e2f32ca81_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:7bbef82965d81bd768d915a1bcc220c7fb21c321e2ffb861eb628c81eeb8e000_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:abf18be2515f0e0bdf54c29e96c517043e23a248b84b72a7c77fb6627535435a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:c0341aec6013018cc7f97d4a9ac1ea4537a7fee8dbe473958ceab0f67e8bc502_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:084b7af79fce2ccd8e9291054e727cd536b2e8d0392d6fae41070acc640dda7d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:392e140789a39e10526de2cae19316759ff36c954c7b0e8d88fac91556be3bf0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:86b5406c483065ae2085721e6069f36767d6dc512d8f885ac02660955fb5fbed_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b55b09211c8e5857060baca392be5534a3707d0a876ceb76939908b271163cc0_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:09d04d86a4e646d6e45e57893d383432fa966ac536e460ff6fdd375c939d96ca_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5f070c96656b4e01a691caa916dcf81fb34c153d192d26acec7c08cc7f9d6fda_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7dd97c5e5b1c3502c52352decbe48b0f0998e59604da618dbb2689f8a9a86cf1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:cdf3a7e2f5e76c59d9b3228daeabce86478693f7311ff44db0b0bbe41d9cc310_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4d0c6c49b2c660d5ed04273cfcd5e01444c7c479432c374ecbcb4b99334b2ac9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4e512e8195d93a887d411bf23da9602cdbfb46a0aa9b15292f500cf2eda284e6_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4f581fd9388ba9256a34b85296a8f3728826804bd9f59fe0f8832d91c3ecc8ae_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:c0bb751d102763412fc936fb3b69a45e477bc2c0aa71b5f6fa5c0f69a94d8767_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:099a9a6e6ecc221ce47fe8da358fb90caf1de22cc90353adbd2f4073e3a8c962_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:221bf107c93e183a093dc13a41d2e2d907e97c1a74242bf7bfefae2c1436f02c_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:6c6842b5ba5d85e3d9990ae73754499863ed648c9b7efa9c75ab7936093d6c06_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:df0b0c0364bbe30220bd92c24ba41c54d4b871503e6b4ccdc8b7991031830637_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0ab18d9cc3d927e162c25e895bb5d55a970b5906f83c95f0759b659a2a2d45c2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:563b8f4b130657936b077139d86d648e6c65d68cf51bbcf09f3f2790db23cfd8_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:911f2c0b5159f6c13c6f4dc958ac66e987cab2b091f55e75b998d95cc1ae3e72_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:f4d5e0ab476f92e9985e86c0a6200f82e60972df12976c2ca64ff596c8e84bd0_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:7672a4b3475e71674897eb4c2d47c84bd7151ff71716d19dd29d8e140bc7b2ec_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:823118b612b0bfc3c10d1ad07d65236a8e21d703e64a09c5bdc9377fc0e7cf47_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:8355c8f725d3713be992545bc8396582be6d792bec620b95bc5cd5475436a903_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f280ea9888acab2a2aee6fece6a99257b6b0a2093a042b958382684d1f590334_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-28176"
},
{
"category": "external",
"summary": "RHBZ#2268820",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268820"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-28176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28176"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-28176",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28176"
},
{
"category": "external",
"summary": "https://github.com/panva/jose/security/advisories/GHSA-hhhv-q57g-882q",
"url": "https://github.com/panva/jose/security/advisories/GHSA-hhhv-q57g-882q"
}
],
"release_date": "2024-03-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-08-07T15:39:25+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:4f73fc9525b461cb31c7f76a776b3ba6d586de87e763f3dace8edea1031d2dd8_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:677746a7132573b2b40658fad4801cbe3d0381079f2d6cd7ee508318d75e6ad0_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a312eee18c620e4b7c19258d2619b732a4fdf48320a04d8e216a018b99e046d7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:fcbba8962e1f5fa864c073f86467468d732a6edc9fc78cbeb6050a35beced88e_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:407b37dd42635c1d11de7cca69e620c140416a401c1a608d5e8f06a18ff51374_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:49542fec00ff65d1d4d27849c67468fb5d0b1314f7a9010d67c0dbbf55c1306b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:7d8a4815dee1f4e109876d47184b669e81dc22421b602f2beef48588f414743e_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:81b661df0703a3d7cddfce3be55b12aa297164177990b263f4b584bf9de948c7_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:0172d2aefc611c66c1ceac5acbe771b0109944024ccaa1534a992c154cc70186_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:293ef0eb34e035a972f5a45b87970cecc7942c6bee6da68c4d1f3ba2bd1e92d4_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:6327e0c83d4f21f33053bdc92a8091cfd7a53f272f57f3fa8e045611229f98ba_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:dbbcfdcdd4b7dca0363140675ccbf5a7e17cf6671e9c7d0858309eaa9e3e35bb_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:28a794322e00582e5d74c3a7e0934735652d09ae83ac59f925434a8e2f32ca81_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:7bbef82965d81bd768d915a1bcc220c7fb21c321e2ffb861eb628c81eeb8e000_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:abf18be2515f0e0bdf54c29e96c517043e23a248b84b72a7c77fb6627535435a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:c0341aec6013018cc7f97d4a9ac1ea4537a7fee8dbe473958ceab0f67e8bc502_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:084b7af79fce2ccd8e9291054e727cd536b2e8d0392d6fae41070acc640dda7d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:392e140789a39e10526de2cae19316759ff36c954c7b0e8d88fac91556be3bf0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:86b5406c483065ae2085721e6069f36767d6dc512d8f885ac02660955fb5fbed_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b55b09211c8e5857060baca392be5534a3707d0a876ceb76939908b271163cc0_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:09d04d86a4e646d6e45e57893d383432fa966ac536e460ff6fdd375c939d96ca_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5f070c96656b4e01a691caa916dcf81fb34c153d192d26acec7c08cc7f9d6fda_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7dd97c5e5b1c3502c52352decbe48b0f0998e59604da618dbb2689f8a9a86cf1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:cdf3a7e2f5e76c59d9b3228daeabce86478693f7311ff44db0b0bbe41d9cc310_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4d0c6c49b2c660d5ed04273cfcd5e01444c7c479432c374ecbcb4b99334b2ac9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4e512e8195d93a887d411bf23da9602cdbfb46a0aa9b15292f500cf2eda284e6_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4f581fd9388ba9256a34b85296a8f3728826804bd9f59fe0f8832d91c3ecc8ae_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:c0bb751d102763412fc936fb3b69a45e477bc2c0aa71b5f6fa5c0f69a94d8767_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:099a9a6e6ecc221ce47fe8da358fb90caf1de22cc90353adbd2f4073e3a8c962_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:221bf107c93e183a093dc13a41d2e2d907e97c1a74242bf7bfefae2c1436f02c_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:6c6842b5ba5d85e3d9990ae73754499863ed648c9b7efa9c75ab7936093d6c06_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:df0b0c0364bbe30220bd92c24ba41c54d4b871503e6b4ccdc8b7991031830637_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0ab18d9cc3d927e162c25e895bb5d55a970b5906f83c95f0759b659a2a2d45c2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:563b8f4b130657936b077139d86d648e6c65d68cf51bbcf09f3f2790db23cfd8_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:911f2c0b5159f6c13c6f4dc958ac66e987cab2b091f55e75b998d95cc1ae3e72_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:f4d5e0ab476f92e9985e86c0a6200f82e60972df12976c2ca64ff596c8e84bd0_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:7672a4b3475e71674897eb4c2d47c84bd7151ff71716d19dd29d8e140bc7b2ec_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:823118b612b0bfc3c10d1ad07d65236a8e21d703e64a09c5bdc9377fc0e7cf47_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:8355c8f725d3713be992545bc8396582be6d792bec620b95bc5cd5475436a903_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f280ea9888acab2a2aee6fece6a99257b6b0a2093a042b958382684d1f590334_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:5094"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:4f73fc9525b461cb31c7f76a776b3ba6d586de87e763f3dace8edea1031d2dd8_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:677746a7132573b2b40658fad4801cbe3d0381079f2d6cd7ee508318d75e6ad0_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a312eee18c620e4b7c19258d2619b732a4fdf48320a04d8e216a018b99e046d7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:fcbba8962e1f5fa864c073f86467468d732a6edc9fc78cbeb6050a35beced88e_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:407b37dd42635c1d11de7cca69e620c140416a401c1a608d5e8f06a18ff51374_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:49542fec00ff65d1d4d27849c67468fb5d0b1314f7a9010d67c0dbbf55c1306b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:7d8a4815dee1f4e109876d47184b669e81dc22421b602f2beef48588f414743e_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:81b661df0703a3d7cddfce3be55b12aa297164177990b263f4b584bf9de948c7_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:0172d2aefc611c66c1ceac5acbe771b0109944024ccaa1534a992c154cc70186_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:293ef0eb34e035a972f5a45b87970cecc7942c6bee6da68c4d1f3ba2bd1e92d4_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:6327e0c83d4f21f33053bdc92a8091cfd7a53f272f57f3fa8e045611229f98ba_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:dbbcfdcdd4b7dca0363140675ccbf5a7e17cf6671e9c7d0858309eaa9e3e35bb_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:28a794322e00582e5d74c3a7e0934735652d09ae83ac59f925434a8e2f32ca81_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:7bbef82965d81bd768d915a1bcc220c7fb21c321e2ffb861eb628c81eeb8e000_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:abf18be2515f0e0bdf54c29e96c517043e23a248b84b72a7c77fb6627535435a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:c0341aec6013018cc7f97d4a9ac1ea4537a7fee8dbe473958ceab0f67e8bc502_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:084b7af79fce2ccd8e9291054e727cd536b2e8d0392d6fae41070acc640dda7d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:392e140789a39e10526de2cae19316759ff36c954c7b0e8d88fac91556be3bf0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:86b5406c483065ae2085721e6069f36767d6dc512d8f885ac02660955fb5fbed_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b55b09211c8e5857060baca392be5534a3707d0a876ceb76939908b271163cc0_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:09d04d86a4e646d6e45e57893d383432fa966ac536e460ff6fdd375c939d96ca_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5f070c96656b4e01a691caa916dcf81fb34c153d192d26acec7c08cc7f9d6fda_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7dd97c5e5b1c3502c52352decbe48b0f0998e59604da618dbb2689f8a9a86cf1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:cdf3a7e2f5e76c59d9b3228daeabce86478693f7311ff44db0b0bbe41d9cc310_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4d0c6c49b2c660d5ed04273cfcd5e01444c7c479432c374ecbcb4b99334b2ac9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4e512e8195d93a887d411bf23da9602cdbfb46a0aa9b15292f500cf2eda284e6_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4f581fd9388ba9256a34b85296a8f3728826804bd9f59fe0f8832d91c3ecc8ae_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:c0bb751d102763412fc936fb3b69a45e477bc2c0aa71b5f6fa5c0f69a94d8767_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:099a9a6e6ecc221ce47fe8da358fb90caf1de22cc90353adbd2f4073e3a8c962_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:221bf107c93e183a093dc13a41d2e2d907e97c1a74242bf7bfefae2c1436f02c_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:6c6842b5ba5d85e3d9990ae73754499863ed648c9b7efa9c75ab7936093d6c06_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:df0b0c0364bbe30220bd92c24ba41c54d4b871503e6b4ccdc8b7991031830637_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0ab18d9cc3d927e162c25e895bb5d55a970b5906f83c95f0759b659a2a2d45c2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:563b8f4b130657936b077139d86d648e6c65d68cf51bbcf09f3f2790db23cfd8_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:911f2c0b5159f6c13c6f4dc958ac66e987cab2b091f55e75b998d95cc1ae3e72_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:f4d5e0ab476f92e9985e86c0a6200f82e60972df12976c2ca64ff596c8e84bd0_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:7672a4b3475e71674897eb4c2d47c84bd7151ff71716d19dd29d8e140bc7b2ec_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:823118b612b0bfc3c10d1ad07d65236a8e21d703e64a09c5bdc9377fc0e7cf47_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:8355c8f725d3713be992545bc8396582be6d792bec620b95bc5cd5475436a903_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f280ea9888acab2a2aee6fece6a99257b6b0a2093a042b958382684d1f590334_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:4f73fc9525b461cb31c7f76a776b3ba6d586de87e763f3dace8edea1031d2dd8_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:677746a7132573b2b40658fad4801cbe3d0381079f2d6cd7ee508318d75e6ad0_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a312eee18c620e4b7c19258d2619b732a4fdf48320a04d8e216a018b99e046d7_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:fcbba8962e1f5fa864c073f86467468d732a6edc9fc78cbeb6050a35beced88e_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:407b37dd42635c1d11de7cca69e620c140416a401c1a608d5e8f06a18ff51374_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:49542fec00ff65d1d4d27849c67468fb5d0b1314f7a9010d67c0dbbf55c1306b_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:7d8a4815dee1f4e109876d47184b669e81dc22421b602f2beef48588f414743e_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:81b661df0703a3d7cddfce3be55b12aa297164177990b263f4b584bf9de948c7_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:0172d2aefc611c66c1ceac5acbe771b0109944024ccaa1534a992c154cc70186_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:293ef0eb34e035a972f5a45b87970cecc7942c6bee6da68c4d1f3ba2bd1e92d4_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:6327e0c83d4f21f33053bdc92a8091cfd7a53f272f57f3fa8e045611229f98ba_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:dbbcfdcdd4b7dca0363140675ccbf5a7e17cf6671e9c7d0858309eaa9e3e35bb_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:28a794322e00582e5d74c3a7e0934735652d09ae83ac59f925434a8e2f32ca81_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:7bbef82965d81bd768d915a1bcc220c7fb21c321e2ffb861eb628c81eeb8e000_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:abf18be2515f0e0bdf54c29e96c517043e23a248b84b72a7c77fb6627535435a_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:c0341aec6013018cc7f97d4a9ac1ea4537a7fee8dbe473958ceab0f67e8bc502_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:084b7af79fce2ccd8e9291054e727cd536b2e8d0392d6fae41070acc640dda7d_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:392e140789a39e10526de2cae19316759ff36c954c7b0e8d88fac91556be3bf0_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:86b5406c483065ae2085721e6069f36767d6dc512d8f885ac02660955fb5fbed_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b55b09211c8e5857060baca392be5534a3707d0a876ceb76939908b271163cc0_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:09d04d86a4e646d6e45e57893d383432fa966ac536e460ff6fdd375c939d96ca_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5f070c96656b4e01a691caa916dcf81fb34c153d192d26acec7c08cc7f9d6fda_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7dd97c5e5b1c3502c52352decbe48b0f0998e59604da618dbb2689f8a9a86cf1_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:cdf3a7e2f5e76c59d9b3228daeabce86478693f7311ff44db0b0bbe41d9cc310_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4d0c6c49b2c660d5ed04273cfcd5e01444c7c479432c374ecbcb4b99334b2ac9_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4e512e8195d93a887d411bf23da9602cdbfb46a0aa9b15292f500cf2eda284e6_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4f581fd9388ba9256a34b85296a8f3728826804bd9f59fe0f8832d91c3ecc8ae_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:c0bb751d102763412fc936fb3b69a45e477bc2c0aa71b5f6fa5c0f69a94d8767_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:099a9a6e6ecc221ce47fe8da358fb90caf1de22cc90353adbd2f4073e3a8c962_s390x",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:221bf107c93e183a093dc13a41d2e2d907e97c1a74242bf7bfefae2c1436f02c_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:6c6842b5ba5d85e3d9990ae73754499863ed648c9b7efa9c75ab7936093d6c06_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:df0b0c0364bbe30220bd92c24ba41c54d4b871503e6b4ccdc8b7991031830637_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0ab18d9cc3d927e162c25e895bb5d55a970b5906f83c95f0759b659a2a2d45c2_ppc64le",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:563b8f4b130657936b077139d86d648e6c65d68cf51bbcf09f3f2790db23cfd8_amd64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:911f2c0b5159f6c13c6f4dc958ac66e987cab2b091f55e75b998d95cc1ae3e72_arm64",
"8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:f4d5e0ab476f92e9985e86c0a6200f82e60972df12976c2ca64ff596c8e84bd0_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:7672a4b3475e71674897eb4c2d47c84bd7151ff71716d19dd29d8e140bc7b2ec_s390x",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:823118b612b0bfc3c10d1ad07d65236a8e21d703e64a09c5bdc9377fc0e7cf47_arm64",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:8355c8f725d3713be992545bc8396582be6d792bec620b95bc5cd5475436a903_ppc64le",
"9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f280ea9888acab2a2aee6fece6a99257b6b0a2093a042b958382684d1f590334_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jose: resource exhaustion"
}
]
}
ghsa-qrqr-3x5j-2xw9
Vulnerability from github
Published
2024-01-31 23:28
Modified
2024-07-08 15:54
Severity ?
Summary
Docker Authentication Bypass
Details
An issue was discovered in Docker Moby before 17.06.0. The Docker engine validated a client TLS certificate using both the configured client CA root certificate and all system roots on non-Windows systems. This allowed a client with any domain validated certificate signed by a system-trusted root CA (as opposed to one signed by the configured CA root certificate) to authenticate.
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "github.com/docker/docker"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "17.06.0-ce"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2018-12608"
],
"database_specific": {
"cwe_ids": [
"CWE-288"
],
"github_reviewed": true,
"github_reviewed_at": "2024-01-31T23:28:22Z",
"nvd_published_at": null,
"severity": "HIGH"
},
"details": "An issue was discovered in Docker Moby before 17.06.0. The Docker engine validated a client TLS certificate using both the configured client CA root certificate and all system roots on non-Windows systems. This allowed a client with any domain validated certificate signed by a system-trusted root CA (as opposed to one signed by the configured CA root certificate) to authenticate.",
"id": "GHSA-qrqr-3x5j-2xw9",
"modified": "2024-07-08T15:54:29Z",
"published": "2024-01-31T23:28:22Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12608"
},
{
"type": "WEB",
"url": "https://github.com/moby/moby/issues/33173"
},
{
"type": "WEB",
"url": "https://github.com/moby/moby/pull/33182"
},
{
"type": "WEB",
"url": "https://github.com/moby/moby/commit/190c6e8cf8b893874a33d83f78307f1bed0bfbcd"
},
{
"type": "PACKAGE",
"url": "https://github.com/moby/moby"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"type": "CVSS_V3"
}
],
"summary": "Docker Authentication Bypass"
}
gsd-2018-12608
Vulnerability from gsd
Modified
2023-12-13 01:22
Details
An issue was discovered in Docker Moby before 17.06.0. The Docker engine validated a client TLS certificate using both the configured client CA root certificate and all system roots on non-Windows systems. This allowed a client with any domain validated certificate signed by a system-trusted root CA (as opposed to one signed by the configured CA root certificate) to authenticate.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2018-12608",
"description": "An issue was discovered in Docker Moby before 17.06.0. The Docker engine validated a client TLS certificate using both the configured client CA root certificate and all system roots on non-Windows systems. This allowed a client with any domain validated certificate signed by a system-trusted root CA (as opposed to one signed by the configured CA root certificate) to authenticate.",
"id": "GSD-2018-12608"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2018-12608"
],
"details": "An issue was discovered in Docker Moby before 17.06.0. The Docker engine validated a client TLS certificate using both the configured client CA root certificate and all system roots on non-Windows systems. This allowed a client with any domain validated certificate signed by a system-trusted root CA (as opposed to one signed by the configured CA root certificate) to authenticate.",
"id": "GSD-2018-12608",
"modified": "2023-12-13T01:22:29.819687Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-12608",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in Docker Moby before 17.06.0. The Docker engine validated a client TLS certificate using both the configured client CA root certificate and all system roots on non-Windows systems. This allowed a client with any domain validated certificate signed by a system-trusted root CA (as opposed to one signed by the configured CA root certificate) to authenticate."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/moby/moby/pull/33182",
"refsource": "MISC",
"url": "https://github.com/moby/moby/pull/33182"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:mobyproject:moby:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "17.06.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-12608"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "An issue was discovered in Docker Moby before 17.06.0. The Docker engine validated a client TLS certificate using both the configured client CA root certificate and all system roots on non-Windows systems. This allowed a client with any domain validated certificate signed by a system-trusted root CA (as opposed to one signed by the configured CA root certificate) to authenticate."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-295"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/moby/moby/pull/33182",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/moby/moby/pull/33182"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
},
"lastModifiedDate": "2018-11-19T16:29Z",
"publishedDate": "2018-09-10T17:29Z"
}
}
}
Loading...
Loading...
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.