Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2018-12608
Vulnerability from cvelistv5
Published
2018-09-10 17:00
Modified
2024-08-05 08:38
Severity ?
EPSS score ?
Summary
An issue was discovered in Docker Moby before 17.06.0. The Docker engine validated a client TLS certificate using both the configured client CA root certificate and all system roots on non-Windows systems. This allowed a client with any domain validated certificate signed by a system-trusted root CA (as opposed to one signed by the configured CA root certificate) to authenticate.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | https://github.com/moby/moby/pull/33182 | Patch, Third Party Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | https://github.com/moby/moby/pull/33182 | Patch, Third Party Advisory |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T08:38:06.338Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/moby/moby/pull/33182" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2018-09-10T00:00:00", "descriptions": [ { "lang": "en", "value": "An issue was discovered in Docker Moby before 17.06.0. The Docker engine validated a client TLS certificate using both the configured client CA root certificate and all system roots on non-Windows systems. This allowed a client with any domain validated certificate signed by a system-trusted root CA (as opposed to one signed by the configured CA root certificate) to authenticate." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-09-10T17:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/moby/moby/pull/33182" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-12608", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An issue was discovered in Docker Moby before 17.06.0. The Docker engine validated a client TLS certificate using both the configured client CA root certificate and all system roots on non-Windows systems. This allowed a client with any domain validated certificate signed by a system-trusted root CA (as opposed to one signed by the configured CA root certificate) to authenticate." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://github.com/moby/moby/pull/33182", "refsource": "MISC", "url": "https://github.com/moby/moby/pull/33182" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2018-12608", "datePublished": "2018-09-10T17:00:00", "dateReserved": "2018-06-21T00:00:00", "dateUpdated": "2024-08-05T08:38:06.338Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "vulnerability-lookup:meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2018-12608\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2018-09-10T17:29:00.287\",\"lastModified\":\"2024-11-21T03:45:32.067\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An issue was discovered in Docker Moby before 17.06.0. The Docker engine validated a client TLS certificate using both the configured client CA root certificate and all system roots on non-Windows systems. This allowed a client with any domain validated certificate signed by a system-trusted root CA (as opposed to one signed by the configured CA root certificate) to authenticate.\"},{\"lang\":\"es\",\"value\":\"Se ha descubierto un problema en Docker Moby, en versiones anteriores a la 17.06.0. EL motor Docker valid\u00f3 el certificado TLS del cliente mediante el certificado root del CA del cliente configurado y todos los roots del sistema en sistemas que no son Windows. Esto permiti\u00f3 que un cliente con cualquier certificado de dominio validado por una CA root en la que conf\u00eda el sistema (al contrario que otro firmado por la CA root configurada) para autenticarse\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:P/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-295\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mobyproject:moby:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"17.06.0\",\"matchCriteriaId\":\"779519D6-D1A3-464C-9ECD-601E87099FFD\"}]}]}],\"references\":[{\"url\":\"https://github.com/moby/moby/pull/33182\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/moby/moby/pull/33182\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]}]}}" } }
gsd-2018-12608
Vulnerability from gsd
Modified
2023-12-13 01:22
Details
An issue was discovered in Docker Moby before 17.06.0. The Docker engine validated a client TLS certificate using both the configured client CA root certificate and all system roots on non-Windows systems. This allowed a client with any domain validated certificate signed by a system-trusted root CA (as opposed to one signed by the configured CA root certificate) to authenticate.
Aliases
Aliases
{ "GSD": { "alias": "CVE-2018-12608", "description": "An issue was discovered in Docker Moby before 17.06.0. The Docker engine validated a client TLS certificate using both the configured client CA root certificate and all system roots on non-Windows systems. This allowed a client with any domain validated certificate signed by a system-trusted root CA (as opposed to one signed by the configured CA root certificate) to authenticate.", "id": "GSD-2018-12608" }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2018-12608" ], "details": "An issue was discovered in Docker Moby before 17.06.0. The Docker engine validated a client TLS certificate using both the configured client CA root certificate and all system roots on non-Windows systems. This allowed a client with any domain validated certificate signed by a system-trusted root CA (as opposed to one signed by the configured CA root certificate) to authenticate.", "id": "GSD-2018-12608", "modified": "2023-12-13T01:22:29.819687Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-12608", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An issue was discovered in Docker Moby before 17.06.0. The Docker engine validated a client TLS certificate using both the configured client CA root certificate and all system roots on non-Windows systems. This allowed a client with any domain validated certificate signed by a system-trusted root CA (as opposed to one signed by the configured CA root certificate) to authenticate." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://github.com/moby/moby/pull/33182", "refsource": "MISC", "url": "https://github.com/moby/moby/pull/33182" } ] } }, "nvd.nist.gov": { "configurations": { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:mobyproject:moby:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "17.06.0", "vulnerable": true } ], "operator": "OR" } ] }, "cve": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-12608" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "en", "value": "An issue was discovered in Docker Moby before 17.06.0. The Docker engine validated a client TLS certificate using both the configured client CA root certificate and all system roots on non-Windows systems. This allowed a client with any domain validated certificate signed by a system-trusted root CA (as opposed to one signed by the configured CA root certificate) to authenticate." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "en", "value": "CWE-295" } ] } ] }, "references": { "reference_data": [ { "name": "https://github.com/moby/moby/pull/33182", "refsource": "MISC", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://github.com/moby/moby/pull/33182" } ] } }, "impact": { "baseMetricV2": { "cvssV2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false }, "baseMetricV3": { "cvssV3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.0" }, "exploitabilityScore": 3.9, "impactScore": 3.6 } }, "lastModifiedDate": "2018-11-19T16:29Z", "publishedDate": "2018-09-10T17:29Z" } } }
rhsa-2024_5094
Vulnerability from csaf_redhat
Published
2024-08-07 15:39
Modified
2024-12-17 20:58
Summary
Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.6.0 security update
Notes
Topic
Red Hat OpenShift Service Mesh Containers for 2.6.0
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.
Security Fix(es):
* quic-go: memory exhaustion attack against QUIC's connection ID mechanism(CVE-2024-22189)
* moby: cert signing bypass(CVE-2018-12608)
* golang: archive/zip: Incorrect handling of certain ZIP files(CVE-2024-24789)
* jose: resource exhaustion(CVE-2024-28176)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Red Hat OpenShift Service Mesh Containers for 2.6.0 \n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat OpenShift Service Mesh is Red Hat\u0027s distribution of the Istio service mesh project, tailored for installation into an OpenShift Container Platform installation.\n\nSecurity Fix(es):\n\n* quic-go: memory exhaustion attack against QUIC\u0027s connection ID mechanism(CVE-2024-22189)\n* moby: cert signing bypass(CVE-2018-12608)\n* golang: archive/zip: Incorrect handling of certain ZIP files(CVE-2024-24789)\n* jose: resource exhaustion(CVE-2024-28176)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2024:5094", "url": "https://access.redhat.com/errata/RHSA-2024:5094" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "2268820", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268820" }, { "category": "external", "summary": "2273513", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273513" }, { "category": "external", "summary": "2275812", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275812" }, { "category": "external", "summary": "2292668", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292668" }, { "category": "external", "summary": "OSSM-2101", "url": "https://issues.redhat.com/browse/OSSM-2101" }, { "category": "external", "summary": "OSSM-5687", "url": "https://issues.redhat.com/browse/OSSM-5687" }, { "category": "external", "summary": "OSSM-5854", "url": "https://issues.redhat.com/browse/OSSM-5854" }, { "category": "external", "summary": "OSSM-6009", "url": "https://issues.redhat.com/browse/OSSM-6009" }, { "category": "external", "summary": "OSSM-6296", "url": "https://issues.redhat.com/browse/OSSM-6296" }, { "category": "external", "summary": "OSSM-6336", "url": "https://issues.redhat.com/browse/OSSM-6336" }, { "category": "external", "summary": "OSSM-6391", "url": "https://issues.redhat.com/browse/OSSM-6391" }, { "category": "external", "summary": "OSSM-6682", "url": "https://issues.redhat.com/browse/OSSM-6682" }, { "category": "external", "summary": "OSSM-6693", "url": "https://issues.redhat.com/browse/OSSM-6693" }, { "category": "external", "summary": "OSSM-6699", "url": "https://issues.redhat.com/browse/OSSM-6699" }, { "category": "external", "summary": "OSSM-6700", "url": "https://issues.redhat.com/browse/OSSM-6700" }, { "category": "external", "summary": "OSSM-6703", "url": "https://issues.redhat.com/browse/OSSM-6703" }, { "category": "external", "summary": "OSSM-6762", "url": "https://issues.redhat.com/browse/OSSM-6762" }, { "category": "external", "summary": "OSSM-6769", "url": "https://issues.redhat.com/browse/OSSM-6769" }, { "category": "external", "summary": "OSSM-6774", "url": "https://issues.redhat.com/browse/OSSM-6774" }, { "category": "external", "summary": "OSSM-6777", "url": "https://issues.redhat.com/browse/OSSM-6777" }, { "category": "external", "summary": "OSSM-6781", "url": "https://issues.redhat.com/browse/OSSM-6781" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_5094.json" } ], "title": "Red Hat Security Advisory: Red Hat OpenShift Service Mesh Containers for 2.6.0 security update", "tracking": { "current_release_date": "2024-12-17T20:58:58+00:00", "generator": { "date": "2024-12-17T20:58:58+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.3" } }, "id": "RHSA-2024:5094", "initial_release_date": "2024-08-07T15:39:25+00:00", "revision_history": [ { "date": "2024-08-07T15:39:25+00:00", "number": "1", "summary": "Initial version" }, { "date": "2024-08-07T15:39:25+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-12-17T20:58:58+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "RHOSSM 2.6 for RHEL 8", "product": { "name": "RHOSSM 2.6 for RHEL 8", "product_id": "8Base-RHOSSM-2.6", "product_identification_helper": { "cpe": "cpe:/a:redhat:service_mesh:2.6::el8" } } }, { "category": "product_name", "name": "RHOSSM 2.6 for RHEL 9", "product": { "name": "RHOSSM 2.6 for RHEL 9", "product_id": "9Base-RHOSSM-2.6", "product_identification_helper": { "cpe": "cpe:/a:redhat:service_mesh:2.6::el9" } } } ], "category": "product_family", "name": "Red Hat OpenShift Service Mesh" }, { "branches": [ { "category": "product_version", "name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:084b7af79fce2ccd8e9291054e727cd536b2e8d0392d6fae41070acc640dda7d_s390x", "product": { "name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:084b7af79fce2ccd8e9291054e727cd536b2e8d0392d6fae41070acc640dda7d_s390x", "product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:084b7af79fce2ccd8e9291054e727cd536b2e8d0392d6fae41070acc640dda7d_s390x", "product_identification_helper": { "purl": "pkg:oci/kiali-ossmc-rhel8@sha256:084b7af79fce2ccd8e9291054e727cd536b2e8d0392d6fae41070acc640dda7d?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.73.10-3" } } }, { "category": "product_version", "name": "openshift-service-mesh/istio-cni-rhel8@sha256:407b37dd42635c1d11de7cca69e620c140416a401c1a608d5e8f06a18ff51374_s390x", "product": { "name": "openshift-service-mesh/istio-cni-rhel8@sha256:407b37dd42635c1d11de7cca69e620c140416a401c1a608d5e8f06a18ff51374_s390x", "product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:407b37dd42635c1d11de7cca69e620c140416a401c1a608d5e8f06a18ff51374_s390x", "product_identification_helper": { "purl": "pkg:oci/istio-cni-rhel8@sha256:407b37dd42635c1d11de7cca69e620c140416a401c1a608d5e8f06a18ff51374?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.6.0-21" } } }, { "category": "product_version", "name": "openshift-service-mesh/grafana-rhel8@sha256:4f73fc9525b461cb31c7f76a776b3ba6d586de87e763f3dace8edea1031d2dd8_s390x", "product": { "name": "openshift-service-mesh/grafana-rhel8@sha256:4f73fc9525b461cb31c7f76a776b3ba6d586de87e763f3dace8edea1031d2dd8_s390x", "product_id": "openshift-service-mesh/grafana-rhel8@sha256:4f73fc9525b461cb31c7f76a776b3ba6d586de87e763f3dace8edea1031d2dd8_s390x", "product_identification_helper": { "purl": "pkg:oci/grafana-rhel8@sha256:4f73fc9525b461cb31c7f76a776b3ba6d586de87e763f3dace8edea1031d2dd8?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.6.0-7" } } }, { "category": "product_version", "name": "openshift-service-mesh/kiali-rhel8@sha256:4d0c6c49b2c660d5ed04273cfcd5e01444c7c479432c374ecbcb4b99334b2ac9_s390x", "product": { "name": "openshift-service-mesh/kiali-rhel8@sha256:4d0c6c49b2c660d5ed04273cfcd5e01444c7c479432c374ecbcb4b99334b2ac9_s390x", "product_id": "openshift-service-mesh/kiali-rhel8@sha256:4d0c6c49b2c660d5ed04273cfcd5e01444c7c479432c374ecbcb4b99334b2ac9_s390x", "product_identification_helper": { "purl": "pkg:oci/kiali-rhel8@sha256:4d0c6c49b2c660d5ed04273cfcd5e01444c7c479432c374ecbcb4b99334b2ac9?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.73.9-2" } } }, { "category": "product_version", "name": "openshift-service-mesh/kiali-rhel8-operator@sha256:cdf3a7e2f5e76c59d9b3228daeabce86478693f7311ff44db0b0bbe41d9cc310_s390x", "product": { "name": "openshift-service-mesh/kiali-rhel8-operator@sha256:cdf3a7e2f5e76c59d9b3228daeabce86478693f7311ff44db0b0bbe41d9cc310_s390x", "product_id": "openshift-service-mesh/kiali-rhel8-operator@sha256:cdf3a7e2f5e76c59d9b3228daeabce86478693f7311ff44db0b0bbe41d9cc310_s390x", "product_identification_helper": { "purl": "pkg:oci/kiali-rhel8-operator@sha256:cdf3a7e2f5e76c59d9b3228daeabce86478693f7311ff44db0b0bbe41d9cc310?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8-operator\u0026tag=1.73.10-2" } } }, { "category": "product_version", "name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:dbbcfdcdd4b7dca0363140675ccbf5a7e17cf6671e9c7d0858309eaa9e3e35bb_s390x", "product": { "name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:dbbcfdcdd4b7dca0363140675ccbf5a7e17cf6671e9c7d0858309eaa9e3e35bb_s390x", "product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:dbbcfdcdd4b7dca0363140675ccbf5a7e17cf6671e9c7d0858309eaa9e3e35bb_s390x", "product_identification_helper": { "purl": "pkg:oci/istio-must-gather-rhel8@sha256:dbbcfdcdd4b7dca0363140675ccbf5a7e17cf6671e9c7d0858309eaa9e3e35bb?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.6.0-7" } } }, { "category": "product_version", "name": "openshift-service-mesh/istio-rhel8-operator@sha256:abf18be2515f0e0bdf54c29e96c517043e23a248b84b72a7c77fb6627535435a_s390x", "product": { "name": "openshift-service-mesh/istio-rhel8-operator@sha256:abf18be2515f0e0bdf54c29e96c517043e23a248b84b72a7c77fb6627535435a_s390x", "product_id": "openshift-service-mesh/istio-rhel8-operator@sha256:abf18be2515f0e0bdf54c29e96c517043e23a248b84b72a7c77fb6627535435a_s390x", "product_identification_helper": { "purl": "pkg:oci/istio-rhel8-operator@sha256:abf18be2515f0e0bdf54c29e96c517043e23a248b84b72a7c77fb6627535435a?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel8-operator\u0026tag=2.6.0-27" } } }, { "category": "product_version", "name": "openshift-service-mesh/pilot-rhel8@sha256:099a9a6e6ecc221ce47fe8da358fb90caf1de22cc90353adbd2f4073e3a8c962_s390x", "product": { "name": "openshift-service-mesh/pilot-rhel8@sha256:099a9a6e6ecc221ce47fe8da358fb90caf1de22cc90353adbd2f4073e3a8c962_s390x", "product_id": "openshift-service-mesh/pilot-rhel8@sha256:099a9a6e6ecc221ce47fe8da358fb90caf1de22cc90353adbd2f4073e3a8c962_s390x", "product_identification_helper": { "purl": "pkg:oci/pilot-rhel8@sha256:099a9a6e6ecc221ce47fe8da358fb90caf1de22cc90353adbd2f4073e3a8c962?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.6.0-19" } } }, { "category": "product_version", "name": "openshift-service-mesh/proxyv2-rhel9@sha256:7672a4b3475e71674897eb4c2d47c84bd7151ff71716d19dd29d8e140bc7b2ec_s390x", "product": { "name": "openshift-service-mesh/proxyv2-rhel9@sha256:7672a4b3475e71674897eb4c2d47c84bd7151ff71716d19dd29d8e140bc7b2ec_s390x", "product_id": "openshift-service-mesh/proxyv2-rhel9@sha256:7672a4b3475e71674897eb4c2d47c84bd7151ff71716d19dd29d8e140bc7b2ec_s390x", "product_identification_helper": { "purl": "pkg:oci/proxyv2-rhel9@sha256:7672a4b3475e71674897eb4c2d47c84bd7151ff71716d19dd29d8e140bc7b2ec?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel9\u0026tag=2.6.0-18" } } }, { "category": "product_version", "name": "openshift-service-mesh/ratelimit-rhel8@sha256:f4d5e0ab476f92e9985e86c0a6200f82e60972df12976c2ca64ff596c8e84bd0_s390x", "product": { "name": "openshift-service-mesh/ratelimit-rhel8@sha256:f4d5e0ab476f92e9985e86c0a6200f82e60972df12976c2ca64ff596c8e84bd0_s390x", "product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:f4d5e0ab476f92e9985e86c0a6200f82e60972df12976c2ca64ff596c8e84bd0_s390x", "product_identification_helper": { "purl": "pkg:oci/ratelimit-rhel8@sha256:f4d5e0ab476f92e9985e86c0a6200f82e60972df12976c2ca64ff596c8e84bd0?arch=s390x\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.6.0-8" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:392e140789a39e10526de2cae19316759ff36c954c7b0e8d88fac91556be3bf0_arm64", "product": { "name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:392e140789a39e10526de2cae19316759ff36c954c7b0e8d88fac91556be3bf0_arm64", "product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:392e140789a39e10526de2cae19316759ff36c954c7b0e8d88fac91556be3bf0_arm64", "product_identification_helper": { "purl": "pkg:oci/kiali-ossmc-rhel8@sha256:392e140789a39e10526de2cae19316759ff36c954c7b0e8d88fac91556be3bf0?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.73.10-3" } } }, { "category": "product_version", "name": "openshift-service-mesh/istio-cni-rhel8@sha256:49542fec00ff65d1d4d27849c67468fb5d0b1314f7a9010d67c0dbbf55c1306b_arm64", "product": { "name": "openshift-service-mesh/istio-cni-rhel8@sha256:49542fec00ff65d1d4d27849c67468fb5d0b1314f7a9010d67c0dbbf55c1306b_arm64", "product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:49542fec00ff65d1d4d27849c67468fb5d0b1314f7a9010d67c0dbbf55c1306b_arm64", "product_identification_helper": { "purl": "pkg:oci/istio-cni-rhel8@sha256:49542fec00ff65d1d4d27849c67468fb5d0b1314f7a9010d67c0dbbf55c1306b?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.6.0-21" } } }, { "category": "product_version", "name": "openshift-service-mesh/grafana-rhel8@sha256:a312eee18c620e4b7c19258d2619b732a4fdf48320a04d8e216a018b99e046d7_arm64", "product": { "name": "openshift-service-mesh/grafana-rhel8@sha256:a312eee18c620e4b7c19258d2619b732a4fdf48320a04d8e216a018b99e046d7_arm64", "product_id": "openshift-service-mesh/grafana-rhel8@sha256:a312eee18c620e4b7c19258d2619b732a4fdf48320a04d8e216a018b99e046d7_arm64", "product_identification_helper": { "purl": "pkg:oci/grafana-rhel8@sha256:a312eee18c620e4b7c19258d2619b732a4fdf48320a04d8e216a018b99e046d7?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.6.0-7" } } }, { "category": "product_version", "name": "openshift-service-mesh/kiali-rhel8@sha256:c0bb751d102763412fc936fb3b69a45e477bc2c0aa71b5f6fa5c0f69a94d8767_arm64", "product": { "name": "openshift-service-mesh/kiali-rhel8@sha256:c0bb751d102763412fc936fb3b69a45e477bc2c0aa71b5f6fa5c0f69a94d8767_arm64", "product_id": "openshift-service-mesh/kiali-rhel8@sha256:c0bb751d102763412fc936fb3b69a45e477bc2c0aa71b5f6fa5c0f69a94d8767_arm64", "product_identification_helper": { "purl": "pkg:oci/kiali-rhel8@sha256:c0bb751d102763412fc936fb3b69a45e477bc2c0aa71b5f6fa5c0f69a94d8767?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.73.9-2" } } }, { "category": "product_version", "name": "openshift-service-mesh/kiali-rhel8-operator@sha256:5f070c96656b4e01a691caa916dcf81fb34c153d192d26acec7c08cc7f9d6fda_arm64", "product": { "name": "openshift-service-mesh/kiali-rhel8-operator@sha256:5f070c96656b4e01a691caa916dcf81fb34c153d192d26acec7c08cc7f9d6fda_arm64", "product_id": "openshift-service-mesh/kiali-rhel8-operator@sha256:5f070c96656b4e01a691caa916dcf81fb34c153d192d26acec7c08cc7f9d6fda_arm64", "product_identification_helper": { "purl": "pkg:oci/kiali-rhel8-operator@sha256:5f070c96656b4e01a691caa916dcf81fb34c153d192d26acec7c08cc7f9d6fda?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8-operator\u0026tag=1.73.10-2" } } }, { "category": "product_version", "name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:6327e0c83d4f21f33053bdc92a8091cfd7a53f272f57f3fa8e045611229f98ba_arm64", "product": { "name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:6327e0c83d4f21f33053bdc92a8091cfd7a53f272f57f3fa8e045611229f98ba_arm64", "product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:6327e0c83d4f21f33053bdc92a8091cfd7a53f272f57f3fa8e045611229f98ba_arm64", "product_identification_helper": { "purl": "pkg:oci/istio-must-gather-rhel8@sha256:6327e0c83d4f21f33053bdc92a8091cfd7a53f272f57f3fa8e045611229f98ba?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.6.0-7" } } }, { "category": "product_version", "name": "openshift-service-mesh/istio-rhel8-operator@sha256:c0341aec6013018cc7f97d4a9ac1ea4537a7fee8dbe473958ceab0f67e8bc502_arm64", "product": { "name": "openshift-service-mesh/istio-rhel8-operator@sha256:c0341aec6013018cc7f97d4a9ac1ea4537a7fee8dbe473958ceab0f67e8bc502_arm64", "product_id": "openshift-service-mesh/istio-rhel8-operator@sha256:c0341aec6013018cc7f97d4a9ac1ea4537a7fee8dbe473958ceab0f67e8bc502_arm64", "product_identification_helper": { "purl": "pkg:oci/istio-rhel8-operator@sha256:c0341aec6013018cc7f97d4a9ac1ea4537a7fee8dbe473958ceab0f67e8bc502?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel8-operator\u0026tag=2.6.0-27" } } }, { "category": "product_version", "name": "openshift-service-mesh/pilot-rhel8@sha256:df0b0c0364bbe30220bd92c24ba41c54d4b871503e6b4ccdc8b7991031830637_arm64", "product": { "name": "openshift-service-mesh/pilot-rhel8@sha256:df0b0c0364bbe30220bd92c24ba41c54d4b871503e6b4ccdc8b7991031830637_arm64", "product_id": "openshift-service-mesh/pilot-rhel8@sha256:df0b0c0364bbe30220bd92c24ba41c54d4b871503e6b4ccdc8b7991031830637_arm64", "product_identification_helper": { "purl": "pkg:oci/pilot-rhel8@sha256:df0b0c0364bbe30220bd92c24ba41c54d4b871503e6b4ccdc8b7991031830637?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.6.0-19" } } }, { "category": "product_version", "name": "openshift-service-mesh/proxyv2-rhel9@sha256:823118b612b0bfc3c10d1ad07d65236a8e21d703e64a09c5bdc9377fc0e7cf47_arm64", "product": { "name": "openshift-service-mesh/proxyv2-rhel9@sha256:823118b612b0bfc3c10d1ad07d65236a8e21d703e64a09c5bdc9377fc0e7cf47_arm64", "product_id": "openshift-service-mesh/proxyv2-rhel9@sha256:823118b612b0bfc3c10d1ad07d65236a8e21d703e64a09c5bdc9377fc0e7cf47_arm64", "product_identification_helper": { "purl": "pkg:oci/proxyv2-rhel9@sha256:823118b612b0bfc3c10d1ad07d65236a8e21d703e64a09c5bdc9377fc0e7cf47?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel9\u0026tag=2.6.0-18" } } }, { "category": "product_version", "name": "openshift-service-mesh/ratelimit-rhel8@sha256:911f2c0b5159f6c13c6f4dc958ac66e987cab2b091f55e75b998d95cc1ae3e72_arm64", "product": { "name": "openshift-service-mesh/ratelimit-rhel8@sha256:911f2c0b5159f6c13c6f4dc958ac66e987cab2b091f55e75b998d95cc1ae3e72_arm64", "product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:911f2c0b5159f6c13c6f4dc958ac66e987cab2b091f55e75b998d95cc1ae3e72_arm64", "product_identification_helper": { "purl": "pkg:oci/ratelimit-rhel8@sha256:911f2c0b5159f6c13c6f4dc958ac66e987cab2b091f55e75b998d95cc1ae3e72?arch=arm64\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.6.0-8" } } } ], "category": "architecture", "name": "arm64" }, { "branches": [ { "category": "product_version", "name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:86b5406c483065ae2085721e6069f36767d6dc512d8f885ac02660955fb5fbed_ppc64le", "product": { "name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:86b5406c483065ae2085721e6069f36767d6dc512d8f885ac02660955fb5fbed_ppc64le", "product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:86b5406c483065ae2085721e6069f36767d6dc512d8f885ac02660955fb5fbed_ppc64le", "product_identification_helper": { "purl": "pkg:oci/kiali-ossmc-rhel8@sha256:86b5406c483065ae2085721e6069f36767d6dc512d8f885ac02660955fb5fbed?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.73.10-3" } } }, { "category": "product_version", "name": "openshift-service-mesh/istio-cni-rhel8@sha256:7d8a4815dee1f4e109876d47184b669e81dc22421b602f2beef48588f414743e_ppc64le", "product": { "name": "openshift-service-mesh/istio-cni-rhel8@sha256:7d8a4815dee1f4e109876d47184b669e81dc22421b602f2beef48588f414743e_ppc64le", "product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:7d8a4815dee1f4e109876d47184b669e81dc22421b602f2beef48588f414743e_ppc64le", "product_identification_helper": { "purl": "pkg:oci/istio-cni-rhel8@sha256:7d8a4815dee1f4e109876d47184b669e81dc22421b602f2beef48588f414743e?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.6.0-21" } } }, { "category": "product_version", "name": "openshift-service-mesh/grafana-rhel8@sha256:677746a7132573b2b40658fad4801cbe3d0381079f2d6cd7ee508318d75e6ad0_ppc64le", "product": { "name": "openshift-service-mesh/grafana-rhel8@sha256:677746a7132573b2b40658fad4801cbe3d0381079f2d6cd7ee508318d75e6ad0_ppc64le", "product_id": "openshift-service-mesh/grafana-rhel8@sha256:677746a7132573b2b40658fad4801cbe3d0381079f2d6cd7ee508318d75e6ad0_ppc64le", "product_identification_helper": { "purl": "pkg:oci/grafana-rhel8@sha256:677746a7132573b2b40658fad4801cbe3d0381079f2d6cd7ee508318d75e6ad0?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.6.0-7" } } }, { "category": "product_version", "name": "openshift-service-mesh/kiali-rhel8@sha256:4f581fd9388ba9256a34b85296a8f3728826804bd9f59fe0f8832d91c3ecc8ae_ppc64le", "product": { "name": "openshift-service-mesh/kiali-rhel8@sha256:4f581fd9388ba9256a34b85296a8f3728826804bd9f59fe0f8832d91c3ecc8ae_ppc64le", "product_id": "openshift-service-mesh/kiali-rhel8@sha256:4f581fd9388ba9256a34b85296a8f3728826804bd9f59fe0f8832d91c3ecc8ae_ppc64le", "product_identification_helper": { "purl": "pkg:oci/kiali-rhel8@sha256:4f581fd9388ba9256a34b85296a8f3728826804bd9f59fe0f8832d91c3ecc8ae?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.73.9-2" } } }, { "category": "product_version", "name": "openshift-service-mesh/kiali-rhel8-operator@sha256:09d04d86a4e646d6e45e57893d383432fa966ac536e460ff6fdd375c939d96ca_ppc64le", "product": { "name": "openshift-service-mesh/kiali-rhel8-operator@sha256:09d04d86a4e646d6e45e57893d383432fa966ac536e460ff6fdd375c939d96ca_ppc64le", "product_id": "openshift-service-mesh/kiali-rhel8-operator@sha256:09d04d86a4e646d6e45e57893d383432fa966ac536e460ff6fdd375c939d96ca_ppc64le", "product_identification_helper": { "purl": "pkg:oci/kiali-rhel8-operator@sha256:09d04d86a4e646d6e45e57893d383432fa966ac536e460ff6fdd375c939d96ca?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8-operator\u0026tag=1.73.10-2" } } }, { "category": "product_version", "name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:0172d2aefc611c66c1ceac5acbe771b0109944024ccaa1534a992c154cc70186_ppc64le", "product": { "name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:0172d2aefc611c66c1ceac5acbe771b0109944024ccaa1534a992c154cc70186_ppc64le", "product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:0172d2aefc611c66c1ceac5acbe771b0109944024ccaa1534a992c154cc70186_ppc64le", "product_identification_helper": { "purl": "pkg:oci/istio-must-gather-rhel8@sha256:0172d2aefc611c66c1ceac5acbe771b0109944024ccaa1534a992c154cc70186?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.6.0-7" } } }, { "category": "product_version", "name": "openshift-service-mesh/istio-rhel8-operator@sha256:28a794322e00582e5d74c3a7e0934735652d09ae83ac59f925434a8e2f32ca81_ppc64le", "product": { "name": "openshift-service-mesh/istio-rhel8-operator@sha256:28a794322e00582e5d74c3a7e0934735652d09ae83ac59f925434a8e2f32ca81_ppc64le", "product_id": "openshift-service-mesh/istio-rhel8-operator@sha256:28a794322e00582e5d74c3a7e0934735652d09ae83ac59f925434a8e2f32ca81_ppc64le", "product_identification_helper": { "purl": "pkg:oci/istio-rhel8-operator@sha256:28a794322e00582e5d74c3a7e0934735652d09ae83ac59f925434a8e2f32ca81?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel8-operator\u0026tag=2.6.0-27" } } }, { "category": "product_version", "name": "openshift-service-mesh/pilot-rhel8@sha256:6c6842b5ba5d85e3d9990ae73754499863ed648c9b7efa9c75ab7936093d6c06_ppc64le", "product": { "name": "openshift-service-mesh/pilot-rhel8@sha256:6c6842b5ba5d85e3d9990ae73754499863ed648c9b7efa9c75ab7936093d6c06_ppc64le", "product_id": "openshift-service-mesh/pilot-rhel8@sha256:6c6842b5ba5d85e3d9990ae73754499863ed648c9b7efa9c75ab7936093d6c06_ppc64le", "product_identification_helper": { "purl": "pkg:oci/pilot-rhel8@sha256:6c6842b5ba5d85e3d9990ae73754499863ed648c9b7efa9c75ab7936093d6c06?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.6.0-19" } } }, { "category": "product_version", "name": "openshift-service-mesh/proxyv2-rhel9@sha256:8355c8f725d3713be992545bc8396582be6d792bec620b95bc5cd5475436a903_ppc64le", "product": { "name": "openshift-service-mesh/proxyv2-rhel9@sha256:8355c8f725d3713be992545bc8396582be6d792bec620b95bc5cd5475436a903_ppc64le", "product_id": "openshift-service-mesh/proxyv2-rhel9@sha256:8355c8f725d3713be992545bc8396582be6d792bec620b95bc5cd5475436a903_ppc64le", "product_identification_helper": { "purl": "pkg:oci/proxyv2-rhel9@sha256:8355c8f725d3713be992545bc8396582be6d792bec620b95bc5cd5475436a903?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel9\u0026tag=2.6.0-18" } } }, { "category": "product_version", "name": "openshift-service-mesh/ratelimit-rhel8@sha256:0ab18d9cc3d927e162c25e895bb5d55a970b5906f83c95f0759b659a2a2d45c2_ppc64le", "product": { "name": "openshift-service-mesh/ratelimit-rhel8@sha256:0ab18d9cc3d927e162c25e895bb5d55a970b5906f83c95f0759b659a2a2d45c2_ppc64le", "product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:0ab18d9cc3d927e162c25e895bb5d55a970b5906f83c95f0759b659a2a2d45c2_ppc64le", "product_identification_helper": { "purl": "pkg:oci/ratelimit-rhel8@sha256:0ab18d9cc3d927e162c25e895bb5d55a970b5906f83c95f0759b659a2a2d45c2?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.6.0-8" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:b55b09211c8e5857060baca392be5534a3707d0a876ceb76939908b271163cc0_amd64", "product": { "name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:b55b09211c8e5857060baca392be5534a3707d0a876ceb76939908b271163cc0_amd64", "product_id": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:b55b09211c8e5857060baca392be5534a3707d0a876ceb76939908b271163cc0_amd64", "product_identification_helper": { "purl": "pkg:oci/kiali-ossmc-rhel8@sha256:b55b09211c8e5857060baca392be5534a3707d0a876ceb76939908b271163cc0?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-ossmc-rhel8\u0026tag=1.73.10-3" } } }, { "category": "product_version", "name": "openshift-service-mesh/istio-cni-rhel8@sha256:81b661df0703a3d7cddfce3be55b12aa297164177990b263f4b584bf9de948c7_amd64", "product": { "name": "openshift-service-mesh/istio-cni-rhel8@sha256:81b661df0703a3d7cddfce3be55b12aa297164177990b263f4b584bf9de948c7_amd64", "product_id": "openshift-service-mesh/istio-cni-rhel8@sha256:81b661df0703a3d7cddfce3be55b12aa297164177990b263f4b584bf9de948c7_amd64", "product_identification_helper": { "purl": "pkg:oci/istio-cni-rhel8@sha256:81b661df0703a3d7cddfce3be55b12aa297164177990b263f4b584bf9de948c7?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-cni-rhel8\u0026tag=2.6.0-21" } } }, { "category": "product_version", "name": "openshift-service-mesh/grafana-rhel8@sha256:fcbba8962e1f5fa864c073f86467468d732a6edc9fc78cbeb6050a35beced88e_amd64", "product": { "name": "openshift-service-mesh/grafana-rhel8@sha256:fcbba8962e1f5fa864c073f86467468d732a6edc9fc78cbeb6050a35beced88e_amd64", "product_id": "openshift-service-mesh/grafana-rhel8@sha256:fcbba8962e1f5fa864c073f86467468d732a6edc9fc78cbeb6050a35beced88e_amd64", "product_identification_helper": { "purl": "pkg:oci/grafana-rhel8@sha256:fcbba8962e1f5fa864c073f86467468d732a6edc9fc78cbeb6050a35beced88e?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/grafana-rhel8\u0026tag=2.6.0-7" } } }, { "category": "product_version", "name": "openshift-service-mesh/kiali-rhel8@sha256:4e512e8195d93a887d411bf23da9602cdbfb46a0aa9b15292f500cf2eda284e6_amd64", "product": { "name": "openshift-service-mesh/kiali-rhel8@sha256:4e512e8195d93a887d411bf23da9602cdbfb46a0aa9b15292f500cf2eda284e6_amd64", "product_id": "openshift-service-mesh/kiali-rhel8@sha256:4e512e8195d93a887d411bf23da9602cdbfb46a0aa9b15292f500cf2eda284e6_amd64", "product_identification_helper": { "purl": "pkg:oci/kiali-rhel8@sha256:4e512e8195d93a887d411bf23da9602cdbfb46a0aa9b15292f500cf2eda284e6?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8\u0026tag=1.73.9-2" } } }, { "category": "product_version", "name": "openshift-service-mesh/kiali-rhel8-operator@sha256:7dd97c5e5b1c3502c52352decbe48b0f0998e59604da618dbb2689f8a9a86cf1_amd64", "product": { "name": "openshift-service-mesh/kiali-rhel8-operator@sha256:7dd97c5e5b1c3502c52352decbe48b0f0998e59604da618dbb2689f8a9a86cf1_amd64", "product_id": "openshift-service-mesh/kiali-rhel8-operator@sha256:7dd97c5e5b1c3502c52352decbe48b0f0998e59604da618dbb2689f8a9a86cf1_amd64", "product_identification_helper": { "purl": "pkg:oci/kiali-rhel8-operator@sha256:7dd97c5e5b1c3502c52352decbe48b0f0998e59604da618dbb2689f8a9a86cf1?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/kiali-rhel8-operator\u0026tag=1.73.10-2" } } }, { "category": "product_version", "name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:293ef0eb34e035a972f5a45b87970cecc7942c6bee6da68c4d1f3ba2bd1e92d4_amd64", "product": { "name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:293ef0eb34e035a972f5a45b87970cecc7942c6bee6da68c4d1f3ba2bd1e92d4_amd64", "product_id": "openshift-service-mesh/istio-must-gather-rhel8@sha256:293ef0eb34e035a972f5a45b87970cecc7942c6bee6da68c4d1f3ba2bd1e92d4_amd64", "product_identification_helper": { "purl": "pkg:oci/istio-must-gather-rhel8@sha256:293ef0eb34e035a972f5a45b87970cecc7942c6bee6da68c4d1f3ba2bd1e92d4?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-must-gather-rhel8\u0026tag=2.6.0-7" } } }, { "category": "product_version", "name": "openshift-service-mesh/istio-rhel8-operator@sha256:7bbef82965d81bd768d915a1bcc220c7fb21c321e2ffb861eb628c81eeb8e000_amd64", "product": { "name": "openshift-service-mesh/istio-rhel8-operator@sha256:7bbef82965d81bd768d915a1bcc220c7fb21c321e2ffb861eb628c81eeb8e000_amd64", "product_id": "openshift-service-mesh/istio-rhel8-operator@sha256:7bbef82965d81bd768d915a1bcc220c7fb21c321e2ffb861eb628c81eeb8e000_amd64", "product_identification_helper": { "purl": "pkg:oci/istio-rhel8-operator@sha256:7bbef82965d81bd768d915a1bcc220c7fb21c321e2ffb861eb628c81eeb8e000?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/istio-rhel8-operator\u0026tag=2.6.0-27" } } }, { "category": "product_version", "name": "openshift-service-mesh/pilot-rhel8@sha256:221bf107c93e183a093dc13a41d2e2d907e97c1a74242bf7bfefae2c1436f02c_amd64", "product": { "name": "openshift-service-mesh/pilot-rhel8@sha256:221bf107c93e183a093dc13a41d2e2d907e97c1a74242bf7bfefae2c1436f02c_amd64", "product_id": "openshift-service-mesh/pilot-rhel8@sha256:221bf107c93e183a093dc13a41d2e2d907e97c1a74242bf7bfefae2c1436f02c_amd64", "product_identification_helper": { "purl": "pkg:oci/pilot-rhel8@sha256:221bf107c93e183a093dc13a41d2e2d907e97c1a74242bf7bfefae2c1436f02c?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/pilot-rhel8\u0026tag=2.6.0-19" } } }, { "category": "product_version", "name": "openshift-service-mesh/proxyv2-rhel9@sha256:f280ea9888acab2a2aee6fece6a99257b6b0a2093a042b958382684d1f590334_amd64", "product": { "name": "openshift-service-mesh/proxyv2-rhel9@sha256:f280ea9888acab2a2aee6fece6a99257b6b0a2093a042b958382684d1f590334_amd64", "product_id": "openshift-service-mesh/proxyv2-rhel9@sha256:f280ea9888acab2a2aee6fece6a99257b6b0a2093a042b958382684d1f590334_amd64", "product_identification_helper": { "purl": "pkg:oci/proxyv2-rhel9@sha256:f280ea9888acab2a2aee6fece6a99257b6b0a2093a042b958382684d1f590334?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/proxyv2-rhel9\u0026tag=2.6.0-18" } } }, { "category": "product_version", "name": "openshift-service-mesh/ratelimit-rhel8@sha256:563b8f4b130657936b077139d86d648e6c65d68cf51bbcf09f3f2790db23cfd8_amd64", "product": { "name": "openshift-service-mesh/ratelimit-rhel8@sha256:563b8f4b130657936b077139d86d648e6c65d68cf51bbcf09f3f2790db23cfd8_amd64", "product_id": "openshift-service-mesh/ratelimit-rhel8@sha256:563b8f4b130657936b077139d86d648e6c65d68cf51bbcf09f3f2790db23cfd8_amd64", "product_identification_helper": { "purl": "pkg:oci/ratelimit-rhel8@sha256:563b8f4b130657936b077139d86d648e6c65d68cf51bbcf09f3f2790db23cfd8?arch=amd64\u0026repository_url=registry.redhat.io/openshift-service-mesh/ratelimit-rhel8\u0026tag=2.6.0-8" } } } ], "category": "architecture", "name": "amd64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "openshift-service-mesh/grafana-rhel8@sha256:4f73fc9525b461cb31c7f76a776b3ba6d586de87e763f3dace8edea1031d2dd8_s390x as a component of RHOSSM 2.6 for RHEL 8", "product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:4f73fc9525b461cb31c7f76a776b3ba6d586de87e763f3dace8edea1031d2dd8_s390x" }, "product_reference": "openshift-service-mesh/grafana-rhel8@sha256:4f73fc9525b461cb31c7f76a776b3ba6d586de87e763f3dace8edea1031d2dd8_s390x", "relates_to_product_reference": "8Base-RHOSSM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-service-mesh/grafana-rhel8@sha256:677746a7132573b2b40658fad4801cbe3d0381079f2d6cd7ee508318d75e6ad0_ppc64le as a component of RHOSSM 2.6 for RHEL 8", "product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:677746a7132573b2b40658fad4801cbe3d0381079f2d6cd7ee508318d75e6ad0_ppc64le" }, "product_reference": "openshift-service-mesh/grafana-rhel8@sha256:677746a7132573b2b40658fad4801cbe3d0381079f2d6cd7ee508318d75e6ad0_ppc64le", "relates_to_product_reference": "8Base-RHOSSM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-service-mesh/grafana-rhel8@sha256:a312eee18c620e4b7c19258d2619b732a4fdf48320a04d8e216a018b99e046d7_arm64 as a component of RHOSSM 2.6 for RHEL 8", "product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a312eee18c620e4b7c19258d2619b732a4fdf48320a04d8e216a018b99e046d7_arm64" }, "product_reference": "openshift-service-mesh/grafana-rhel8@sha256:a312eee18c620e4b7c19258d2619b732a4fdf48320a04d8e216a018b99e046d7_arm64", "relates_to_product_reference": "8Base-RHOSSM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-service-mesh/grafana-rhel8@sha256:fcbba8962e1f5fa864c073f86467468d732a6edc9fc78cbeb6050a35beced88e_amd64 as a component of RHOSSM 2.6 for RHEL 8", "product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:fcbba8962e1f5fa864c073f86467468d732a6edc9fc78cbeb6050a35beced88e_amd64" }, "product_reference": "openshift-service-mesh/grafana-rhel8@sha256:fcbba8962e1f5fa864c073f86467468d732a6edc9fc78cbeb6050a35beced88e_amd64", "relates_to_product_reference": "8Base-RHOSSM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-service-mesh/istio-cni-rhel8@sha256:407b37dd42635c1d11de7cca69e620c140416a401c1a608d5e8f06a18ff51374_s390x as a component of RHOSSM 2.6 for RHEL 8", "product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:407b37dd42635c1d11de7cca69e620c140416a401c1a608d5e8f06a18ff51374_s390x" }, "product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:407b37dd42635c1d11de7cca69e620c140416a401c1a608d5e8f06a18ff51374_s390x", "relates_to_product_reference": "8Base-RHOSSM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-service-mesh/istio-cni-rhel8@sha256:49542fec00ff65d1d4d27849c67468fb5d0b1314f7a9010d67c0dbbf55c1306b_arm64 as a component of RHOSSM 2.6 for RHEL 8", "product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:49542fec00ff65d1d4d27849c67468fb5d0b1314f7a9010d67c0dbbf55c1306b_arm64" }, "product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:49542fec00ff65d1d4d27849c67468fb5d0b1314f7a9010d67c0dbbf55c1306b_arm64", "relates_to_product_reference": "8Base-RHOSSM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-service-mesh/istio-cni-rhel8@sha256:7d8a4815dee1f4e109876d47184b669e81dc22421b602f2beef48588f414743e_ppc64le as a component of RHOSSM 2.6 for RHEL 8", "product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:7d8a4815dee1f4e109876d47184b669e81dc22421b602f2beef48588f414743e_ppc64le" }, "product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:7d8a4815dee1f4e109876d47184b669e81dc22421b602f2beef48588f414743e_ppc64le", "relates_to_product_reference": "8Base-RHOSSM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-service-mesh/istio-cni-rhel8@sha256:81b661df0703a3d7cddfce3be55b12aa297164177990b263f4b584bf9de948c7_amd64 as a component of RHOSSM 2.6 for RHEL 8", "product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:81b661df0703a3d7cddfce3be55b12aa297164177990b263f4b584bf9de948c7_amd64" }, "product_reference": "openshift-service-mesh/istio-cni-rhel8@sha256:81b661df0703a3d7cddfce3be55b12aa297164177990b263f4b584bf9de948c7_amd64", "relates_to_product_reference": "8Base-RHOSSM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:0172d2aefc611c66c1ceac5acbe771b0109944024ccaa1534a992c154cc70186_ppc64le as a component of RHOSSM 2.6 for RHEL 8", "product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:0172d2aefc611c66c1ceac5acbe771b0109944024ccaa1534a992c154cc70186_ppc64le" }, "product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:0172d2aefc611c66c1ceac5acbe771b0109944024ccaa1534a992c154cc70186_ppc64le", "relates_to_product_reference": "8Base-RHOSSM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:293ef0eb34e035a972f5a45b87970cecc7942c6bee6da68c4d1f3ba2bd1e92d4_amd64 as a component of RHOSSM 2.6 for RHEL 8", "product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:293ef0eb34e035a972f5a45b87970cecc7942c6bee6da68c4d1f3ba2bd1e92d4_amd64" }, "product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:293ef0eb34e035a972f5a45b87970cecc7942c6bee6da68c4d1f3ba2bd1e92d4_amd64", "relates_to_product_reference": "8Base-RHOSSM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:6327e0c83d4f21f33053bdc92a8091cfd7a53f272f57f3fa8e045611229f98ba_arm64 as a component of RHOSSM 2.6 for RHEL 8", "product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:6327e0c83d4f21f33053bdc92a8091cfd7a53f272f57f3fa8e045611229f98ba_arm64" }, "product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:6327e0c83d4f21f33053bdc92a8091cfd7a53f272f57f3fa8e045611229f98ba_arm64", "relates_to_product_reference": "8Base-RHOSSM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-service-mesh/istio-must-gather-rhel8@sha256:dbbcfdcdd4b7dca0363140675ccbf5a7e17cf6671e9c7d0858309eaa9e3e35bb_s390x as a component of RHOSSM 2.6 for RHEL 8", "product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:dbbcfdcdd4b7dca0363140675ccbf5a7e17cf6671e9c7d0858309eaa9e3e35bb_s390x" }, "product_reference": "openshift-service-mesh/istio-must-gather-rhel8@sha256:dbbcfdcdd4b7dca0363140675ccbf5a7e17cf6671e9c7d0858309eaa9e3e35bb_s390x", "relates_to_product_reference": "8Base-RHOSSM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-service-mesh/istio-rhel8-operator@sha256:28a794322e00582e5d74c3a7e0934735652d09ae83ac59f925434a8e2f32ca81_ppc64le as a component of RHOSSM 2.6 for RHEL 8", "product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:28a794322e00582e5d74c3a7e0934735652d09ae83ac59f925434a8e2f32ca81_ppc64le" }, "product_reference": "openshift-service-mesh/istio-rhel8-operator@sha256:28a794322e00582e5d74c3a7e0934735652d09ae83ac59f925434a8e2f32ca81_ppc64le", "relates_to_product_reference": "8Base-RHOSSM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-service-mesh/istio-rhel8-operator@sha256:7bbef82965d81bd768d915a1bcc220c7fb21c321e2ffb861eb628c81eeb8e000_amd64 as a component of RHOSSM 2.6 for RHEL 8", "product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:7bbef82965d81bd768d915a1bcc220c7fb21c321e2ffb861eb628c81eeb8e000_amd64" }, "product_reference": "openshift-service-mesh/istio-rhel8-operator@sha256:7bbef82965d81bd768d915a1bcc220c7fb21c321e2ffb861eb628c81eeb8e000_amd64", "relates_to_product_reference": "8Base-RHOSSM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-service-mesh/istio-rhel8-operator@sha256:abf18be2515f0e0bdf54c29e96c517043e23a248b84b72a7c77fb6627535435a_s390x as a component of RHOSSM 2.6 for RHEL 8", "product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:abf18be2515f0e0bdf54c29e96c517043e23a248b84b72a7c77fb6627535435a_s390x" }, "product_reference": "openshift-service-mesh/istio-rhel8-operator@sha256:abf18be2515f0e0bdf54c29e96c517043e23a248b84b72a7c77fb6627535435a_s390x", "relates_to_product_reference": "8Base-RHOSSM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-service-mesh/istio-rhel8-operator@sha256:c0341aec6013018cc7f97d4a9ac1ea4537a7fee8dbe473958ceab0f67e8bc502_arm64 as a component of RHOSSM 2.6 for RHEL 8", "product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:c0341aec6013018cc7f97d4a9ac1ea4537a7fee8dbe473958ceab0f67e8bc502_arm64" }, "product_reference": "openshift-service-mesh/istio-rhel8-operator@sha256:c0341aec6013018cc7f97d4a9ac1ea4537a7fee8dbe473958ceab0f67e8bc502_arm64", "relates_to_product_reference": "8Base-RHOSSM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:084b7af79fce2ccd8e9291054e727cd536b2e8d0392d6fae41070acc640dda7d_s390x as a component of RHOSSM 2.6 for RHEL 8", "product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:084b7af79fce2ccd8e9291054e727cd536b2e8d0392d6fae41070acc640dda7d_s390x" }, "product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:084b7af79fce2ccd8e9291054e727cd536b2e8d0392d6fae41070acc640dda7d_s390x", "relates_to_product_reference": "8Base-RHOSSM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:392e140789a39e10526de2cae19316759ff36c954c7b0e8d88fac91556be3bf0_arm64 as a component of RHOSSM 2.6 for RHEL 8", "product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:392e140789a39e10526de2cae19316759ff36c954c7b0e8d88fac91556be3bf0_arm64" }, "product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:392e140789a39e10526de2cae19316759ff36c954c7b0e8d88fac91556be3bf0_arm64", "relates_to_product_reference": "8Base-RHOSSM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:86b5406c483065ae2085721e6069f36767d6dc512d8f885ac02660955fb5fbed_ppc64le as a component of RHOSSM 2.6 for RHEL 8", "product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:86b5406c483065ae2085721e6069f36767d6dc512d8f885ac02660955fb5fbed_ppc64le" }, "product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:86b5406c483065ae2085721e6069f36767d6dc512d8f885ac02660955fb5fbed_ppc64le", "relates_to_product_reference": "8Base-RHOSSM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:b55b09211c8e5857060baca392be5534a3707d0a876ceb76939908b271163cc0_amd64 as a component of RHOSSM 2.6 for RHEL 8", "product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b55b09211c8e5857060baca392be5534a3707d0a876ceb76939908b271163cc0_amd64" }, "product_reference": "openshift-service-mesh/kiali-ossmc-rhel8@sha256:b55b09211c8e5857060baca392be5534a3707d0a876ceb76939908b271163cc0_amd64", "relates_to_product_reference": "8Base-RHOSSM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-service-mesh/kiali-rhel8-operator@sha256:09d04d86a4e646d6e45e57893d383432fa966ac536e460ff6fdd375c939d96ca_ppc64le as a component of RHOSSM 2.6 for RHEL 8", "product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:09d04d86a4e646d6e45e57893d383432fa966ac536e460ff6fdd375c939d96ca_ppc64le" }, "product_reference": "openshift-service-mesh/kiali-rhel8-operator@sha256:09d04d86a4e646d6e45e57893d383432fa966ac536e460ff6fdd375c939d96ca_ppc64le", "relates_to_product_reference": "8Base-RHOSSM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-service-mesh/kiali-rhel8-operator@sha256:5f070c96656b4e01a691caa916dcf81fb34c153d192d26acec7c08cc7f9d6fda_arm64 as a component of RHOSSM 2.6 for RHEL 8", "product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5f070c96656b4e01a691caa916dcf81fb34c153d192d26acec7c08cc7f9d6fda_arm64" }, "product_reference": "openshift-service-mesh/kiali-rhel8-operator@sha256:5f070c96656b4e01a691caa916dcf81fb34c153d192d26acec7c08cc7f9d6fda_arm64", "relates_to_product_reference": "8Base-RHOSSM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-service-mesh/kiali-rhel8-operator@sha256:7dd97c5e5b1c3502c52352decbe48b0f0998e59604da618dbb2689f8a9a86cf1_amd64 as a component of RHOSSM 2.6 for RHEL 8", "product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7dd97c5e5b1c3502c52352decbe48b0f0998e59604da618dbb2689f8a9a86cf1_amd64" }, "product_reference": "openshift-service-mesh/kiali-rhel8-operator@sha256:7dd97c5e5b1c3502c52352decbe48b0f0998e59604da618dbb2689f8a9a86cf1_amd64", "relates_to_product_reference": "8Base-RHOSSM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-service-mesh/kiali-rhel8-operator@sha256:cdf3a7e2f5e76c59d9b3228daeabce86478693f7311ff44db0b0bbe41d9cc310_s390x as a component of RHOSSM 2.6 for RHEL 8", "product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:cdf3a7e2f5e76c59d9b3228daeabce86478693f7311ff44db0b0bbe41d9cc310_s390x" }, "product_reference": "openshift-service-mesh/kiali-rhel8-operator@sha256:cdf3a7e2f5e76c59d9b3228daeabce86478693f7311ff44db0b0bbe41d9cc310_s390x", "relates_to_product_reference": "8Base-RHOSSM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-service-mesh/kiali-rhel8@sha256:4d0c6c49b2c660d5ed04273cfcd5e01444c7c479432c374ecbcb4b99334b2ac9_s390x as a component of RHOSSM 2.6 for RHEL 8", "product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4d0c6c49b2c660d5ed04273cfcd5e01444c7c479432c374ecbcb4b99334b2ac9_s390x" }, "product_reference": "openshift-service-mesh/kiali-rhel8@sha256:4d0c6c49b2c660d5ed04273cfcd5e01444c7c479432c374ecbcb4b99334b2ac9_s390x", "relates_to_product_reference": "8Base-RHOSSM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-service-mesh/kiali-rhel8@sha256:4e512e8195d93a887d411bf23da9602cdbfb46a0aa9b15292f500cf2eda284e6_amd64 as a component of RHOSSM 2.6 for RHEL 8", "product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4e512e8195d93a887d411bf23da9602cdbfb46a0aa9b15292f500cf2eda284e6_amd64" }, "product_reference": "openshift-service-mesh/kiali-rhel8@sha256:4e512e8195d93a887d411bf23da9602cdbfb46a0aa9b15292f500cf2eda284e6_amd64", "relates_to_product_reference": "8Base-RHOSSM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-service-mesh/kiali-rhel8@sha256:4f581fd9388ba9256a34b85296a8f3728826804bd9f59fe0f8832d91c3ecc8ae_ppc64le as a component of RHOSSM 2.6 for RHEL 8", "product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4f581fd9388ba9256a34b85296a8f3728826804bd9f59fe0f8832d91c3ecc8ae_ppc64le" }, "product_reference": "openshift-service-mesh/kiali-rhel8@sha256:4f581fd9388ba9256a34b85296a8f3728826804bd9f59fe0f8832d91c3ecc8ae_ppc64le", "relates_to_product_reference": "8Base-RHOSSM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-service-mesh/kiali-rhel8@sha256:c0bb751d102763412fc936fb3b69a45e477bc2c0aa71b5f6fa5c0f69a94d8767_arm64 as a component of RHOSSM 2.6 for RHEL 8", "product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:c0bb751d102763412fc936fb3b69a45e477bc2c0aa71b5f6fa5c0f69a94d8767_arm64" }, "product_reference": "openshift-service-mesh/kiali-rhel8@sha256:c0bb751d102763412fc936fb3b69a45e477bc2c0aa71b5f6fa5c0f69a94d8767_arm64", "relates_to_product_reference": "8Base-RHOSSM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-service-mesh/pilot-rhel8@sha256:099a9a6e6ecc221ce47fe8da358fb90caf1de22cc90353adbd2f4073e3a8c962_s390x as a component of RHOSSM 2.6 for RHEL 8", "product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:099a9a6e6ecc221ce47fe8da358fb90caf1de22cc90353adbd2f4073e3a8c962_s390x" }, "product_reference": "openshift-service-mesh/pilot-rhel8@sha256:099a9a6e6ecc221ce47fe8da358fb90caf1de22cc90353adbd2f4073e3a8c962_s390x", "relates_to_product_reference": "8Base-RHOSSM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-service-mesh/pilot-rhel8@sha256:221bf107c93e183a093dc13a41d2e2d907e97c1a74242bf7bfefae2c1436f02c_amd64 as a component of RHOSSM 2.6 for RHEL 8", "product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:221bf107c93e183a093dc13a41d2e2d907e97c1a74242bf7bfefae2c1436f02c_amd64" }, "product_reference": "openshift-service-mesh/pilot-rhel8@sha256:221bf107c93e183a093dc13a41d2e2d907e97c1a74242bf7bfefae2c1436f02c_amd64", "relates_to_product_reference": "8Base-RHOSSM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-service-mesh/pilot-rhel8@sha256:6c6842b5ba5d85e3d9990ae73754499863ed648c9b7efa9c75ab7936093d6c06_ppc64le as a component of RHOSSM 2.6 for RHEL 8", "product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:6c6842b5ba5d85e3d9990ae73754499863ed648c9b7efa9c75ab7936093d6c06_ppc64le" }, "product_reference": "openshift-service-mesh/pilot-rhel8@sha256:6c6842b5ba5d85e3d9990ae73754499863ed648c9b7efa9c75ab7936093d6c06_ppc64le", "relates_to_product_reference": "8Base-RHOSSM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-service-mesh/pilot-rhel8@sha256:df0b0c0364bbe30220bd92c24ba41c54d4b871503e6b4ccdc8b7991031830637_arm64 as a component of RHOSSM 2.6 for RHEL 8", "product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:df0b0c0364bbe30220bd92c24ba41c54d4b871503e6b4ccdc8b7991031830637_arm64" }, "product_reference": "openshift-service-mesh/pilot-rhel8@sha256:df0b0c0364bbe30220bd92c24ba41c54d4b871503e6b4ccdc8b7991031830637_arm64", "relates_to_product_reference": "8Base-RHOSSM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-service-mesh/ratelimit-rhel8@sha256:0ab18d9cc3d927e162c25e895bb5d55a970b5906f83c95f0759b659a2a2d45c2_ppc64le as a component of RHOSSM 2.6 for RHEL 8", "product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0ab18d9cc3d927e162c25e895bb5d55a970b5906f83c95f0759b659a2a2d45c2_ppc64le" }, "product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:0ab18d9cc3d927e162c25e895bb5d55a970b5906f83c95f0759b659a2a2d45c2_ppc64le", "relates_to_product_reference": "8Base-RHOSSM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-service-mesh/ratelimit-rhel8@sha256:563b8f4b130657936b077139d86d648e6c65d68cf51bbcf09f3f2790db23cfd8_amd64 as a component of RHOSSM 2.6 for RHEL 8", "product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:563b8f4b130657936b077139d86d648e6c65d68cf51bbcf09f3f2790db23cfd8_amd64" }, "product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:563b8f4b130657936b077139d86d648e6c65d68cf51bbcf09f3f2790db23cfd8_amd64", "relates_to_product_reference": "8Base-RHOSSM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-service-mesh/ratelimit-rhel8@sha256:911f2c0b5159f6c13c6f4dc958ac66e987cab2b091f55e75b998d95cc1ae3e72_arm64 as a component of RHOSSM 2.6 for RHEL 8", "product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:911f2c0b5159f6c13c6f4dc958ac66e987cab2b091f55e75b998d95cc1ae3e72_arm64" }, "product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:911f2c0b5159f6c13c6f4dc958ac66e987cab2b091f55e75b998d95cc1ae3e72_arm64", "relates_to_product_reference": "8Base-RHOSSM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-service-mesh/ratelimit-rhel8@sha256:f4d5e0ab476f92e9985e86c0a6200f82e60972df12976c2ca64ff596c8e84bd0_s390x as a component of RHOSSM 2.6 for RHEL 8", "product_id": "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:f4d5e0ab476f92e9985e86c0a6200f82e60972df12976c2ca64ff596c8e84bd0_s390x" }, "product_reference": "openshift-service-mesh/ratelimit-rhel8@sha256:f4d5e0ab476f92e9985e86c0a6200f82e60972df12976c2ca64ff596c8e84bd0_s390x", "relates_to_product_reference": "8Base-RHOSSM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-service-mesh/proxyv2-rhel9@sha256:7672a4b3475e71674897eb4c2d47c84bd7151ff71716d19dd29d8e140bc7b2ec_s390x as a component of RHOSSM 2.6 for RHEL 9", "product_id": "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:7672a4b3475e71674897eb4c2d47c84bd7151ff71716d19dd29d8e140bc7b2ec_s390x" }, "product_reference": "openshift-service-mesh/proxyv2-rhel9@sha256:7672a4b3475e71674897eb4c2d47c84bd7151ff71716d19dd29d8e140bc7b2ec_s390x", "relates_to_product_reference": "9Base-RHOSSM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-service-mesh/proxyv2-rhel9@sha256:823118b612b0bfc3c10d1ad07d65236a8e21d703e64a09c5bdc9377fc0e7cf47_arm64 as a component of RHOSSM 2.6 for RHEL 9", "product_id": "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:823118b612b0bfc3c10d1ad07d65236a8e21d703e64a09c5bdc9377fc0e7cf47_arm64" }, "product_reference": "openshift-service-mesh/proxyv2-rhel9@sha256:823118b612b0bfc3c10d1ad07d65236a8e21d703e64a09c5bdc9377fc0e7cf47_arm64", "relates_to_product_reference": "9Base-RHOSSM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-service-mesh/proxyv2-rhel9@sha256:8355c8f725d3713be992545bc8396582be6d792bec620b95bc5cd5475436a903_ppc64le as a component of RHOSSM 2.6 for RHEL 9", "product_id": "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:8355c8f725d3713be992545bc8396582be6d792bec620b95bc5cd5475436a903_ppc64le" }, "product_reference": "openshift-service-mesh/proxyv2-rhel9@sha256:8355c8f725d3713be992545bc8396582be6d792bec620b95bc5cd5475436a903_ppc64le", "relates_to_product_reference": "9Base-RHOSSM-2.6" }, { "category": "default_component_of", "full_product_name": { "name": "openshift-service-mesh/proxyv2-rhel9@sha256:f280ea9888acab2a2aee6fece6a99257b6b0a2093a042b958382684d1f590334_amd64 as a component of RHOSSM 2.6 for RHEL 9", "product_id": "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f280ea9888acab2a2aee6fece6a99257b6b0a2093a042b958382684d1f590334_amd64" }, "product_reference": "openshift-service-mesh/proxyv2-rhel9@sha256:f280ea9888acab2a2aee6fece6a99257b6b0a2093a042b958382684d1f590334_amd64", "relates_to_product_reference": "9Base-RHOSSM-2.6" } ] }, "vulnerabilities": [ { "cve": "CVE-2018-12608", "cwe": { "id": "CWE-295", "name": "Improper Certificate Validation" }, "discovery_date": "2024-04-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2275812" } ], "notes": [ { "category": "description", "text": "A certificate signing vulnerability was found in Moby. This issue could allow an unauthenticated remote attacker to validate a TLS certificate using Certificate Authorities (CA) from the system instead of only by a specified client CA root, which could allow bypassing of some certificate authorization rules, reducing system integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "moby: cert signing bypass", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:4f73fc9525b461cb31c7f76a776b3ba6d586de87e763f3dace8edea1031d2dd8_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:677746a7132573b2b40658fad4801cbe3d0381079f2d6cd7ee508318d75e6ad0_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a312eee18c620e4b7c19258d2619b732a4fdf48320a04d8e216a018b99e046d7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:fcbba8962e1f5fa864c073f86467468d732a6edc9fc78cbeb6050a35beced88e_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:407b37dd42635c1d11de7cca69e620c140416a401c1a608d5e8f06a18ff51374_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:49542fec00ff65d1d4d27849c67468fb5d0b1314f7a9010d67c0dbbf55c1306b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:7d8a4815dee1f4e109876d47184b669e81dc22421b602f2beef48588f414743e_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:81b661df0703a3d7cddfce3be55b12aa297164177990b263f4b584bf9de948c7_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:0172d2aefc611c66c1ceac5acbe771b0109944024ccaa1534a992c154cc70186_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:293ef0eb34e035a972f5a45b87970cecc7942c6bee6da68c4d1f3ba2bd1e92d4_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:6327e0c83d4f21f33053bdc92a8091cfd7a53f272f57f3fa8e045611229f98ba_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:dbbcfdcdd4b7dca0363140675ccbf5a7e17cf6671e9c7d0858309eaa9e3e35bb_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:28a794322e00582e5d74c3a7e0934735652d09ae83ac59f925434a8e2f32ca81_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:7bbef82965d81bd768d915a1bcc220c7fb21c321e2ffb861eb628c81eeb8e000_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:abf18be2515f0e0bdf54c29e96c517043e23a248b84b72a7c77fb6627535435a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:c0341aec6013018cc7f97d4a9ac1ea4537a7fee8dbe473958ceab0f67e8bc502_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:084b7af79fce2ccd8e9291054e727cd536b2e8d0392d6fae41070acc640dda7d_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:392e140789a39e10526de2cae19316759ff36c954c7b0e8d88fac91556be3bf0_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:86b5406c483065ae2085721e6069f36767d6dc512d8f885ac02660955fb5fbed_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b55b09211c8e5857060baca392be5534a3707d0a876ceb76939908b271163cc0_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:09d04d86a4e646d6e45e57893d383432fa966ac536e460ff6fdd375c939d96ca_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5f070c96656b4e01a691caa916dcf81fb34c153d192d26acec7c08cc7f9d6fda_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7dd97c5e5b1c3502c52352decbe48b0f0998e59604da618dbb2689f8a9a86cf1_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:cdf3a7e2f5e76c59d9b3228daeabce86478693f7311ff44db0b0bbe41d9cc310_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4d0c6c49b2c660d5ed04273cfcd5e01444c7c479432c374ecbcb4b99334b2ac9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4e512e8195d93a887d411bf23da9602cdbfb46a0aa9b15292f500cf2eda284e6_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4f581fd9388ba9256a34b85296a8f3728826804bd9f59fe0f8832d91c3ecc8ae_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:c0bb751d102763412fc936fb3b69a45e477bc2c0aa71b5f6fa5c0f69a94d8767_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:099a9a6e6ecc221ce47fe8da358fb90caf1de22cc90353adbd2f4073e3a8c962_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:221bf107c93e183a093dc13a41d2e2d907e97c1a74242bf7bfefae2c1436f02c_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:6c6842b5ba5d85e3d9990ae73754499863ed648c9b7efa9c75ab7936093d6c06_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:df0b0c0364bbe30220bd92c24ba41c54d4b871503e6b4ccdc8b7991031830637_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0ab18d9cc3d927e162c25e895bb5d55a970b5906f83c95f0759b659a2a2d45c2_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:563b8f4b130657936b077139d86d648e6c65d68cf51bbcf09f3f2790db23cfd8_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:911f2c0b5159f6c13c6f4dc958ac66e987cab2b091f55e75b998d95cc1ae3e72_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:f4d5e0ab476f92e9985e86c0a6200f82e60972df12976c2ca64ff596c8e84bd0_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:7672a4b3475e71674897eb4c2d47c84bd7151ff71716d19dd29d8e140bc7b2ec_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:823118b612b0bfc3c10d1ad07d65236a8e21d703e64a09c5bdc9377fc0e7cf47_arm64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:8355c8f725d3713be992545bc8396582be6d792bec620b95bc5cd5475436a903_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f280ea9888acab2a2aee6fece6a99257b6b0a2093a042b958382684d1f590334_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2018-12608" }, { "category": "external", "summary": "RHBZ#2275812", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275812" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2018-12608", "url": "https://www.cve.org/CVERecord?id=CVE-2018-12608" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-12608", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12608" }, { "category": "external", "summary": "https://github.com/golang/vulndb/issues/2209", "url": "https://github.com/golang/vulndb/issues/2209" } ], "release_date": "2018-10-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-08-07T15:39:25+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:4f73fc9525b461cb31c7f76a776b3ba6d586de87e763f3dace8edea1031d2dd8_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:677746a7132573b2b40658fad4801cbe3d0381079f2d6cd7ee508318d75e6ad0_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a312eee18c620e4b7c19258d2619b732a4fdf48320a04d8e216a018b99e046d7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:fcbba8962e1f5fa864c073f86467468d732a6edc9fc78cbeb6050a35beced88e_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:407b37dd42635c1d11de7cca69e620c140416a401c1a608d5e8f06a18ff51374_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:49542fec00ff65d1d4d27849c67468fb5d0b1314f7a9010d67c0dbbf55c1306b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:7d8a4815dee1f4e109876d47184b669e81dc22421b602f2beef48588f414743e_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:81b661df0703a3d7cddfce3be55b12aa297164177990b263f4b584bf9de948c7_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:0172d2aefc611c66c1ceac5acbe771b0109944024ccaa1534a992c154cc70186_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:293ef0eb34e035a972f5a45b87970cecc7942c6bee6da68c4d1f3ba2bd1e92d4_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:6327e0c83d4f21f33053bdc92a8091cfd7a53f272f57f3fa8e045611229f98ba_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:dbbcfdcdd4b7dca0363140675ccbf5a7e17cf6671e9c7d0858309eaa9e3e35bb_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:28a794322e00582e5d74c3a7e0934735652d09ae83ac59f925434a8e2f32ca81_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:7bbef82965d81bd768d915a1bcc220c7fb21c321e2ffb861eb628c81eeb8e000_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:abf18be2515f0e0bdf54c29e96c517043e23a248b84b72a7c77fb6627535435a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:c0341aec6013018cc7f97d4a9ac1ea4537a7fee8dbe473958ceab0f67e8bc502_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:084b7af79fce2ccd8e9291054e727cd536b2e8d0392d6fae41070acc640dda7d_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:392e140789a39e10526de2cae19316759ff36c954c7b0e8d88fac91556be3bf0_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:86b5406c483065ae2085721e6069f36767d6dc512d8f885ac02660955fb5fbed_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b55b09211c8e5857060baca392be5534a3707d0a876ceb76939908b271163cc0_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:09d04d86a4e646d6e45e57893d383432fa966ac536e460ff6fdd375c939d96ca_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5f070c96656b4e01a691caa916dcf81fb34c153d192d26acec7c08cc7f9d6fda_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7dd97c5e5b1c3502c52352decbe48b0f0998e59604da618dbb2689f8a9a86cf1_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:cdf3a7e2f5e76c59d9b3228daeabce86478693f7311ff44db0b0bbe41d9cc310_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4d0c6c49b2c660d5ed04273cfcd5e01444c7c479432c374ecbcb4b99334b2ac9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4e512e8195d93a887d411bf23da9602cdbfb46a0aa9b15292f500cf2eda284e6_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4f581fd9388ba9256a34b85296a8f3728826804bd9f59fe0f8832d91c3ecc8ae_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:c0bb751d102763412fc936fb3b69a45e477bc2c0aa71b5f6fa5c0f69a94d8767_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:099a9a6e6ecc221ce47fe8da358fb90caf1de22cc90353adbd2f4073e3a8c962_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:221bf107c93e183a093dc13a41d2e2d907e97c1a74242bf7bfefae2c1436f02c_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:6c6842b5ba5d85e3d9990ae73754499863ed648c9b7efa9c75ab7936093d6c06_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:df0b0c0364bbe30220bd92c24ba41c54d4b871503e6b4ccdc8b7991031830637_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0ab18d9cc3d927e162c25e895bb5d55a970b5906f83c95f0759b659a2a2d45c2_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:563b8f4b130657936b077139d86d648e6c65d68cf51bbcf09f3f2790db23cfd8_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:911f2c0b5159f6c13c6f4dc958ac66e987cab2b091f55e75b998d95cc1ae3e72_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:f4d5e0ab476f92e9985e86c0a6200f82e60972df12976c2ca64ff596c8e84bd0_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:7672a4b3475e71674897eb4c2d47c84bd7151ff71716d19dd29d8e140bc7b2ec_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:823118b612b0bfc3c10d1ad07d65236a8e21d703e64a09c5bdc9377fc0e7cf47_arm64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:8355c8f725d3713be992545bc8396582be6d792bec620b95bc5cd5475436a903_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f280ea9888acab2a2aee6fece6a99257b6b0a2093a042b958382684d1f590334_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5094" }, { "category": "workaround", "details": "Some environments may be able to mitigate this issue by removing extra CAs from the host.", "product_ids": [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:4f73fc9525b461cb31c7f76a776b3ba6d586de87e763f3dace8edea1031d2dd8_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:677746a7132573b2b40658fad4801cbe3d0381079f2d6cd7ee508318d75e6ad0_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a312eee18c620e4b7c19258d2619b732a4fdf48320a04d8e216a018b99e046d7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:fcbba8962e1f5fa864c073f86467468d732a6edc9fc78cbeb6050a35beced88e_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:407b37dd42635c1d11de7cca69e620c140416a401c1a608d5e8f06a18ff51374_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:49542fec00ff65d1d4d27849c67468fb5d0b1314f7a9010d67c0dbbf55c1306b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:7d8a4815dee1f4e109876d47184b669e81dc22421b602f2beef48588f414743e_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:81b661df0703a3d7cddfce3be55b12aa297164177990b263f4b584bf9de948c7_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:0172d2aefc611c66c1ceac5acbe771b0109944024ccaa1534a992c154cc70186_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:293ef0eb34e035a972f5a45b87970cecc7942c6bee6da68c4d1f3ba2bd1e92d4_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:6327e0c83d4f21f33053bdc92a8091cfd7a53f272f57f3fa8e045611229f98ba_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:dbbcfdcdd4b7dca0363140675ccbf5a7e17cf6671e9c7d0858309eaa9e3e35bb_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:28a794322e00582e5d74c3a7e0934735652d09ae83ac59f925434a8e2f32ca81_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:7bbef82965d81bd768d915a1bcc220c7fb21c321e2ffb861eb628c81eeb8e000_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:abf18be2515f0e0bdf54c29e96c517043e23a248b84b72a7c77fb6627535435a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:c0341aec6013018cc7f97d4a9ac1ea4537a7fee8dbe473958ceab0f67e8bc502_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:084b7af79fce2ccd8e9291054e727cd536b2e8d0392d6fae41070acc640dda7d_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:392e140789a39e10526de2cae19316759ff36c954c7b0e8d88fac91556be3bf0_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:86b5406c483065ae2085721e6069f36767d6dc512d8f885ac02660955fb5fbed_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b55b09211c8e5857060baca392be5534a3707d0a876ceb76939908b271163cc0_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:09d04d86a4e646d6e45e57893d383432fa966ac536e460ff6fdd375c939d96ca_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5f070c96656b4e01a691caa916dcf81fb34c153d192d26acec7c08cc7f9d6fda_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7dd97c5e5b1c3502c52352decbe48b0f0998e59604da618dbb2689f8a9a86cf1_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:cdf3a7e2f5e76c59d9b3228daeabce86478693f7311ff44db0b0bbe41d9cc310_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4d0c6c49b2c660d5ed04273cfcd5e01444c7c479432c374ecbcb4b99334b2ac9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4e512e8195d93a887d411bf23da9602cdbfb46a0aa9b15292f500cf2eda284e6_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4f581fd9388ba9256a34b85296a8f3728826804bd9f59fe0f8832d91c3ecc8ae_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:c0bb751d102763412fc936fb3b69a45e477bc2c0aa71b5f6fa5c0f69a94d8767_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:099a9a6e6ecc221ce47fe8da358fb90caf1de22cc90353adbd2f4073e3a8c962_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:221bf107c93e183a093dc13a41d2e2d907e97c1a74242bf7bfefae2c1436f02c_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:6c6842b5ba5d85e3d9990ae73754499863ed648c9b7efa9c75ab7936093d6c06_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:df0b0c0364bbe30220bd92c24ba41c54d4b871503e6b4ccdc8b7991031830637_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0ab18d9cc3d927e162c25e895bb5d55a970b5906f83c95f0759b659a2a2d45c2_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:563b8f4b130657936b077139d86d648e6c65d68cf51bbcf09f3f2790db23cfd8_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:911f2c0b5159f6c13c6f4dc958ac66e987cab2b091f55e75b998d95cc1ae3e72_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:f4d5e0ab476f92e9985e86c0a6200f82e60972df12976c2ca64ff596c8e84bd0_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:7672a4b3475e71674897eb4c2d47c84bd7151ff71716d19dd29d8e140bc7b2ec_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:823118b612b0bfc3c10d1ad07d65236a8e21d703e64a09c5bdc9377fc0e7cf47_arm64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:8355c8f725d3713be992545bc8396582be6d792bec620b95bc5cd5475436a903_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f280ea9888acab2a2aee6fece6a99257b6b0a2093a042b958382684d1f590334_amd64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:4f73fc9525b461cb31c7f76a776b3ba6d586de87e763f3dace8edea1031d2dd8_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:677746a7132573b2b40658fad4801cbe3d0381079f2d6cd7ee508318d75e6ad0_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a312eee18c620e4b7c19258d2619b732a4fdf48320a04d8e216a018b99e046d7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:fcbba8962e1f5fa864c073f86467468d732a6edc9fc78cbeb6050a35beced88e_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:407b37dd42635c1d11de7cca69e620c140416a401c1a608d5e8f06a18ff51374_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:49542fec00ff65d1d4d27849c67468fb5d0b1314f7a9010d67c0dbbf55c1306b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:7d8a4815dee1f4e109876d47184b669e81dc22421b602f2beef48588f414743e_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:81b661df0703a3d7cddfce3be55b12aa297164177990b263f4b584bf9de948c7_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:0172d2aefc611c66c1ceac5acbe771b0109944024ccaa1534a992c154cc70186_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:293ef0eb34e035a972f5a45b87970cecc7942c6bee6da68c4d1f3ba2bd1e92d4_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:6327e0c83d4f21f33053bdc92a8091cfd7a53f272f57f3fa8e045611229f98ba_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:dbbcfdcdd4b7dca0363140675ccbf5a7e17cf6671e9c7d0858309eaa9e3e35bb_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:28a794322e00582e5d74c3a7e0934735652d09ae83ac59f925434a8e2f32ca81_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:7bbef82965d81bd768d915a1bcc220c7fb21c321e2ffb861eb628c81eeb8e000_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:abf18be2515f0e0bdf54c29e96c517043e23a248b84b72a7c77fb6627535435a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:c0341aec6013018cc7f97d4a9ac1ea4537a7fee8dbe473958ceab0f67e8bc502_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:084b7af79fce2ccd8e9291054e727cd536b2e8d0392d6fae41070acc640dda7d_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:392e140789a39e10526de2cae19316759ff36c954c7b0e8d88fac91556be3bf0_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:86b5406c483065ae2085721e6069f36767d6dc512d8f885ac02660955fb5fbed_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b55b09211c8e5857060baca392be5534a3707d0a876ceb76939908b271163cc0_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:09d04d86a4e646d6e45e57893d383432fa966ac536e460ff6fdd375c939d96ca_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5f070c96656b4e01a691caa916dcf81fb34c153d192d26acec7c08cc7f9d6fda_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7dd97c5e5b1c3502c52352decbe48b0f0998e59604da618dbb2689f8a9a86cf1_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:cdf3a7e2f5e76c59d9b3228daeabce86478693f7311ff44db0b0bbe41d9cc310_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4d0c6c49b2c660d5ed04273cfcd5e01444c7c479432c374ecbcb4b99334b2ac9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4e512e8195d93a887d411bf23da9602cdbfb46a0aa9b15292f500cf2eda284e6_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4f581fd9388ba9256a34b85296a8f3728826804bd9f59fe0f8832d91c3ecc8ae_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:c0bb751d102763412fc936fb3b69a45e477bc2c0aa71b5f6fa5c0f69a94d8767_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:099a9a6e6ecc221ce47fe8da358fb90caf1de22cc90353adbd2f4073e3a8c962_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:221bf107c93e183a093dc13a41d2e2d907e97c1a74242bf7bfefae2c1436f02c_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:6c6842b5ba5d85e3d9990ae73754499863ed648c9b7efa9c75ab7936093d6c06_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:df0b0c0364bbe30220bd92c24ba41c54d4b871503e6b4ccdc8b7991031830637_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0ab18d9cc3d927e162c25e895bb5d55a970b5906f83c95f0759b659a2a2d45c2_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:563b8f4b130657936b077139d86d648e6c65d68cf51bbcf09f3f2790db23cfd8_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:911f2c0b5159f6c13c6f4dc958ac66e987cab2b091f55e75b998d95cc1ae3e72_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:f4d5e0ab476f92e9985e86c0a6200f82e60972df12976c2ca64ff596c8e84bd0_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:7672a4b3475e71674897eb4c2d47c84bd7151ff71716d19dd29d8e140bc7b2ec_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:823118b612b0bfc3c10d1ad07d65236a8e21d703e64a09c5bdc9377fc0e7cf47_arm64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:8355c8f725d3713be992545bc8396582be6d792bec620b95bc5cd5475436a903_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f280ea9888acab2a2aee6fece6a99257b6b0a2093a042b958382684d1f590334_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "moby: cert signing bypass" }, { "cve": "CVE-2024-22189", "cwe": { "id": "CWE-770", "name": "Allocation of Resources Without Limits or Throttling" }, "discovery_date": "2024-04-04T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2273513" } ], "notes": [ { "category": "description", "text": "A flaw was found in quic-go. This issue may allow an attacker to trigger a denial of service by sending a large number of NEW_CONNECTION_ID frames that retire old connection IDs. The receiver is supposed to respond to each retirement frame with a RETIRE_CONNECTION_ID frame, but the attacker can prevent the receiver from sending out the vast majority of these RETIRE_CONNECTION_ID frames by selectively acknowledging received packets and collapsing the peers congestion window and by manipulating the peer\u0027s RTT estimate.", "title": "Vulnerability description" }, { "category": "summary", "text": "quic-go: memory exhaustion attack against QUIC\u0027s connection ID mechanism", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:4f73fc9525b461cb31c7f76a776b3ba6d586de87e763f3dace8edea1031d2dd8_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:677746a7132573b2b40658fad4801cbe3d0381079f2d6cd7ee508318d75e6ad0_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a312eee18c620e4b7c19258d2619b732a4fdf48320a04d8e216a018b99e046d7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:fcbba8962e1f5fa864c073f86467468d732a6edc9fc78cbeb6050a35beced88e_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:407b37dd42635c1d11de7cca69e620c140416a401c1a608d5e8f06a18ff51374_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:49542fec00ff65d1d4d27849c67468fb5d0b1314f7a9010d67c0dbbf55c1306b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:7d8a4815dee1f4e109876d47184b669e81dc22421b602f2beef48588f414743e_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:81b661df0703a3d7cddfce3be55b12aa297164177990b263f4b584bf9de948c7_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:0172d2aefc611c66c1ceac5acbe771b0109944024ccaa1534a992c154cc70186_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:293ef0eb34e035a972f5a45b87970cecc7942c6bee6da68c4d1f3ba2bd1e92d4_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:6327e0c83d4f21f33053bdc92a8091cfd7a53f272f57f3fa8e045611229f98ba_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:dbbcfdcdd4b7dca0363140675ccbf5a7e17cf6671e9c7d0858309eaa9e3e35bb_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:28a794322e00582e5d74c3a7e0934735652d09ae83ac59f925434a8e2f32ca81_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:7bbef82965d81bd768d915a1bcc220c7fb21c321e2ffb861eb628c81eeb8e000_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:abf18be2515f0e0bdf54c29e96c517043e23a248b84b72a7c77fb6627535435a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:c0341aec6013018cc7f97d4a9ac1ea4537a7fee8dbe473958ceab0f67e8bc502_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:084b7af79fce2ccd8e9291054e727cd536b2e8d0392d6fae41070acc640dda7d_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:392e140789a39e10526de2cae19316759ff36c954c7b0e8d88fac91556be3bf0_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:86b5406c483065ae2085721e6069f36767d6dc512d8f885ac02660955fb5fbed_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b55b09211c8e5857060baca392be5534a3707d0a876ceb76939908b271163cc0_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:09d04d86a4e646d6e45e57893d383432fa966ac536e460ff6fdd375c939d96ca_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5f070c96656b4e01a691caa916dcf81fb34c153d192d26acec7c08cc7f9d6fda_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7dd97c5e5b1c3502c52352decbe48b0f0998e59604da618dbb2689f8a9a86cf1_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:cdf3a7e2f5e76c59d9b3228daeabce86478693f7311ff44db0b0bbe41d9cc310_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4d0c6c49b2c660d5ed04273cfcd5e01444c7c479432c374ecbcb4b99334b2ac9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4e512e8195d93a887d411bf23da9602cdbfb46a0aa9b15292f500cf2eda284e6_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4f581fd9388ba9256a34b85296a8f3728826804bd9f59fe0f8832d91c3ecc8ae_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:c0bb751d102763412fc936fb3b69a45e477bc2c0aa71b5f6fa5c0f69a94d8767_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:099a9a6e6ecc221ce47fe8da358fb90caf1de22cc90353adbd2f4073e3a8c962_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:221bf107c93e183a093dc13a41d2e2d907e97c1a74242bf7bfefae2c1436f02c_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:6c6842b5ba5d85e3d9990ae73754499863ed648c9b7efa9c75ab7936093d6c06_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:df0b0c0364bbe30220bd92c24ba41c54d4b871503e6b4ccdc8b7991031830637_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0ab18d9cc3d927e162c25e895bb5d55a970b5906f83c95f0759b659a2a2d45c2_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:563b8f4b130657936b077139d86d648e6c65d68cf51bbcf09f3f2790db23cfd8_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:911f2c0b5159f6c13c6f4dc958ac66e987cab2b091f55e75b998d95cc1ae3e72_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:f4d5e0ab476f92e9985e86c0a6200f82e60972df12976c2ca64ff596c8e84bd0_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:7672a4b3475e71674897eb4c2d47c84bd7151ff71716d19dd29d8e140bc7b2ec_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:823118b612b0bfc3c10d1ad07d65236a8e21d703e64a09c5bdc9377fc0e7cf47_arm64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:8355c8f725d3713be992545bc8396582be6d792bec620b95bc5cd5475436a903_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f280ea9888acab2a2aee6fece6a99257b6b0a2093a042b958382684d1f590334_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-22189" }, { "category": "external", "summary": "RHBZ#2273513", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2273513" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-22189", "url": "https://www.cve.org/CVERecord?id=CVE-2024-22189" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-22189", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-22189" }, { "category": "external", "summary": "https://github.com/quic-go/quic-go/commit/4a99b816ae3ab03ae5449d15aac45147c85ed47a", "url": "https://github.com/quic-go/quic-go/commit/4a99b816ae3ab03ae5449d15aac45147c85ed47a" }, { "category": "external", "summary": "https://github.com/quic-go/quic-go/security/advisories/GHSA-c33x-xqrf-c478", "url": "https://github.com/quic-go/quic-go/security/advisories/GHSA-c33x-xqrf-c478" }, { "category": "external", "summary": "https://seemann.io/posts/2024-03-19-exploiting-quics-connection-id-management", "url": "https://seemann.io/posts/2024-03-19-exploiting-quics-connection-id-management" } ], "release_date": "2024-04-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-08-07T15:39:25+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:4f73fc9525b461cb31c7f76a776b3ba6d586de87e763f3dace8edea1031d2dd8_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:677746a7132573b2b40658fad4801cbe3d0381079f2d6cd7ee508318d75e6ad0_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a312eee18c620e4b7c19258d2619b732a4fdf48320a04d8e216a018b99e046d7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:fcbba8962e1f5fa864c073f86467468d732a6edc9fc78cbeb6050a35beced88e_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:407b37dd42635c1d11de7cca69e620c140416a401c1a608d5e8f06a18ff51374_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:49542fec00ff65d1d4d27849c67468fb5d0b1314f7a9010d67c0dbbf55c1306b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:7d8a4815dee1f4e109876d47184b669e81dc22421b602f2beef48588f414743e_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:81b661df0703a3d7cddfce3be55b12aa297164177990b263f4b584bf9de948c7_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:0172d2aefc611c66c1ceac5acbe771b0109944024ccaa1534a992c154cc70186_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:293ef0eb34e035a972f5a45b87970cecc7942c6bee6da68c4d1f3ba2bd1e92d4_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:6327e0c83d4f21f33053bdc92a8091cfd7a53f272f57f3fa8e045611229f98ba_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:dbbcfdcdd4b7dca0363140675ccbf5a7e17cf6671e9c7d0858309eaa9e3e35bb_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:28a794322e00582e5d74c3a7e0934735652d09ae83ac59f925434a8e2f32ca81_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:7bbef82965d81bd768d915a1bcc220c7fb21c321e2ffb861eb628c81eeb8e000_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:abf18be2515f0e0bdf54c29e96c517043e23a248b84b72a7c77fb6627535435a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:c0341aec6013018cc7f97d4a9ac1ea4537a7fee8dbe473958ceab0f67e8bc502_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:084b7af79fce2ccd8e9291054e727cd536b2e8d0392d6fae41070acc640dda7d_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:392e140789a39e10526de2cae19316759ff36c954c7b0e8d88fac91556be3bf0_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:86b5406c483065ae2085721e6069f36767d6dc512d8f885ac02660955fb5fbed_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b55b09211c8e5857060baca392be5534a3707d0a876ceb76939908b271163cc0_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:09d04d86a4e646d6e45e57893d383432fa966ac536e460ff6fdd375c939d96ca_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5f070c96656b4e01a691caa916dcf81fb34c153d192d26acec7c08cc7f9d6fda_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7dd97c5e5b1c3502c52352decbe48b0f0998e59604da618dbb2689f8a9a86cf1_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:cdf3a7e2f5e76c59d9b3228daeabce86478693f7311ff44db0b0bbe41d9cc310_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4d0c6c49b2c660d5ed04273cfcd5e01444c7c479432c374ecbcb4b99334b2ac9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4e512e8195d93a887d411bf23da9602cdbfb46a0aa9b15292f500cf2eda284e6_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4f581fd9388ba9256a34b85296a8f3728826804bd9f59fe0f8832d91c3ecc8ae_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:c0bb751d102763412fc936fb3b69a45e477bc2c0aa71b5f6fa5c0f69a94d8767_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:099a9a6e6ecc221ce47fe8da358fb90caf1de22cc90353adbd2f4073e3a8c962_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:221bf107c93e183a093dc13a41d2e2d907e97c1a74242bf7bfefae2c1436f02c_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:6c6842b5ba5d85e3d9990ae73754499863ed648c9b7efa9c75ab7936093d6c06_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:df0b0c0364bbe30220bd92c24ba41c54d4b871503e6b4ccdc8b7991031830637_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0ab18d9cc3d927e162c25e895bb5d55a970b5906f83c95f0759b659a2a2d45c2_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:563b8f4b130657936b077139d86d648e6c65d68cf51bbcf09f3f2790db23cfd8_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:911f2c0b5159f6c13c6f4dc958ac66e987cab2b091f55e75b998d95cc1ae3e72_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:f4d5e0ab476f92e9985e86c0a6200f82e60972df12976c2ca64ff596c8e84bd0_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:7672a4b3475e71674897eb4c2d47c84bd7151ff71716d19dd29d8e140bc7b2ec_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:823118b612b0bfc3c10d1ad07d65236a8e21d703e64a09c5bdc9377fc0e7cf47_arm64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:8355c8f725d3713be992545bc8396582be6d792bec620b95bc5cd5475436a903_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f280ea9888acab2a2aee6fece6a99257b6b0a2093a042b958382684d1f590334_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5094" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:4f73fc9525b461cb31c7f76a776b3ba6d586de87e763f3dace8edea1031d2dd8_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:677746a7132573b2b40658fad4801cbe3d0381079f2d6cd7ee508318d75e6ad0_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a312eee18c620e4b7c19258d2619b732a4fdf48320a04d8e216a018b99e046d7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:fcbba8962e1f5fa864c073f86467468d732a6edc9fc78cbeb6050a35beced88e_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:407b37dd42635c1d11de7cca69e620c140416a401c1a608d5e8f06a18ff51374_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:49542fec00ff65d1d4d27849c67468fb5d0b1314f7a9010d67c0dbbf55c1306b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:7d8a4815dee1f4e109876d47184b669e81dc22421b602f2beef48588f414743e_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:81b661df0703a3d7cddfce3be55b12aa297164177990b263f4b584bf9de948c7_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:0172d2aefc611c66c1ceac5acbe771b0109944024ccaa1534a992c154cc70186_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:293ef0eb34e035a972f5a45b87970cecc7942c6bee6da68c4d1f3ba2bd1e92d4_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:6327e0c83d4f21f33053bdc92a8091cfd7a53f272f57f3fa8e045611229f98ba_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:dbbcfdcdd4b7dca0363140675ccbf5a7e17cf6671e9c7d0858309eaa9e3e35bb_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:28a794322e00582e5d74c3a7e0934735652d09ae83ac59f925434a8e2f32ca81_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:7bbef82965d81bd768d915a1bcc220c7fb21c321e2ffb861eb628c81eeb8e000_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:abf18be2515f0e0bdf54c29e96c517043e23a248b84b72a7c77fb6627535435a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:c0341aec6013018cc7f97d4a9ac1ea4537a7fee8dbe473958ceab0f67e8bc502_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:084b7af79fce2ccd8e9291054e727cd536b2e8d0392d6fae41070acc640dda7d_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:392e140789a39e10526de2cae19316759ff36c954c7b0e8d88fac91556be3bf0_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:86b5406c483065ae2085721e6069f36767d6dc512d8f885ac02660955fb5fbed_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b55b09211c8e5857060baca392be5534a3707d0a876ceb76939908b271163cc0_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:09d04d86a4e646d6e45e57893d383432fa966ac536e460ff6fdd375c939d96ca_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5f070c96656b4e01a691caa916dcf81fb34c153d192d26acec7c08cc7f9d6fda_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7dd97c5e5b1c3502c52352decbe48b0f0998e59604da618dbb2689f8a9a86cf1_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:cdf3a7e2f5e76c59d9b3228daeabce86478693f7311ff44db0b0bbe41d9cc310_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4d0c6c49b2c660d5ed04273cfcd5e01444c7c479432c374ecbcb4b99334b2ac9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4e512e8195d93a887d411bf23da9602cdbfb46a0aa9b15292f500cf2eda284e6_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4f581fd9388ba9256a34b85296a8f3728826804bd9f59fe0f8832d91c3ecc8ae_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:c0bb751d102763412fc936fb3b69a45e477bc2c0aa71b5f6fa5c0f69a94d8767_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:099a9a6e6ecc221ce47fe8da358fb90caf1de22cc90353adbd2f4073e3a8c962_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:221bf107c93e183a093dc13a41d2e2d907e97c1a74242bf7bfefae2c1436f02c_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:6c6842b5ba5d85e3d9990ae73754499863ed648c9b7efa9c75ab7936093d6c06_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:df0b0c0364bbe30220bd92c24ba41c54d4b871503e6b4ccdc8b7991031830637_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0ab18d9cc3d927e162c25e895bb5d55a970b5906f83c95f0759b659a2a2d45c2_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:563b8f4b130657936b077139d86d648e6c65d68cf51bbcf09f3f2790db23cfd8_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:911f2c0b5159f6c13c6f4dc958ac66e987cab2b091f55e75b998d95cc1ae3e72_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:f4d5e0ab476f92e9985e86c0a6200f82e60972df12976c2ca64ff596c8e84bd0_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:7672a4b3475e71674897eb4c2d47c84bd7151ff71716d19dd29d8e140bc7b2ec_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:823118b612b0bfc3c10d1ad07d65236a8e21d703e64a09c5bdc9377fc0e7cf47_arm64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:8355c8f725d3713be992545bc8396582be6d792bec620b95bc5cd5475436a903_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f280ea9888acab2a2aee6fece6a99257b6b0a2093a042b958382684d1f590334_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "quic-go: memory exhaustion attack against QUIC\u0027s connection ID mechanism" }, { "cve": "CVE-2024-24789", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "discovery_date": "2024-06-17T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2292668" } ], "notes": [ { "category": "description", "text": "A flaw was found in Golang. The ZIP implementation of the Go language archive/zip library behaves differently than the rest of the ZIP file format implementations. When handling ZIP files with a corrupted central directory record, the library skips over the invalid record and processes the next valid one. This flaw allows a malicious user to access hidden information or files inside maliciously crafted ZIP files.", "title": "Vulnerability description" }, { "category": "summary", "text": "golang: archive/zip: Incorrect handling of certain ZIP files", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:4f73fc9525b461cb31c7f76a776b3ba6d586de87e763f3dace8edea1031d2dd8_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:677746a7132573b2b40658fad4801cbe3d0381079f2d6cd7ee508318d75e6ad0_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a312eee18c620e4b7c19258d2619b732a4fdf48320a04d8e216a018b99e046d7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:fcbba8962e1f5fa864c073f86467468d732a6edc9fc78cbeb6050a35beced88e_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:407b37dd42635c1d11de7cca69e620c140416a401c1a608d5e8f06a18ff51374_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:49542fec00ff65d1d4d27849c67468fb5d0b1314f7a9010d67c0dbbf55c1306b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:7d8a4815dee1f4e109876d47184b669e81dc22421b602f2beef48588f414743e_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:81b661df0703a3d7cddfce3be55b12aa297164177990b263f4b584bf9de948c7_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:0172d2aefc611c66c1ceac5acbe771b0109944024ccaa1534a992c154cc70186_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:293ef0eb34e035a972f5a45b87970cecc7942c6bee6da68c4d1f3ba2bd1e92d4_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:6327e0c83d4f21f33053bdc92a8091cfd7a53f272f57f3fa8e045611229f98ba_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:dbbcfdcdd4b7dca0363140675ccbf5a7e17cf6671e9c7d0858309eaa9e3e35bb_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:28a794322e00582e5d74c3a7e0934735652d09ae83ac59f925434a8e2f32ca81_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:7bbef82965d81bd768d915a1bcc220c7fb21c321e2ffb861eb628c81eeb8e000_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:abf18be2515f0e0bdf54c29e96c517043e23a248b84b72a7c77fb6627535435a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:c0341aec6013018cc7f97d4a9ac1ea4537a7fee8dbe473958ceab0f67e8bc502_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:084b7af79fce2ccd8e9291054e727cd536b2e8d0392d6fae41070acc640dda7d_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:392e140789a39e10526de2cae19316759ff36c954c7b0e8d88fac91556be3bf0_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:86b5406c483065ae2085721e6069f36767d6dc512d8f885ac02660955fb5fbed_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b55b09211c8e5857060baca392be5534a3707d0a876ceb76939908b271163cc0_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:09d04d86a4e646d6e45e57893d383432fa966ac536e460ff6fdd375c939d96ca_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5f070c96656b4e01a691caa916dcf81fb34c153d192d26acec7c08cc7f9d6fda_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7dd97c5e5b1c3502c52352decbe48b0f0998e59604da618dbb2689f8a9a86cf1_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:cdf3a7e2f5e76c59d9b3228daeabce86478693f7311ff44db0b0bbe41d9cc310_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4d0c6c49b2c660d5ed04273cfcd5e01444c7c479432c374ecbcb4b99334b2ac9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4e512e8195d93a887d411bf23da9602cdbfb46a0aa9b15292f500cf2eda284e6_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4f581fd9388ba9256a34b85296a8f3728826804bd9f59fe0f8832d91c3ecc8ae_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:c0bb751d102763412fc936fb3b69a45e477bc2c0aa71b5f6fa5c0f69a94d8767_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:099a9a6e6ecc221ce47fe8da358fb90caf1de22cc90353adbd2f4073e3a8c962_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:221bf107c93e183a093dc13a41d2e2d907e97c1a74242bf7bfefae2c1436f02c_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:6c6842b5ba5d85e3d9990ae73754499863ed648c9b7efa9c75ab7936093d6c06_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:df0b0c0364bbe30220bd92c24ba41c54d4b871503e6b4ccdc8b7991031830637_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0ab18d9cc3d927e162c25e895bb5d55a970b5906f83c95f0759b659a2a2d45c2_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:563b8f4b130657936b077139d86d648e6c65d68cf51bbcf09f3f2790db23cfd8_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:911f2c0b5159f6c13c6f4dc958ac66e987cab2b091f55e75b998d95cc1ae3e72_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:f4d5e0ab476f92e9985e86c0a6200f82e60972df12976c2ca64ff596c8e84bd0_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:7672a4b3475e71674897eb4c2d47c84bd7151ff71716d19dd29d8e140bc7b2ec_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:823118b612b0bfc3c10d1ad07d65236a8e21d703e64a09c5bdc9377fc0e7cf47_arm64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:8355c8f725d3713be992545bc8396582be6d792bec620b95bc5cd5475436a903_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f280ea9888acab2a2aee6fece6a99257b6b0a2093a042b958382684d1f590334_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-24789" }, { "category": "external", "summary": "RHBZ#2292668", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292668" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-24789", "url": "https://www.cve.org/CVERecord?id=CVE-2024-24789" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-24789", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-24789" } ], "release_date": "2024-06-04T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-08-07T15:39:25+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:4f73fc9525b461cb31c7f76a776b3ba6d586de87e763f3dace8edea1031d2dd8_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:677746a7132573b2b40658fad4801cbe3d0381079f2d6cd7ee508318d75e6ad0_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a312eee18c620e4b7c19258d2619b732a4fdf48320a04d8e216a018b99e046d7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:fcbba8962e1f5fa864c073f86467468d732a6edc9fc78cbeb6050a35beced88e_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:407b37dd42635c1d11de7cca69e620c140416a401c1a608d5e8f06a18ff51374_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:49542fec00ff65d1d4d27849c67468fb5d0b1314f7a9010d67c0dbbf55c1306b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:7d8a4815dee1f4e109876d47184b669e81dc22421b602f2beef48588f414743e_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:81b661df0703a3d7cddfce3be55b12aa297164177990b263f4b584bf9de948c7_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:0172d2aefc611c66c1ceac5acbe771b0109944024ccaa1534a992c154cc70186_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:293ef0eb34e035a972f5a45b87970cecc7942c6bee6da68c4d1f3ba2bd1e92d4_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:6327e0c83d4f21f33053bdc92a8091cfd7a53f272f57f3fa8e045611229f98ba_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:dbbcfdcdd4b7dca0363140675ccbf5a7e17cf6671e9c7d0858309eaa9e3e35bb_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:28a794322e00582e5d74c3a7e0934735652d09ae83ac59f925434a8e2f32ca81_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:7bbef82965d81bd768d915a1bcc220c7fb21c321e2ffb861eb628c81eeb8e000_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:abf18be2515f0e0bdf54c29e96c517043e23a248b84b72a7c77fb6627535435a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:c0341aec6013018cc7f97d4a9ac1ea4537a7fee8dbe473958ceab0f67e8bc502_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:084b7af79fce2ccd8e9291054e727cd536b2e8d0392d6fae41070acc640dda7d_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:392e140789a39e10526de2cae19316759ff36c954c7b0e8d88fac91556be3bf0_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:86b5406c483065ae2085721e6069f36767d6dc512d8f885ac02660955fb5fbed_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b55b09211c8e5857060baca392be5534a3707d0a876ceb76939908b271163cc0_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:09d04d86a4e646d6e45e57893d383432fa966ac536e460ff6fdd375c939d96ca_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5f070c96656b4e01a691caa916dcf81fb34c153d192d26acec7c08cc7f9d6fda_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7dd97c5e5b1c3502c52352decbe48b0f0998e59604da618dbb2689f8a9a86cf1_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:cdf3a7e2f5e76c59d9b3228daeabce86478693f7311ff44db0b0bbe41d9cc310_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4d0c6c49b2c660d5ed04273cfcd5e01444c7c479432c374ecbcb4b99334b2ac9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4e512e8195d93a887d411bf23da9602cdbfb46a0aa9b15292f500cf2eda284e6_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4f581fd9388ba9256a34b85296a8f3728826804bd9f59fe0f8832d91c3ecc8ae_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:c0bb751d102763412fc936fb3b69a45e477bc2c0aa71b5f6fa5c0f69a94d8767_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:099a9a6e6ecc221ce47fe8da358fb90caf1de22cc90353adbd2f4073e3a8c962_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:221bf107c93e183a093dc13a41d2e2d907e97c1a74242bf7bfefae2c1436f02c_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:6c6842b5ba5d85e3d9990ae73754499863ed648c9b7efa9c75ab7936093d6c06_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:df0b0c0364bbe30220bd92c24ba41c54d4b871503e6b4ccdc8b7991031830637_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0ab18d9cc3d927e162c25e895bb5d55a970b5906f83c95f0759b659a2a2d45c2_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:563b8f4b130657936b077139d86d648e6c65d68cf51bbcf09f3f2790db23cfd8_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:911f2c0b5159f6c13c6f4dc958ac66e987cab2b091f55e75b998d95cc1ae3e72_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:f4d5e0ab476f92e9985e86c0a6200f82e60972df12976c2ca64ff596c8e84bd0_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:7672a4b3475e71674897eb4c2d47c84bd7151ff71716d19dd29d8e140bc7b2ec_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:823118b612b0bfc3c10d1ad07d65236a8e21d703e64a09c5bdc9377fc0e7cf47_arm64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:8355c8f725d3713be992545bc8396582be6d792bec620b95bc5cd5475436a903_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f280ea9888acab2a2aee6fece6a99257b6b0a2093a042b958382684d1f590334_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5094" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:4f73fc9525b461cb31c7f76a776b3ba6d586de87e763f3dace8edea1031d2dd8_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:677746a7132573b2b40658fad4801cbe3d0381079f2d6cd7ee508318d75e6ad0_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a312eee18c620e4b7c19258d2619b732a4fdf48320a04d8e216a018b99e046d7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:fcbba8962e1f5fa864c073f86467468d732a6edc9fc78cbeb6050a35beced88e_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:407b37dd42635c1d11de7cca69e620c140416a401c1a608d5e8f06a18ff51374_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:49542fec00ff65d1d4d27849c67468fb5d0b1314f7a9010d67c0dbbf55c1306b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:7d8a4815dee1f4e109876d47184b669e81dc22421b602f2beef48588f414743e_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:81b661df0703a3d7cddfce3be55b12aa297164177990b263f4b584bf9de948c7_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:0172d2aefc611c66c1ceac5acbe771b0109944024ccaa1534a992c154cc70186_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:293ef0eb34e035a972f5a45b87970cecc7942c6bee6da68c4d1f3ba2bd1e92d4_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:6327e0c83d4f21f33053bdc92a8091cfd7a53f272f57f3fa8e045611229f98ba_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:dbbcfdcdd4b7dca0363140675ccbf5a7e17cf6671e9c7d0858309eaa9e3e35bb_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:28a794322e00582e5d74c3a7e0934735652d09ae83ac59f925434a8e2f32ca81_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:7bbef82965d81bd768d915a1bcc220c7fb21c321e2ffb861eb628c81eeb8e000_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:abf18be2515f0e0bdf54c29e96c517043e23a248b84b72a7c77fb6627535435a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:c0341aec6013018cc7f97d4a9ac1ea4537a7fee8dbe473958ceab0f67e8bc502_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:084b7af79fce2ccd8e9291054e727cd536b2e8d0392d6fae41070acc640dda7d_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:392e140789a39e10526de2cae19316759ff36c954c7b0e8d88fac91556be3bf0_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:86b5406c483065ae2085721e6069f36767d6dc512d8f885ac02660955fb5fbed_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b55b09211c8e5857060baca392be5534a3707d0a876ceb76939908b271163cc0_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:09d04d86a4e646d6e45e57893d383432fa966ac536e460ff6fdd375c939d96ca_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5f070c96656b4e01a691caa916dcf81fb34c153d192d26acec7c08cc7f9d6fda_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7dd97c5e5b1c3502c52352decbe48b0f0998e59604da618dbb2689f8a9a86cf1_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:cdf3a7e2f5e76c59d9b3228daeabce86478693f7311ff44db0b0bbe41d9cc310_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4d0c6c49b2c660d5ed04273cfcd5e01444c7c479432c374ecbcb4b99334b2ac9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4e512e8195d93a887d411bf23da9602cdbfb46a0aa9b15292f500cf2eda284e6_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4f581fd9388ba9256a34b85296a8f3728826804bd9f59fe0f8832d91c3ecc8ae_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:c0bb751d102763412fc936fb3b69a45e477bc2c0aa71b5f6fa5c0f69a94d8767_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:099a9a6e6ecc221ce47fe8da358fb90caf1de22cc90353adbd2f4073e3a8c962_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:221bf107c93e183a093dc13a41d2e2d907e97c1a74242bf7bfefae2c1436f02c_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:6c6842b5ba5d85e3d9990ae73754499863ed648c9b7efa9c75ab7936093d6c06_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:df0b0c0364bbe30220bd92c24ba41c54d4b871503e6b4ccdc8b7991031830637_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0ab18d9cc3d927e162c25e895bb5d55a970b5906f83c95f0759b659a2a2d45c2_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:563b8f4b130657936b077139d86d648e6c65d68cf51bbcf09f3f2790db23cfd8_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:911f2c0b5159f6c13c6f4dc958ac66e987cab2b091f55e75b998d95cc1ae3e72_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:f4d5e0ab476f92e9985e86c0a6200f82e60972df12976c2ca64ff596c8e84bd0_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:7672a4b3475e71674897eb4c2d47c84bd7151ff71716d19dd29d8e140bc7b2ec_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:823118b612b0bfc3c10d1ad07d65236a8e21d703e64a09c5bdc9377fc0e7cf47_arm64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:8355c8f725d3713be992545bc8396582be6d792bec620b95bc5cd5475436a903_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f280ea9888acab2a2aee6fece6a99257b6b0a2093a042b958382684d1f590334_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "golang: archive/zip: Incorrect handling of certain ZIP files" }, { "cve": "CVE-2024-28176", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2024-03-10T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "2268820" } ], "notes": [ { "category": "description", "text": "Jose was found to have an uncontrolled resource consumption vulnerability. Under certain conditions, the user\u0027s environment can consume an unreasonable amount of CPU time or memory during JWE decryption operations, leading to a denial of service.", "title": "Vulnerability description" }, { "category": "summary", "text": "jose: resource exhaustion", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:4f73fc9525b461cb31c7f76a776b3ba6d586de87e763f3dace8edea1031d2dd8_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:677746a7132573b2b40658fad4801cbe3d0381079f2d6cd7ee508318d75e6ad0_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a312eee18c620e4b7c19258d2619b732a4fdf48320a04d8e216a018b99e046d7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:fcbba8962e1f5fa864c073f86467468d732a6edc9fc78cbeb6050a35beced88e_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:407b37dd42635c1d11de7cca69e620c140416a401c1a608d5e8f06a18ff51374_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:49542fec00ff65d1d4d27849c67468fb5d0b1314f7a9010d67c0dbbf55c1306b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:7d8a4815dee1f4e109876d47184b669e81dc22421b602f2beef48588f414743e_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:81b661df0703a3d7cddfce3be55b12aa297164177990b263f4b584bf9de948c7_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:0172d2aefc611c66c1ceac5acbe771b0109944024ccaa1534a992c154cc70186_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:293ef0eb34e035a972f5a45b87970cecc7942c6bee6da68c4d1f3ba2bd1e92d4_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:6327e0c83d4f21f33053bdc92a8091cfd7a53f272f57f3fa8e045611229f98ba_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:dbbcfdcdd4b7dca0363140675ccbf5a7e17cf6671e9c7d0858309eaa9e3e35bb_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:28a794322e00582e5d74c3a7e0934735652d09ae83ac59f925434a8e2f32ca81_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:7bbef82965d81bd768d915a1bcc220c7fb21c321e2ffb861eb628c81eeb8e000_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:abf18be2515f0e0bdf54c29e96c517043e23a248b84b72a7c77fb6627535435a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:c0341aec6013018cc7f97d4a9ac1ea4537a7fee8dbe473958ceab0f67e8bc502_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:084b7af79fce2ccd8e9291054e727cd536b2e8d0392d6fae41070acc640dda7d_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:392e140789a39e10526de2cae19316759ff36c954c7b0e8d88fac91556be3bf0_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:86b5406c483065ae2085721e6069f36767d6dc512d8f885ac02660955fb5fbed_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b55b09211c8e5857060baca392be5534a3707d0a876ceb76939908b271163cc0_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:09d04d86a4e646d6e45e57893d383432fa966ac536e460ff6fdd375c939d96ca_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5f070c96656b4e01a691caa916dcf81fb34c153d192d26acec7c08cc7f9d6fda_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7dd97c5e5b1c3502c52352decbe48b0f0998e59604da618dbb2689f8a9a86cf1_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:cdf3a7e2f5e76c59d9b3228daeabce86478693f7311ff44db0b0bbe41d9cc310_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4d0c6c49b2c660d5ed04273cfcd5e01444c7c479432c374ecbcb4b99334b2ac9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4e512e8195d93a887d411bf23da9602cdbfb46a0aa9b15292f500cf2eda284e6_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4f581fd9388ba9256a34b85296a8f3728826804bd9f59fe0f8832d91c3ecc8ae_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:c0bb751d102763412fc936fb3b69a45e477bc2c0aa71b5f6fa5c0f69a94d8767_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:099a9a6e6ecc221ce47fe8da358fb90caf1de22cc90353adbd2f4073e3a8c962_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:221bf107c93e183a093dc13a41d2e2d907e97c1a74242bf7bfefae2c1436f02c_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:6c6842b5ba5d85e3d9990ae73754499863ed648c9b7efa9c75ab7936093d6c06_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:df0b0c0364bbe30220bd92c24ba41c54d4b871503e6b4ccdc8b7991031830637_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0ab18d9cc3d927e162c25e895bb5d55a970b5906f83c95f0759b659a2a2d45c2_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:563b8f4b130657936b077139d86d648e6c65d68cf51bbcf09f3f2790db23cfd8_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:911f2c0b5159f6c13c6f4dc958ac66e987cab2b091f55e75b998d95cc1ae3e72_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:f4d5e0ab476f92e9985e86c0a6200f82e60972df12976c2ca64ff596c8e84bd0_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:7672a4b3475e71674897eb4c2d47c84bd7151ff71716d19dd29d8e140bc7b2ec_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:823118b612b0bfc3c10d1ad07d65236a8e21d703e64a09c5bdc9377fc0e7cf47_arm64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:8355c8f725d3713be992545bc8396582be6d792bec620b95bc5cd5475436a903_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f280ea9888acab2a2aee6fece6a99257b6b0a2093a042b958382684d1f590334_amd64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2024-28176" }, { "category": "external", "summary": "RHBZ#2268820", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268820" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2024-28176", "url": "https://www.cve.org/CVERecord?id=CVE-2024-28176" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-28176", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28176" }, { "category": "external", "summary": "https://github.com/panva/jose/security/advisories/GHSA-hhhv-q57g-882q", "url": "https://github.com/panva/jose/security/advisories/GHSA-hhhv-q57g-882q" } ], "release_date": "2024-03-09T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2024-08-07T15:39:25+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:4f73fc9525b461cb31c7f76a776b3ba6d586de87e763f3dace8edea1031d2dd8_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:677746a7132573b2b40658fad4801cbe3d0381079f2d6cd7ee508318d75e6ad0_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a312eee18c620e4b7c19258d2619b732a4fdf48320a04d8e216a018b99e046d7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:fcbba8962e1f5fa864c073f86467468d732a6edc9fc78cbeb6050a35beced88e_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:407b37dd42635c1d11de7cca69e620c140416a401c1a608d5e8f06a18ff51374_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:49542fec00ff65d1d4d27849c67468fb5d0b1314f7a9010d67c0dbbf55c1306b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:7d8a4815dee1f4e109876d47184b669e81dc22421b602f2beef48588f414743e_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:81b661df0703a3d7cddfce3be55b12aa297164177990b263f4b584bf9de948c7_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:0172d2aefc611c66c1ceac5acbe771b0109944024ccaa1534a992c154cc70186_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:293ef0eb34e035a972f5a45b87970cecc7942c6bee6da68c4d1f3ba2bd1e92d4_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:6327e0c83d4f21f33053bdc92a8091cfd7a53f272f57f3fa8e045611229f98ba_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:dbbcfdcdd4b7dca0363140675ccbf5a7e17cf6671e9c7d0858309eaa9e3e35bb_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:28a794322e00582e5d74c3a7e0934735652d09ae83ac59f925434a8e2f32ca81_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:7bbef82965d81bd768d915a1bcc220c7fb21c321e2ffb861eb628c81eeb8e000_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:abf18be2515f0e0bdf54c29e96c517043e23a248b84b72a7c77fb6627535435a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:c0341aec6013018cc7f97d4a9ac1ea4537a7fee8dbe473958ceab0f67e8bc502_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:084b7af79fce2ccd8e9291054e727cd536b2e8d0392d6fae41070acc640dda7d_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:392e140789a39e10526de2cae19316759ff36c954c7b0e8d88fac91556be3bf0_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:86b5406c483065ae2085721e6069f36767d6dc512d8f885ac02660955fb5fbed_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b55b09211c8e5857060baca392be5534a3707d0a876ceb76939908b271163cc0_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:09d04d86a4e646d6e45e57893d383432fa966ac536e460ff6fdd375c939d96ca_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5f070c96656b4e01a691caa916dcf81fb34c153d192d26acec7c08cc7f9d6fda_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7dd97c5e5b1c3502c52352decbe48b0f0998e59604da618dbb2689f8a9a86cf1_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:cdf3a7e2f5e76c59d9b3228daeabce86478693f7311ff44db0b0bbe41d9cc310_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4d0c6c49b2c660d5ed04273cfcd5e01444c7c479432c374ecbcb4b99334b2ac9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4e512e8195d93a887d411bf23da9602cdbfb46a0aa9b15292f500cf2eda284e6_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4f581fd9388ba9256a34b85296a8f3728826804bd9f59fe0f8832d91c3ecc8ae_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:c0bb751d102763412fc936fb3b69a45e477bc2c0aa71b5f6fa5c0f69a94d8767_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:099a9a6e6ecc221ce47fe8da358fb90caf1de22cc90353adbd2f4073e3a8c962_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:221bf107c93e183a093dc13a41d2e2d907e97c1a74242bf7bfefae2c1436f02c_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:6c6842b5ba5d85e3d9990ae73754499863ed648c9b7efa9c75ab7936093d6c06_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:df0b0c0364bbe30220bd92c24ba41c54d4b871503e6b4ccdc8b7991031830637_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0ab18d9cc3d927e162c25e895bb5d55a970b5906f83c95f0759b659a2a2d45c2_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:563b8f4b130657936b077139d86d648e6c65d68cf51bbcf09f3f2790db23cfd8_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:911f2c0b5159f6c13c6f4dc958ac66e987cab2b091f55e75b998d95cc1ae3e72_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:f4d5e0ab476f92e9985e86c0a6200f82e60972df12976c2ca64ff596c8e84bd0_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:7672a4b3475e71674897eb4c2d47c84bd7151ff71716d19dd29d8e140bc7b2ec_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:823118b612b0bfc3c10d1ad07d65236a8e21d703e64a09c5bdc9377fc0e7cf47_arm64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:8355c8f725d3713be992545bc8396582be6d792bec620b95bc5cd5475436a903_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f280ea9888acab2a2aee6fece6a99257b6b0a2093a042b958382684d1f590334_amd64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2024:5094" }, { "category": "workaround", "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "product_ids": [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:4f73fc9525b461cb31c7f76a776b3ba6d586de87e763f3dace8edea1031d2dd8_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:677746a7132573b2b40658fad4801cbe3d0381079f2d6cd7ee508318d75e6ad0_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a312eee18c620e4b7c19258d2619b732a4fdf48320a04d8e216a018b99e046d7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:fcbba8962e1f5fa864c073f86467468d732a6edc9fc78cbeb6050a35beced88e_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:407b37dd42635c1d11de7cca69e620c140416a401c1a608d5e8f06a18ff51374_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:49542fec00ff65d1d4d27849c67468fb5d0b1314f7a9010d67c0dbbf55c1306b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:7d8a4815dee1f4e109876d47184b669e81dc22421b602f2beef48588f414743e_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:81b661df0703a3d7cddfce3be55b12aa297164177990b263f4b584bf9de948c7_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:0172d2aefc611c66c1ceac5acbe771b0109944024ccaa1534a992c154cc70186_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:293ef0eb34e035a972f5a45b87970cecc7942c6bee6da68c4d1f3ba2bd1e92d4_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:6327e0c83d4f21f33053bdc92a8091cfd7a53f272f57f3fa8e045611229f98ba_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:dbbcfdcdd4b7dca0363140675ccbf5a7e17cf6671e9c7d0858309eaa9e3e35bb_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:28a794322e00582e5d74c3a7e0934735652d09ae83ac59f925434a8e2f32ca81_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:7bbef82965d81bd768d915a1bcc220c7fb21c321e2ffb861eb628c81eeb8e000_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:abf18be2515f0e0bdf54c29e96c517043e23a248b84b72a7c77fb6627535435a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:c0341aec6013018cc7f97d4a9ac1ea4537a7fee8dbe473958ceab0f67e8bc502_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:084b7af79fce2ccd8e9291054e727cd536b2e8d0392d6fae41070acc640dda7d_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:392e140789a39e10526de2cae19316759ff36c954c7b0e8d88fac91556be3bf0_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:86b5406c483065ae2085721e6069f36767d6dc512d8f885ac02660955fb5fbed_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b55b09211c8e5857060baca392be5534a3707d0a876ceb76939908b271163cc0_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:09d04d86a4e646d6e45e57893d383432fa966ac536e460ff6fdd375c939d96ca_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5f070c96656b4e01a691caa916dcf81fb34c153d192d26acec7c08cc7f9d6fda_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7dd97c5e5b1c3502c52352decbe48b0f0998e59604da618dbb2689f8a9a86cf1_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:cdf3a7e2f5e76c59d9b3228daeabce86478693f7311ff44db0b0bbe41d9cc310_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4d0c6c49b2c660d5ed04273cfcd5e01444c7c479432c374ecbcb4b99334b2ac9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4e512e8195d93a887d411bf23da9602cdbfb46a0aa9b15292f500cf2eda284e6_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4f581fd9388ba9256a34b85296a8f3728826804bd9f59fe0f8832d91c3ecc8ae_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:c0bb751d102763412fc936fb3b69a45e477bc2c0aa71b5f6fa5c0f69a94d8767_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:099a9a6e6ecc221ce47fe8da358fb90caf1de22cc90353adbd2f4073e3a8c962_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:221bf107c93e183a093dc13a41d2e2d907e97c1a74242bf7bfefae2c1436f02c_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:6c6842b5ba5d85e3d9990ae73754499863ed648c9b7efa9c75ab7936093d6c06_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:df0b0c0364bbe30220bd92c24ba41c54d4b871503e6b4ccdc8b7991031830637_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0ab18d9cc3d927e162c25e895bb5d55a970b5906f83c95f0759b659a2a2d45c2_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:563b8f4b130657936b077139d86d648e6c65d68cf51bbcf09f3f2790db23cfd8_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:911f2c0b5159f6c13c6f4dc958ac66e987cab2b091f55e75b998d95cc1ae3e72_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:f4d5e0ab476f92e9985e86c0a6200f82e60972df12976c2ca64ff596c8e84bd0_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:7672a4b3475e71674897eb4c2d47c84bd7151ff71716d19dd29d8e140bc7b2ec_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:823118b612b0bfc3c10d1ad07d65236a8e21d703e64a09c5bdc9377fc0e7cf47_arm64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:8355c8f725d3713be992545bc8396582be6d792bec620b95bc5cd5475436a903_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f280ea9888acab2a2aee6fece6a99257b6b0a2093a042b958382684d1f590334_amd64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:4f73fc9525b461cb31c7f76a776b3ba6d586de87e763f3dace8edea1031d2dd8_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:677746a7132573b2b40658fad4801cbe3d0381079f2d6cd7ee508318d75e6ad0_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:a312eee18c620e4b7c19258d2619b732a4fdf48320a04d8e216a018b99e046d7_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/grafana-rhel8@sha256:fcbba8962e1f5fa864c073f86467468d732a6edc9fc78cbeb6050a35beced88e_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:407b37dd42635c1d11de7cca69e620c140416a401c1a608d5e8f06a18ff51374_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:49542fec00ff65d1d4d27849c67468fb5d0b1314f7a9010d67c0dbbf55c1306b_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:7d8a4815dee1f4e109876d47184b669e81dc22421b602f2beef48588f414743e_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-cni-rhel8@sha256:81b661df0703a3d7cddfce3be55b12aa297164177990b263f4b584bf9de948c7_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:0172d2aefc611c66c1ceac5acbe771b0109944024ccaa1534a992c154cc70186_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:293ef0eb34e035a972f5a45b87970cecc7942c6bee6da68c4d1f3ba2bd1e92d4_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:6327e0c83d4f21f33053bdc92a8091cfd7a53f272f57f3fa8e045611229f98ba_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-must-gather-rhel8@sha256:dbbcfdcdd4b7dca0363140675ccbf5a7e17cf6671e9c7d0858309eaa9e3e35bb_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:28a794322e00582e5d74c3a7e0934735652d09ae83ac59f925434a8e2f32ca81_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:7bbef82965d81bd768d915a1bcc220c7fb21c321e2ffb861eb628c81eeb8e000_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:abf18be2515f0e0bdf54c29e96c517043e23a248b84b72a7c77fb6627535435a_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/istio-rhel8-operator@sha256:c0341aec6013018cc7f97d4a9ac1ea4537a7fee8dbe473958ceab0f67e8bc502_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:084b7af79fce2ccd8e9291054e727cd536b2e8d0392d6fae41070acc640dda7d_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:392e140789a39e10526de2cae19316759ff36c954c7b0e8d88fac91556be3bf0_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:86b5406c483065ae2085721e6069f36767d6dc512d8f885ac02660955fb5fbed_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-ossmc-rhel8@sha256:b55b09211c8e5857060baca392be5534a3707d0a876ceb76939908b271163cc0_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:09d04d86a4e646d6e45e57893d383432fa966ac536e460ff6fdd375c939d96ca_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:5f070c96656b4e01a691caa916dcf81fb34c153d192d26acec7c08cc7f9d6fda_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:7dd97c5e5b1c3502c52352decbe48b0f0998e59604da618dbb2689f8a9a86cf1_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8-operator@sha256:cdf3a7e2f5e76c59d9b3228daeabce86478693f7311ff44db0b0bbe41d9cc310_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4d0c6c49b2c660d5ed04273cfcd5e01444c7c479432c374ecbcb4b99334b2ac9_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4e512e8195d93a887d411bf23da9602cdbfb46a0aa9b15292f500cf2eda284e6_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:4f581fd9388ba9256a34b85296a8f3728826804bd9f59fe0f8832d91c3ecc8ae_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/kiali-rhel8@sha256:c0bb751d102763412fc936fb3b69a45e477bc2c0aa71b5f6fa5c0f69a94d8767_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:099a9a6e6ecc221ce47fe8da358fb90caf1de22cc90353adbd2f4073e3a8c962_s390x", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:221bf107c93e183a093dc13a41d2e2d907e97c1a74242bf7bfefae2c1436f02c_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:6c6842b5ba5d85e3d9990ae73754499863ed648c9b7efa9c75ab7936093d6c06_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/pilot-rhel8@sha256:df0b0c0364bbe30220bd92c24ba41c54d4b871503e6b4ccdc8b7991031830637_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:0ab18d9cc3d927e162c25e895bb5d55a970b5906f83c95f0759b659a2a2d45c2_ppc64le", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:563b8f4b130657936b077139d86d648e6c65d68cf51bbcf09f3f2790db23cfd8_amd64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:911f2c0b5159f6c13c6f4dc958ac66e987cab2b091f55e75b998d95cc1ae3e72_arm64", "8Base-RHOSSM-2.6:openshift-service-mesh/ratelimit-rhel8@sha256:f4d5e0ab476f92e9985e86c0a6200f82e60972df12976c2ca64ff596c8e84bd0_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:7672a4b3475e71674897eb4c2d47c84bd7151ff71716d19dd29d8e140bc7b2ec_s390x", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:823118b612b0bfc3c10d1ad07d65236a8e21d703e64a09c5bdc9377fc0e7cf47_arm64", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:8355c8f725d3713be992545bc8396582be6d792bec620b95bc5cd5475436a903_ppc64le", "9Base-RHOSSM-2.6:openshift-service-mesh/proxyv2-rhel9@sha256:f280ea9888acab2a2aee6fece6a99257b6b0a2093a042b958382684d1f590334_amd64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "jose: resource exhaustion" } ] }
ghsa-qrqr-3x5j-2xw9
Vulnerability from github
Published
2024-01-31 23:28
Modified
2024-07-08 15:54
Severity ?
Summary
Docker Authentication Bypass
Details
An issue was discovered in Docker Moby before 17.06.0. The Docker engine validated a client TLS certificate using both the configured client CA root certificate and all system roots on non-Windows systems. This allowed a client with any domain validated certificate signed by a system-trusted root CA (as opposed to one signed by the configured CA root certificate) to authenticate.
{ "affected": [ { "package": { "ecosystem": "Go", "name": "github.com/docker/docker" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "17.06.0-ce" } ], "type": "ECOSYSTEM" } ] } ], "aliases": [ "CVE-2018-12608" ], "database_specific": { "cwe_ids": [ "CWE-288" ], "github_reviewed": true, "github_reviewed_at": "2024-01-31T23:28:22Z", "nvd_published_at": null, "severity": "HIGH" }, "details": "An issue was discovered in Docker Moby before 17.06.0. The Docker engine validated a client TLS certificate using both the configured client CA root certificate and all system roots on non-Windows systems. This allowed a client with any domain validated certificate signed by a system-trusted root CA (as opposed to one signed by the configured CA root certificate) to authenticate.", "id": "GHSA-qrqr-3x5j-2xw9", "modified": "2024-07-08T15:54:29Z", "published": "2024-01-31T23:28:22Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12608" }, { "type": "WEB", "url": "https://github.com/moby/moby/issues/33173" }, { "type": "WEB", "url": "https://github.com/moby/moby/pull/33182" }, { "type": "WEB", "url": "https://github.com/moby/moby/commit/190c6e8cf8b893874a33d83f78307f1bed0bfbcd" }, { "type": "PACKAGE", "url": "https://github.com/moby/moby" } ], "schema_version": "1.4.0", "severity": [ { "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "type": "CVSS_V3" } ], "summary": "Docker Authentication Bypass" }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.